Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.703039 |
Categoría: | Debian Local Security Checks |
Título: | Debian Security Advisory DSA 3039-1 (chromium-browser - security update) |
Resumen: | Several vulnerabilities were discovered in the chromium web browser.;;CVE-2014-3160;Christian Schneider discovered a same origin bypass issue in SVG;file resource fetching.;;CVE-2014-3162;The Google Chrome development team addressed multiple issues with;potential security impact for chromium 36.0.1985.125.;;CVE-2014-3165;Colin Payne discovered a use-after-free issue in the Web Sockets;implementation.;;CVE-2014-3166;Antoine Delignat-Lavaud discovered an information leak in the SPDY;protocol implementation.;;CVE-2014-3167;The Google Chrome development team addressed multiple issues with;potential security impact for chromium 36.0.1985.143.;;CVE-2014-3168;cloudfuzzer discovered a use-after-free issue in SVG image file;handling.;;CVE-2014-3169;Andrzej Dyjak discovered a use-after-free issue in the Webkit/Blink;Document Object Model implementation.;;CVE-2014-3170;Rob Wu discovered a way to spoof the url of chromium extensions.;;CVE-2014-3171;cloudfuzzer discovered a use-after-free issue in chromium's v8;bindings.;;CVE-2014-3172;Eli Grey discovered a way to bypass access restrictions using;chromium's Debugger extension API.;;CVE-2014-3173;jmuizelaar discovered an uninitialized read issue in WebGL.;;CVE-2014-3174;Atte Kettunen discovered an uninitialized read issue in Web Audio.;;CVE-2014-3175;The Google Chrome development team addressed multiple issues with;potential security impact for chromium 37.0.2062.94.;;CVE-2014-3176;lokihardt@asrt discovered a combination of flaws that can lead to;remote code execution outside of chromium's sandbox.;;CVE-2014-3177;lokihardt@asrt discovered a combination of flaws that can lead to;remote code execution outside of chromium's sandbox.;;CVE-2014-3178;miaubiz discovered a use-after-free issue in the Document Object;Model implementation in Blink/Webkit.;;CVE-2014-3179;The Google Chrome development team addressed multiple issues with;potential security impact for chromium 37.0.2062.120. |
Descripción: | Summary: Several vulnerabilities were discovered in the chromium web browser. CVE-2014-3160 Christian Schneider discovered a same origin bypass issue in SVG file resource fetching. CVE-2014-3162 The Google Chrome development team addressed multiple issues with potential security impact for chromium 36.0.1985.125. CVE-2014-3165 Colin Payne discovered a use-after-free issue in the Web Sockets implementation. CVE-2014-3166 Antoine Delignat-Lavaud discovered an information leak in the SPDY protocol implementation. CVE-2014-3167 The Google Chrome development team addressed multiple issues with potential security impact for chromium 36.0.1985.143. CVE-2014-3168 cloudfuzzer discovered a use-after-free issue in SVG image file handling. CVE-2014-3169 Andrzej Dyjak discovered a use-after-free issue in the Webkit/Blink Document Object Model implementation. CVE-2014-3170 Rob Wu discovered a way to spoof the url of chromium extensions. CVE-2014-3171 cloudfuzzer discovered a use-after-free issue in chromium's v8 bindings. CVE-2014-3172 Eli Grey discovered a way to bypass access restrictions using chromium's Debugger extension API. CVE-2014-3173 jmuizelaar discovered an uninitialized read issue in WebGL. CVE-2014-3174 Atte Kettunen discovered an uninitialized read issue in Web Audio. CVE-2014-3175 The Google Chrome development team addressed multiple issues with potential security impact for chromium 37.0.2062.94. CVE-2014-3176 lokihardt@asrt discovered a combination of flaws that can lead to remote code execution outside of chromium's sandbox. CVE-2014-3177 lokihardt@asrt discovered a combination of flaws that can lead to remote code execution outside of chromium's sandbox. CVE-2014-3178 miaubiz discovered a use-after-free issue in the Document Object Model implementation in Blink/Webkit. CVE-2014-3179 The Google Chrome development team addressed multiple issues with potential security impact for chromium 37.0.2062.120. Affected Software/OS: chromium-browser on Debian Linux Solution: For the stable distribution (wheezy), these problems have been fixed in version 37.0.2062.120-1~ deb7u1. For the testing (jessie) and unstable (sid) distributions, these problems have been fixed in version 37.0.2062.120-1. We recommend that you upgrade your chromium-browser packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-3160 BugTraq ID: 68677 http://www.securityfocus.com/bid/68677 Debian Security Information: DSA-3039 (Google Search) http://www.debian.org/security/2014/dsa-3039 http://security.gentoo.org/glsa/glsa-201408-16.xml http://secunia.com/advisories/60061 http://secunia.com/advisories/60372 Common Vulnerability Exposure (CVE) ID: CVE-2014-3162 Common Vulnerability Exposure (CVE) ID: CVE-2014-3165 BugTraq ID: 69201 http://www.securityfocus.com/bid/69201 http://www.securitytracker.com/id/1030732 http://secunia.com/advisories/59904 http://secunia.com/advisories/60798 XForce ISS Database: google-chrome-cve20143165-code-exec(95247) https://exchange.xforce.ibmcloud.com/vulnerabilities/95247 Common Vulnerability Exposure (CVE) ID: CVE-2014-3166 BugTraq ID: 69202 http://www.securityfocus.com/bid/69202 http://www.ietf.org/mail-archive/web/tls/current/msg13345.html http://secunia.com/advisories/59693 http://secunia.com/advisories/60685 Common Vulnerability Exposure (CVE) ID: CVE-2014-3167 BugTraq ID: 69203 http://www.securityfocus.com/bid/69203 XForce ISS Database: google-chrome-cve20143167-unspec(95249) https://exchange.xforce.ibmcloud.com/vulnerabilities/95249 Common Vulnerability Exposure (CVE) ID: CVE-2014-3168 BugTraq ID: 69398 http://www.securityfocus.com/bid/69398 http://www.securitytracker.com/id/1030767 http://secunia.com/advisories/60268 http://secunia.com/advisories/60424 http://secunia.com/advisories/61482 SuSE Security Announcement: openSUSE-SU-2014:1151 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html XForce ISS Database: google-chrome-cve20143168-code-exec(95468) https://exchange.xforce.ibmcloud.com/vulnerabilities/95468 Common Vulnerability Exposure (CVE) ID: CVE-2014-3169 BugTraq ID: 69405 http://www.securityfocus.com/bid/69405 XForce ISS Database: google-chrome-cve20143169-code-exec(95469) https://exchange.xforce.ibmcloud.com/vulnerabilities/95469 Common Vulnerability Exposure (CVE) ID: CVE-2014-3170 BugTraq ID: 69400 http://www.securityfocus.com/bid/69400 XForce ISS Database: google-chrome-cve20143170-spoofing(95470) https://exchange.xforce.ibmcloud.com/vulnerabilities/95470 Common Vulnerability Exposure (CVE) ID: CVE-2014-3171 BugTraq ID: 69406 http://www.securityfocus.com/bid/69406 XForce ISS Database: google-chrome-cve20143171-code-exec(95471) https://exchange.xforce.ibmcloud.com/vulnerabilities/95471 Common Vulnerability Exposure (CVE) ID: CVE-2014-3172 BugTraq ID: 69401 http://www.securityfocus.com/bid/69401 XForce ISS Database: google-chrome-cve20143172-unspec(95472) https://exchange.xforce.ibmcloud.com/vulnerabilities/95472 Common Vulnerability Exposure (CVE) ID: CVE-2014-3173 BugTraq ID: 69403 http://www.securityfocus.com/bid/69403 XForce ISS Database: google-chrome-cve20143173-info-disc(95473) https://exchange.xforce.ibmcloud.com/vulnerabilities/95473 Common Vulnerability Exposure (CVE) ID: CVE-2014-3174 BugTraq ID: 69407 http://www.securityfocus.com/bid/69407 XForce ISS Database: google-chrome-cve20143174-info-disc(95474) https://exchange.xforce.ibmcloud.com/vulnerabilities/95474 Common Vulnerability Exposure (CVE) ID: CVE-2014-3175 BugTraq ID: 69402 http://www.securityfocus.com/bid/69402 XForce ISS Database: google-chrome-cve20143175-unspec(95475) https://exchange.xforce.ibmcloud.com/vulnerabilities/95475 Common Vulnerability Exposure (CVE) ID: CVE-2014-3176 BugTraq ID: 69404 http://www.securityfocus.com/bid/69404 XForce ISS Database: google-chrome-cve20143176-code-exec(95476) https://exchange.xforce.ibmcloud.com/vulnerabilities/95476 Common Vulnerability Exposure (CVE) ID: CVE-2014-3177 XForce ISS Database: google-chrome-cve20143177-code-exec(95477) https://exchange.xforce.ibmcloud.com/vulnerabilities/95477 Common Vulnerability Exposure (CVE) ID: CVE-2014-3178 BugTraq ID: 69709 http://www.securityfocus.com/bid/69709 http://security.gentoo.org/glsa/glsa-201409-06.xml http://secunia.com/advisories/61446 XForce ISS Database: google-chrome-cve20143178-code-exec(95815) https://exchange.xforce.ibmcloud.com/vulnerabilities/95815 Common Vulnerability Exposure (CVE) ID: CVE-2014-3179 BugTraq ID: 69710 http://www.securityfocus.com/bid/69710 XForce ISS Database: google-chrome-cve20143179-unspec(95816) https://exchange.xforce.ibmcloud.com/vulnerabilities/95816 |
Copyright | Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |