Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.801879
Category:General
Title:Google Chrome multiple vulnerabilities - May11 (Linux)
Summary:The host is running Google Chrome and is prone to multiple; vulnerabilities.
Description:Summary:
The host is running Google Chrome and is prone to multiple
vulnerabilities.

Vulnerability Insight:
- An unspecified error related to a stale pointer exists within the handling
of floating objects.

- A linked-list race condition exists within the database handling.

- The MIME handling does not properly ensure thread safety.

- An extension with 'tabs' permission can gain access to local files.

- An integer overflow error exists within the float rendering.

- An error related to blobs can be exploited to violate the same origin
policy.

- An unspecified error can be exploited to cause an interference between
renderer processes.

- A use-after-free error exists within the handling of '' tags and CSS.

- A casting error exists within then handling of floating select lists.

- An error related to mutation events can be exploited to corrupt node trees.

- An unspecified error related to stale pointers exists in the layering code.

- A race condition error exists within the sandbox launcher.

- Interrupted loads and navigation errors can be leveraged to spoof the URL
bar.

- An unspecified error related to a stale pointer exists within the handling
of drop-down lists.

- An unspecified error related to a stale pointer exists within the height
calculations.

- A use-after-free error exists within the handling of WebSockets.

- An error related to dangling pointers exists within the handling of file
dialogs.

- An error related to dangling pointers exists within the handling of DOM
id maps.

- Redirects and manual reloads can be exploited to spoof the URL bar.

- A use-after-free error exists within the handling of DOM ids.

- An error related to stale pointers exists within the handling of PDF forms.

Vulnerability Impact:
Successful exploitation could allow attackers to bypass certain security
restrictions, disclose potentially sensitive information, conduct spoofing
attacks, and potentially compromise a user's system.

Affected Software/OS:
Google Chrome version prior to 11.0.696.57 on Linux

Solution:
Upgrade to the Google Chrome 11.0.696.57 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: BugTraq ID: 47604
Common Vulnerability Exposure (CVE) ID: CVE-2011-1303
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13705
Common Vulnerability Exposure (CVE) ID: CVE-2011-1304
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14399
Common Vulnerability Exposure (CVE) ID: CVE-2011-1305
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14305
Common Vulnerability Exposure (CVE) ID: CVE-2011-1434
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14196
XForce ISS Database: chrome-thread-safety-code-exec(67141)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67141
Common Vulnerability Exposure (CVE) ID: CVE-2011-1435
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14586
XForce ISS Database: chrome-extension-info-disc(67142)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67142
Common Vulnerability Exposure (CVE) ID: CVE-2011-1436
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14749
Common Vulnerability Exposure (CVE) ID: CVE-2011-1437
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14601
XForce ISS Database: chrome-float-code-execution(67144)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67144
Common Vulnerability Exposure (CVE) ID: CVE-2011-1438
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14621
XForce ISS Database: chrome-blobs-security-bypass(67145)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67145
Common Vulnerability Exposure (CVE) ID: CVE-2011-1439
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14300
XForce ISS Database: chrome-renderer-code-execution(67146)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67146
Common Vulnerability Exposure (CVE) ID: CVE-2011-1440
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
Debian Security Information: DSA-2245 (Google Search)
http://www.debian.org/security/2011/dsa-2245
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14083
XForce ISS Database: chrome-ruby-css-code-exec(67147)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67147
Common Vulnerability Exposure (CVE) ID: CVE-2011-1441
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14646
XForce ISS Database: chrome-select-lists-code-exec(67148)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67148
Common Vulnerability Exposure (CVE) ID: CVE-2011-1442
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13808
XForce ISS Database: chrome-node-trees-code-execution(67149)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67149
Common Vulnerability Exposure (CVE) ID: CVE-2011-1443
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14627
XForce ISS Database: chrome-layering-code-code-execution(67150)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67150
Common Vulnerability Exposure (CVE) ID: CVE-2011-1444
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14372
XForce ISS Database: chrome-sandbox-launcher-code-exec(67151)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67151
Common Vulnerability Exposure (CVE) ID: CVE-2011-1445
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14557
XForce ISS Database: chrome-svg-code-exec(67152)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67152
Common Vulnerability Exposure (CVE) ID: CVE-2011-1446
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14560
XForce ISS Database: chrome-navigation-spoofing(67153)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67153
Common Vulnerability Exposure (CVE) ID: CVE-2011-1447
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13958
XForce ISS Database: chrome-dropdown-code-execution(67154)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67154
Common Vulnerability Exposure (CVE) ID: CVE-2011-1448
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14293
XForce ISS Database: chrome-height-code-execution(67155)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67155
Common Vulnerability Exposure (CVE) ID: CVE-2011-1449
http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14478
XForce ISS Database: chrome-websockets-code-exec(67156)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67156
Common Vulnerability Exposure (CVE) ID: CVE-2011-1450
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14633
XForce ISS Database: google-chrome-file-dialogs-dos(67157)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67157
Common Vulnerability Exposure (CVE) ID: CVE-2011-1451
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14279
XForce ISS Database: google-chrome-domid-dos(67158)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67158
Common Vulnerability Exposure (CVE) ID: CVE-2011-1452
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14759
XForce ISS Database: chrome-manual-reload-spoofing(67159)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67159
Common Vulnerability Exposure (CVE) ID: CVE-2011-1454
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14469
XForce ISS Database: chrome-domid-code-execution(67160)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67160
Common Vulnerability Exposure (CVE) ID: CVE-2011-1455
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14136
XForce ISS Database: chrome-pdf-code-execution(67161)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67161
Common Vulnerability Exposure (CVE) ID: CVE-2011-1456
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14356
XForce ISS Database: chrome-pdf-forms-code-exec(67162)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67162
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.