Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.802734
Category:General
Title:Google Chrome Multiple Vulnerabilities - April 12 (MAC OS X)
Summary:The host is installed with Google Chrome and is prone to multiple; vulnerabilities.
Description:Summary:
The host is installed with Google Chrome and is prone to multiple
vulnerabilities.

Vulnerability Insight:
The flaws are due to

- An error while handling the EUC-JP encoding system, may allow cross-site
scripting attacks.

- An unspecified error in Skia can be exploited to corrupt memory.

- A use-after-free error exists in SVG clipping.

- A validation error exists within the handling of certain navigation
requests from the renderer.

- An off-by-one error exists in OpenType sanitizer.

- An error exists within SPDY proxy certificate checking.

- An error in text fragment handling can be exploited to cause an
out-of-bounds read.

- An error in SVG text handling can be exploited to cause an out-of-bounds
read.

Vulnerability Impact:
Successful exploitation could allow attackers to inject scripts, bypass
certain security restrictions, execute arbitrary code in the context of the
browser or cause a denial of service.

Affected Software/OS:
Google Chrome version prior to 18.0.1025.142 on MAC OS X

Solution:
Upgrade to the Google Chrome 18.0.1025.142 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: BugTraq ID: 52762
Common Vulnerability Exposure (CVE) ID: CVE-2011-3058
http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html
http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html
http://www.securityfocus.com/bid/52762
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15492
http://www.securitytracker.com/id?1026877
http://secunia.com/advisories/48618
http://secunia.com/advisories/48691
http://secunia.com/advisories/48763
XForce ISS Database: google-chrome-interaction-xss(74408)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74408
Common Vulnerability Exposure (CVE) ID: CVE-2011-3065
http://osvdb.org/80743
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15415
XForce ISS Database: google-skia-code-execution(74415)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74415
Common Vulnerability Exposure (CVE) ID: CVE-2011-3064
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://osvdb.org/80742
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755
Common Vulnerability Exposure (CVE) ID: CVE-2011-3063
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15226
XForce ISS Database: chrome-renderer-sec-bypass(74413)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74413
Common Vulnerability Exposure (CVE) ID: CVE-2011-3062
http://www.mandriva.com/security/advisories?name=MDVSA-2012:066
http://www.mandriva.com/security/advisories?name=MDVSA-2012:081
http://osvdb.org/80740
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15488
http://secunia.com/advisories/48972
http://secunia.com/advisories/49047
http://secunia.com/advisories/49055
XForce ISS Database: chrome-sanitizer-code-exec(74412)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74412
Common Vulnerability Exposure (CVE) ID: CVE-2011-3061
http://osvdb.org/80739
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14849
XForce ISS Database: chrome-spdy-sec-bypass(74411)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74411
Common Vulnerability Exposure (CVE) ID: CVE-2011-3060
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15364
XForce ISS Database: chrome-text-fragment-code-exec(74410)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74410
Common Vulnerability Exposure (CVE) ID: CVE-2011-3059
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15200
XForce ISS Database: chrome-svg-text-code-execution(74409)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74409
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.