Debian Local Security Checks : Debian: Security Advisory (DSA-3039-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.703039
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-3039-1)
Summary:	The remote host is missing an update for the Debian 'chromium-browser' package(s) announced via the DSA-3039-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'chromium-browser' package(s) announced via the DSA-3039-1 advisory. Vulnerability Insight: Several vulnerabilities were discovered in the chromium web browser. CVE-2014-3160 Christian Schneider discovered a same origin bypass issue in SVG file resource fetching. CVE-2014-3162 The Google Chrome development team addressed multiple issues with potential security impact for chromium 36.0.1985.125. CVE-2014-3165 Colin Payne discovered a use-after-free issue in the Web Sockets implementation. CVE-2014-3166 Antoine Delignat-Lavaud discovered an information leak in the SPDY protocol implementation. CVE-2014-3167 The Google Chrome development team addressed multiple issues with potential security impact for chromium 36.0.1985.143. CVE-2014-3168 cloudfuzzer discovered a use-after-free issue in SVG image file handling. CVE-2014-3169 Andrzej Dyjak discovered a use-after-free issue in the Webkit/Blink Document Object Model implementation. CVE-2014-3170 Rob Wu discovered a way to spoof the url of chromium extensions. CVE-2014-3171 cloudfuzzer discovered a use-after-free issue in chromium's v8 bindings. CVE-2014-3172 Eli Grey discovered a way to bypass access restrictions using chromium's Debugger extension API. CVE-2014-3173 jmuizelaar discovered an uninitialized read issue in WebGL. CVE-2014-3174 Atte Kettunen discovered an uninitialized read issue in Web Audio. CVE-2014-3175 The Google Chrome development team addressed multiple issues with potential security impact for chromium 37.0.2062.94. CVE-2014-3176 lokihardt@asrt discovered a combination of flaws that can lead to remote code execution outside of chromium's sandbox. CVE-2014-3177 lokihardt@asrt discovered a combination of flaws that can lead to remote code execution outside of chromium's sandbox. CVE-2014-3178 miaubiz discovered a use-after-free issue in the Document Object Model implementation in Blink/Webkit. CVE-2014-3179 The Google Chrome development team addressed multiple issues with potential security impact for chromium 37.0.2062.120. For the stable distribution (wheezy), these problems have been fixed in version 37.0.2062.120-1~ deb7u1. For the testing (jessie) and unstable (sid) distributions, these problems have been fixed in version 37.0.2062.120-1. We recommend that you upgrade your chromium-browser packages. Affected Software/OS: 'chromium-browser' package(s) on Debian 7. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3160 BugTraq ID: 68677 http://www.securityfocus.com/bid/68677 Debian Security Information: DSA-3039 (Google Search) http://www.debian.org/security/2014/dsa-3039 http://security.gentoo.org/glsa/glsa-201408-16.xml http://secunia.com/advisories/60061 http://secunia.com/advisories/60372 Common Vulnerability Exposure (CVE) ID: CVE-2014-3162 Common Vulnerability Exposure (CVE) ID: CVE-2014-3165 BugTraq ID: 69201 http://www.securityfocus.com/bid/69201 http://www.securitytracker.com/id/1030732 http://secunia.com/advisories/59904 http://secunia.com/advisories/60798 XForce ISS Database: google-chrome-cve20143165-code-exec(95247) https://exchange.xforce.ibmcloud.com/vulnerabilities/95247 Common Vulnerability Exposure (CVE) ID: CVE-2014-3166 BugTraq ID: 69202 http://www.securityfocus.com/bid/69202 http://www.ietf.org/mail-archive/web/tls/current/msg13345.html http://secunia.com/advisories/59693 http://secunia.com/advisories/60685 Common Vulnerability Exposure (CVE) ID: CVE-2014-3167 BugTraq ID: 69203 http://www.securityfocus.com/bid/69203 XForce ISS Database: google-chrome-cve20143167-unspec(95249) https://exchange.xforce.ibmcloud.com/vulnerabilities/95249 Common Vulnerability Exposure (CVE) ID: CVE-2014-3168 BugTraq ID: 69398 http://www.securityfocus.com/bid/69398 http://www.securitytracker.com/id/1030767 http://secunia.com/advisories/60268 http://secunia.com/advisories/60424 http://secunia.com/advisories/61482 SuSE Security Announcement: openSUSE-SU-2014:1151 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html XForce ISS Database: google-chrome-cve20143168-code-exec(95468) https://exchange.xforce.ibmcloud.com/vulnerabilities/95468 Common Vulnerability Exposure (CVE) ID: CVE-2014-3169 BugTraq ID: 69405 http://www.securityfocus.com/bid/69405 XForce ISS Database: google-chrome-cve20143169-code-exec(95469) https://exchange.xforce.ibmcloud.com/vulnerabilities/95469 Common Vulnerability Exposure (CVE) ID: CVE-2014-3170 BugTraq ID: 69400 http://www.securityfocus.com/bid/69400 XForce ISS Database: google-chrome-cve20143170-spoofing(95470) https://exchange.xforce.ibmcloud.com/vulnerabilities/95470 Common Vulnerability Exposure (CVE) ID: CVE-2014-3171 BugTraq ID: 69406 http://www.securityfocus.com/bid/69406 XForce ISS Database: google-chrome-cve20143171-code-exec(95471) https://exchange.xforce.ibmcloud.com/vulnerabilities/95471 Common Vulnerability Exposure (CVE) ID: CVE-2014-3172 BugTraq ID: 69401 http://www.securityfocus.com/bid/69401 XForce ISS Database: google-chrome-cve20143172-unspec(95472) https://exchange.xforce.ibmcloud.com/vulnerabilities/95472 Common Vulnerability Exposure (CVE) ID: CVE-2014-3173 BugTraq ID: 69403 http://www.securityfocus.com/bid/69403 XForce ISS Database: google-chrome-cve20143173-info-disc(95473) https://exchange.xforce.ibmcloud.com/vulnerabilities/95473 Common Vulnerability Exposure (CVE) ID: CVE-2014-3174 BugTraq ID: 69407 http://www.securityfocus.com/bid/69407 XForce ISS Database: google-chrome-cve20143174-info-disc(95474) https://exchange.xforce.ibmcloud.com/vulnerabilities/95474 Common Vulnerability Exposure (CVE) ID: CVE-2014-3175 BugTraq ID: 69402 http://www.securityfocus.com/bid/69402 XForce ISS Database: google-chrome-cve20143175-unspec(95475) https://exchange.xforce.ibmcloud.com/vulnerabilities/95475 Common Vulnerability Exposure (CVE) ID: CVE-2014-3176 BugTraq ID: 69404 http://www.securityfocus.com/bid/69404 XForce ISS Database: google-chrome-cve20143176-code-exec(95476) https://exchange.xforce.ibmcloud.com/vulnerabilities/95476 Common Vulnerability Exposure (CVE) ID: CVE-2014-3177 XForce ISS Database: google-chrome-cve20143177-code-exec(95477) https://exchange.xforce.ibmcloud.com/vulnerabilities/95477 Common Vulnerability Exposure (CVE) ID: CVE-2014-3178 BugTraq ID: 69709 http://www.securityfocus.com/bid/69709 http://security.gentoo.org/glsa/glsa-201409-06.xml http://secunia.com/advisories/61446 XForce ISS Database: google-chrome-cve20143178-code-exec(95815) https://exchange.xforce.ibmcloud.com/vulnerabilities/95815 Common Vulnerability Exposure (CVE) ID: CVE-2014-3179 BugTraq ID: 69710 http://www.securityfocus.com/bid/69710 XForce ISS Database: google-chrome-cve20143179-unspec(95816) https://exchange.xforce.ibmcloud.com/vulnerabilities/95816
Copyright	Copyright (C) 2014 Greenbone AG