English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.801679
Category:General
Title:Google Chrome multiple vulnerabilities - Dec10 (Linux)
Summary:Check the version of Google Chrome
Description:
Overview: The host is running Google Chrome and is prone to multiple
vulnerabilities.

Vulnerability Insight:
The multiple flaws are due to,
- Possible pop-up blocker bypass via unknown vectors.
- Cross-origin video theft with canvas elements allows remote attackers to
bypass the Same Origin Policy and obtain potentially sensitive video data.
- Improper handling of HTML5 databases allows attackers to cause a denial of
service.
- Excessive file dialogs could lead to a browser crash.
- Use after free error in history handling.
- Incomplete blacklist vulnerability allows remote attackers to have an
unspecified impact via a 'dangerous file'.
- Browser crash with HTTP proxy authentication.
- Out-of-bounds read regression in WebM video support.
- Crash due to bad indexing with malformed video.
- Possible browser memory corruption via malicious privileged extension.
- Use after free error with SVG animations.
- Use after free in mouse dragging event handling.
- A double free error in XPath handling.

Impact:
Successful exploitation could allow the attackers to cause a denial of
service.

Impact Level: Application

Affected Software/OS:
Google Chrome version prior to 8.0.552.215 on Linux.

Fix: Upgrade to the Google Chrome 8.0.552.215 or later,
For updates refer to http://www.google.com/chrome

References:
http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html
Cross-Ref: BugTraq ID: 45170
Common Vulnerability Exposure (CVE) ID: CVE-2010-4482
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12059
Common Vulnerability Exposure (CVE) ID: CVE-2010-4483
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11610
Common Vulnerability Exposure (CVE) ID: CVE-2010-4484
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12236
Common Vulnerability Exposure (CVE) ID: CVE-2010-4485
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12062
Common Vulnerability Exposure (CVE) ID: CVE-2010-4486
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11630
Common Vulnerability Exposure (CVE) ID: CVE-2010-4487
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13423
Common Vulnerability Exposure (CVE) ID: CVE-2010-4488
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12037
Common Vulnerability Exposure (CVE) ID: CVE-2010-4489
http://www.ubuntu.com/usn/USN-1087-1
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11919
http://secunia.com/advisories/43728
http://www.vupen.com/english/advisories/2011/0662
Common Vulnerability Exposure (CVE) ID: CVE-2010-4490
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12284
Common Vulnerability Exposure (CVE) ID: CVE-2010-4491
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11991
Common Vulnerability Exposure (CVE) ID: CVE-2010-4492
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11475
Common Vulnerability Exposure (CVE) ID: CVE-2010-4493
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12129
Common Vulnerability Exposure (CVE) ID: CVE-2010-4494
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
Debian Security Information: DSA-2137 (Google Search)
http://www.debian.org/security/2010/dsa-2137
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:260
http://www.redhat.com/support/errata/RHSA-2011-1749.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11916
http://secunia.com/advisories/42721
http://secunia.com/advisories/42762
http://www.vupen.com/english/advisories/2010/3319
http://www.vupen.com/english/advisories/2010/3336
http://www.vupen.com/english/advisories/2011/0230
CopyrightCopyright (c) 2010 Greenbone Networks GmbH

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.