Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.71171
Category:FreeBSD Local Security Checks
Title:FreeBSD Ports: chromium
Summary:The remote host is missing an update to the system; as announced in the referenced advisory.
Description:Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: chromium

CVE-2011-3015
Multiple integer overflows in the PDF codecs in Google Chrome before
17.0.963.56 allow remote attackers to cause a denial of service or
possibly have unspecified other impact via unknown vectors.

CVE-2011-3016
Use-after-free vulnerability in Google Chrome before 17.0.963.56
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors involving counter nodes, related
to a 'read-after-free' issue.

CVE-2011-3017
Use-after-free vulnerability in Google Chrome before 17.0.963.56
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to database handling.

CVE-2011-3018
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to path rendering.

CVE-2011-3019
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via a crafted Matroska video (aka MKV) file.

CVE-2011-3020
Unspecified vulnerability in the Native Client validator
implementation in Google Chrome before 17.0.963.56 has unknown impact
and remote attack vectors.

CVE-2011-3021
Use-after-free vulnerability in Google Chrome before 17.0.963.56
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to subframe loading.

CVE-2011-3022
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and
19.x before 19.0.1036.7 uses an HTTP session to exchange data for
translation, which allows remote attackers to obtain sensitive
information by sniffing the network.

CVE-2011-3023
Use-after-free vulnerability in Google Chrome before 17.0.963.56
allows user-assisted remote attackers to cause a denial of service or
possibly have unspecified other impact via vectors related to
drag-and-drop operations.

CVE-2011-3024
Google Chrome before 17.0.963.56 allows remote attackers to cause a
denial of service (application crash) via an empty X.509 certificate.

CVE-2011-3025
Google Chrome before 17.0.963.56 does not properly parse H.264 data,
which allows remote attackers to cause a denial of service
(out-of-bounds read) via unspecified vectors.

CVE-2011-3026
Integer overflow in libpng, as used in Google Chrome before
17.0.963.56, allows remote attackers to cause a denial of service or
possibly have unspecified other impact via unknown vectors that
trigger an integer truncation.

CVE-2011-3027
Google Chrome before 17.0.963.56 does not properly perform a cast of
an unspecified variable during handling of columns, which allows
remote attackers to cause a denial of service or possibly have
unknown other impact via a crafted document.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-3015
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14690
http://secunia.com/advisories/48016
Common Vulnerability Exposure (CVE) ID: CVE-2011-3016
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14919
Common Vulnerability Exposure (CVE) ID: CVE-2011-3017
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14667
Common Vulnerability Exposure (CVE) ID: CVE-2011-3018
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14522
Common Vulnerability Exposure (CVE) ID: CVE-2011-3019
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14998
Common Vulnerability Exposure (CVE) ID: CVE-2011-3020
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14434
Common Vulnerability Exposure (CVE) ID: CVE-2011-3021
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15020
Common Vulnerability Exposure (CVE) ID: CVE-2011-3022
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15025
Common Vulnerability Exposure (CVE) ID: CVE-2011-3023
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14643
Common Vulnerability Exposure (CVE) ID: CVE-2011-3024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14891
Common Vulnerability Exposure (CVE) ID: CVE-2011-3025
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14869
Common Vulnerability Exposure (CVE) ID: CVE-2011-3026
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://security.gentoo.org/glsa/glsa-201206-15.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15032
http://secunia.com/advisories/48110
http://secunia.com/advisories/49660
SuSE Security Announcement: SUSE-SU-2012:0303 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00023.html
SuSE Security Announcement: openSUSE-SU-2012:0297 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-3027
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14955
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.