| Descripción: | Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.
Vulnerability Insight:
The following package is affected: chromium
CVE-2011-3066
Skia, as used in Google Chrome before 18.0.1025.151, does not properly
perform clipping, which allows remote attackers to cause a denial of
service (out-of-bounds read) via unspecified vectors.
CVE-2011-3067
Google Chrome before 18.0.1025.151 allows remote attackers to bypass
the Same Origin Policy via vectors related to replacement of IFRAME
elements.
CVE-2011-3068
Use-after-free vulnerability in the Cascading Style Sheets (CSS)
implementation in Google Chrome before 18.0.1025.151 allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via vectors related to run-in boxes.
CVE-2011-3069
Use-after-free vulnerability in the Cascading Style Sheets (CSS)
implementation in Google Chrome before 18.0.1025.151 allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via vectors related to line boxes.
CVE-2011-3070
Use-after-free vulnerability in Google Chrome before 18.0.1025.151
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to the Google V8
bindings.
CVE-2011-3071
Use-after-free vulnerability in the HTMLMediaElement implementation in
Google Chrome before 18.0.1025.151 allows remote attackers to cause a
denial of service or possibly have unspecified other impact via
unknown vectors.
CVE-2011-3072
Google Chrome before 18.0.1025.151 allows remote attackers to bypass
the Same Origin Policy via vectors related to pop-up windows.
CVE-2011-3073
Use-after-free vulnerability in Google Chrome before 18.0.1025.151
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to the handling of SVG
resources.
CVE-2011-3074
Use-after-free vulnerability in Google Chrome before 18.0.1025.151
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to the handling of media.
CVE-2011-3075
Use-after-free vulnerability in Google Chrome before 18.0.1025.151
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to style-application
commands.
CVE-2011-3076
Use-after-free vulnerability in Google Chrome before 18.0.1025.151
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to focus handling.
CVE-2011-3077
Use-after-free vulnerability in Google Chrome before 18.0.1025.151
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors involving the script bindings,
related to a 'read-after-free' issue.
Solution:
Update your system with the appropriate patches or
software upgrades.
CVSS Score:
6.8
CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
