Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702695
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2695-1 (chromium-browser - several issues)
Summary:Several vulnerabilities have been discovered in the Chromium web browser.;Multiple use-after-free, out-of-bounds read, memory safety, and;cross-site scripting issues were discovered and corrected.;;CVE-2013-2837;Use-after-free vulnerability in the SVG implementation allows remote;attackers to cause a denial of service or possibly have unspecified;other impact via unknown vectors.;;Description truncated. Please see the references for more information.
Description:Summary:
Several vulnerabilities have been discovered in the Chromium web browser.
Multiple use-after-free, out-of-bounds read, memory safety, and
cross-site scripting issues were discovered and corrected.

CVE-2013-2837
Use-after-free vulnerability in the SVG implementation allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via unknown vectors.

Description truncated. Please see the references for more information.

Affected Software/OS:
chromium-browser on Debian Linux

Solution:
For the oldstable distribution (squeeze), the security support window
for Chromium has ended. Users of Chromium on oldstable are very highly
encouraged to upgrade to the current stable Debian release (wheezy).
Chromium security support for wheezy will last until the next stable
release (jessie), which is expected to happen sometime in 2015.

For the stable distribution (wheezy), these problems have been fixed in
version 27.0.1453.93-1~
deb7u1.

For the testing distribution (jessie), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 27.0.1453.93-1.

We recommend that you upgrade your chromium-browser packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-2842
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
Debian Security Information: DSA-2695 (Google Search)
http://www.debian.org/security/2013/dsa-2695
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15914
http://secunia.com/advisories/54886
Common Vulnerability Exposure (CVE) ID: CVE-2013-2848
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15849
Common Vulnerability Exposure (CVE) ID: CVE-2013-2847
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16716
Common Vulnerability Exposure (CVE) ID: CVE-2013-2841
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16534
Common Vulnerability Exposure (CVE) ID: CVE-2013-2844
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16624
Common Vulnerability Exposure (CVE) ID: CVE-2013-2840
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16706
Common Vulnerability Exposure (CVE) ID: CVE-2013-2845
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16354
Common Vulnerability Exposure (CVE) ID: CVE-2013-2839
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16760
Common Vulnerability Exposure (CVE) ID: CVE-2013-2849
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16753
Common Vulnerability Exposure (CVE) ID: CVE-2013-2838
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16625
Common Vulnerability Exposure (CVE) ID: CVE-2013-2843
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16547
Common Vulnerability Exposure (CVE) ID: CVE-2013-2837
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16250
Common Vulnerability Exposure (CVE) ID: CVE-2013-2846
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15805
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.