Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.802347
Category:General
Title:Google Chrome Multiple Vulnerabilities - November11 (Mac OS X)
Summary:The host is installed with Google Chrome and is prone to multiple; vulnerabilities.
Description:Summary:
The host is installed with Google Chrome and is prone to multiple
vulnerabilities.

Vulnerability Insight:
Multiple vulnerabilities are due to:

- A double free error in the Theora decoder exists when handling a crafted
stream.

- An error in implementing the MKV and Vorbis media handlers.

- A memory corruption regression error in VP8 decoding when handling a
crafted stream.

- Heap overflow in the Vorbis decoder when handling a crafted stream.

- Buffer overflow error in the shader variable mapping.

- A use-after-free error exists related to editing.

- Fails to ask permission to run applets in Java Runtime Environment (JRE) 7.

Vulnerability Impact:
Successful exploitation could allow attackers to execute arbitrary code,
cause a denial of service, and disclose potentially sensitive information,
other attacks may also be possible.

Affected Software/OS:
Google Chrome version prior to 15.0.874.120 on Mac OS X

Solution:
Upgrade to the Google Chrome 15.0.874.120 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: BugTraq ID: 50642
Common Vulnerability Exposure (CVE) ID: CVE-2011-3892
Debian Security Information: DSA-2471 (Google Search)
http://www.debian.org/security/2012/dsa-2471
http://www.mandriva.com/security/advisories?name=MDVSA-2012:075
http://www.mandriva.com/security/advisories?name=MDVSA-2012:076
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14484
http://secunia.com/advisories/46933
http://secunia.com/advisories/49089
Common Vulnerability Exposure (CVE) ID: CVE-2011-3893
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14267
Common Vulnerability Exposure (CVE) ID: CVE-2011-3894
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14166
Common Vulnerability Exposure (CVE) ID: CVE-2011-3895
http://www.mandriva.com/security/advisories?name=MDVSA-2012:074
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13551
Common Vulnerability Exposure (CVE) ID: CVE-2011-3896
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14423
Common Vulnerability Exposure (CVE) ID: CVE-2011-3897
http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14250
http://www.securitytracker.com/id?1026774
http://secunia.com/advisories/48274
http://secunia.com/advisories/48288
http://secunia.com/advisories/48377
XForce ISS Database: apple-webkit-cve20113897-code-execution(73806)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73806
Common Vulnerability Exposure (CVE) ID: CVE-2011-3898
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14266
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.