Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702741
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2741-1 (chromium-browser - several vulnerabilities)
Summary:Several vulnerabilities have been discovered in the Chromium web browser.;;CVE-2013-2887;The chrome 29 development team found various issues from internal;fuzzing, audits, and other studies.;;CVE-2013-2900;Krystian Bigaj discovered a file handling path sanitization issue.;;CVE-2013-2901;Alex Chapman discovered an integer overflow issue in ANGLE, the;Almost Native Graphics Layer.;;CVE-2013-2902;cloudfuzzer discovered a use-after-free issue in XSLT.;;CVE-2013-2903;cloudfuzzer discovered a use-after-free issue in HTMLMediaElement.;;CVE-2013-2904;cloudfuzzer discovered a use-after-free issue in XML document;parsing.;;CVE-2013-2905;Christian Jaeger discovered an information leak due to insufficient;file permissions.
Description:Summary:
Several vulnerabilities have been discovered in the Chromium web browser.

CVE-2013-2887
The chrome 29 development team found various issues from internal
fuzzing, audits, and other studies.

CVE-2013-2900
Krystian Bigaj discovered a file handling path sanitization issue.

CVE-2013-2901
Alex Chapman discovered an integer overflow issue in ANGLE, the
Almost Native Graphics Layer.

CVE-2013-2902
cloudfuzzer discovered a use-after-free issue in XSLT.

CVE-2013-2903
cloudfuzzer discovered a use-after-free issue in HTMLMediaElement.

CVE-2013-2904
cloudfuzzer discovered a use-after-free issue in XML document
parsing.

CVE-2013-2905
Christian Jaeger discovered an information leak due to insufficient
file permissions.

Affected Software/OS:
chromium-browser on Debian Linux

Solution:
For the stable distribution (wheezy), these problems have been fixed in
version 29.0.1547.57-1~
deb7u1.

For the testing distribution (jessie), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 29.0.1547.57-1.

We recommend that you upgrade your chromium-browser packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-2901
Debian Security Information: DSA-2741 (Google Search)
http://www.debian.org/security/2013/dsa-2741
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18508
Common Vulnerability Exposure (CVE) ID: CVE-2013-2887
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17741
Common Vulnerability Exposure (CVE) ID: CVE-2013-2902
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18313
Common Vulnerability Exposure (CVE) ID: CVE-2013-2904
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18550
Common Vulnerability Exposure (CVE) ID: CVE-2013-2900
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18381
Common Vulnerability Exposure (CVE) ID: CVE-2013-2905
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17583
Common Vulnerability Exposure (CVE) ID: CVE-2013-2903
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17571
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.