Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.802102
Category:General
Title:Google Chrome Multiple Vulnerabilities - June 11(Windows)
Summary:The host is running Google Chrome and is prone to multiple; vulnerabilities.
Description:Summary:
The host is running Google Chrome and is prone to multiple
vulnerabilities.

Vulnerability Insight:
The flaws are due to

- Use-after-free vulnerability due to integer issues in float handling.

- Use-after-free vulnerability in accessibility support.

- Error in 'Cascading Style Sheets (CSS)' implementation, which fails to properly
restrict access to the visit history, which allows remote attackers to obtain
sensitive information via unspecified vectors.

- Not properly handling a large number of form submissions.

- Bypassing extensions permission.

- 'Stale pointer' in extension framework.

- Attempts to read data from an uninitialized pointer.

- Extension script injection into new tab page.

- Use-after-free vulnerability in developer tools, image loader

- Fails to properly implement history deletion.

- Extension injection into 'chrome://' pages.

- Same origin bypass in 'v8' and 'DOM'.

Vulnerability Impact:
Successful exploitation could allow attackers to execute arbitrary code in
the context of the browser, cause denial-of-service conditions, bypass the
same-origin policy, and disclose potentially sensitive information.

Affected Software/OS:
Google Chrome version prior to 12.0.742.91 on windows

Solution:
Upgrade to the Google Chrome 12.0.742.91 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: BugTraq ID: 48129
Common Vulnerability Exposure (CVE) ID: CVE-2011-1808
http://www.securityfocus.com/bid/48129
http://osvdb.org/72778
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14659
http://secunia.com/advisories/44829
XForce ISS Database: chrome-float-handling-code-exec(67891)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67891
Common Vulnerability Exposure (CVE) ID: CVE-2011-1809
http://osvdb.org/72779
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14692
XForce ISS Database: chrome-support-code-execution(67892)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67892
Common Vulnerability Exposure (CVE) ID: CVE-2011-1810
http://osvdb.org/72780
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14433
XForce ISS Database: chrome-css-info-disclosure(67893)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67893
Common Vulnerability Exposure (CVE) ID: CVE-2011-1811
http://osvdb.org/72781
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14620
XForce ISS Database: chrome-submissions-dos(67894)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67894
Common Vulnerability Exposure (CVE) ID: CVE-2011-1812
http://osvdb.org/72782
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14546
XForce ISS Database: chrome-extensions-sec-bypas(67895)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67895
Common Vulnerability Exposure (CVE) ID: CVE-2011-1813
http://osvdb.org/72783
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14481
XForce ISS Database: chrome-extension-framenwork-ce(67896)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67896
Common Vulnerability Exposure (CVE) ID: CVE-2011-1814
http://osvdb.org/72784
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14565
XForce ISS Database: chrome-pointer-info-disclosure(67897)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67897
Common Vulnerability Exposure (CVE) ID: CVE-2011-1815
http://osvdb.org/72785
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14728
XForce ISS Database: chrome-tab-page-xss(67898)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67898
Common Vulnerability Exposure (CVE) ID: CVE-2011-1816
http://osvdb.org/72786
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13575
XForce ISS Database: chrome-developer-tools-code-exec(67899)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67899
Common Vulnerability Exposure (CVE) ID: CVE-2011-1817
http://osvdb.org/72787
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14128
XForce ISS Database: chrome-history-deletion-code-exec(67900)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67900
Common Vulnerability Exposure (CVE) ID: CVE-2011-1818
http://osvdb.org/72788
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14757
XForce ISS Database: chrome-image-loader-code-execution(67901)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67901
Common Vulnerability Exposure (CVE) ID: CVE-2011-1819
http://osvdb.org/72789
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14616
XForce ISS Database: chrome-chromepages-xss(67902)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67902
Common Vulnerability Exposure (CVE) ID: CVE-2011-2332
http://osvdb.org/72790
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14242
XForce ISS Database: chrome-v8-security-bypass(67903)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67903
Common Vulnerability Exposure (CVE) ID: CVE-2011-2342
http://osvdb.org/72791
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14663
XForce ISS Database: chrome-dom-security-bypass(67904)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67904
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.