Test ID:	1.3.6.1.4.1.25623.1.0.802339
Category:	Privilege escalation
Title:	Google Chrome Mozilla Network Security Services Privilege Escalation Vulnerability - Mac OS X
Summary:	Google Chrome is prone to a privilege escalation vulnerability.
Description:	Summary: Google Chrome is prone to a privilege escalation vulnerability. Vulnerability Insight: The flaw is due to an error in the Mozilla Network Security Services (NSS) library, which can be exploited by sending Trojan horse pkcs11.txt file in a top-level directory. Vulnerability Impact: Successful exploitation will let the local attacker to execute arbitrary code with an elevated privileges. Affected Software/OS: Google Chrome version 16.0.912.21 and prior on Mac OS X Solution: Upgrade to the Google Chrome 17 or later. CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3640 http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html http://code.google.com/p/chromium/issues/detail?id=97426 https://bugzilla.mozilla.org/show_bug.cgi?id=641052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414 http://securityreason.com/securityalert/8483 SuSE Security Announcement: openSUSE-SU-2012:0030 (Google Search) https://hermes.opensuse.org/messages/13154861 SuSE Security Announcement: openSUSE-SU-2012:0063 (Google Search) https://hermes.opensuse.org/messages/13155432
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.