General : Google Chrome Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902120

Categoría: General

Título: Google Chrome Multiple Vulnerabilities - (Windows)

Resumen: This host is installed with Google Chrome and is prone to multiple; vulnerabilities.

Descripción: Summary:
This host is installed with Google Chrome and is prone to multiple
vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- An unspecified 'DNS' and 'fall-back' behavior of proxies, which could disclose
sensitive information.

- An integer overflow errors in the 'v8 engine', which could be exploited to
execute arbitrary code.

- An error related to the processing of 'ruby' tags, which could be exploited
to execute arbitrary code.

- An error related to 'iframe' data, which could leak redirection targets.

- An error when displaying HTTP authentication dialogs, which could allow
phishing attacks.

- An integer overflow when deserializing 'sandbox' messages, which could allow
code execution.

Vulnerability Impact:
Successful exploitation will let the attacker bypass restrictions, disclose
sensitive information or compromise a vulnerable system.

Affected Software/OS:
Google Chrome version prior to 4.0.249.89

Solution:
Upgrade to version 4.0.249.89 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: BugTraq ID: 38177
Common Vulnerability Exposure (CVE) ID: CVE-2010-0643
http://www.securityfocus.com/bid/38177
http://www.osvdb.org/62315
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14500
http://securitytracker.com/id?1023583
http://secunia.com/advisories/38545
http://www.vupen.com/english/advisories/2010/0361
XForce ISS Database: googlechrome-fallback-info-disc(56212)
https://exchange.xforce.ibmcloud.com/vulnerabilities/56212
Common Vulnerability Exposure (CVE) ID: CVE-2010-0644
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13926
Common Vulnerability Exposure (CVE) ID: CVE-2010-0645
http://www.osvdb.org/62316
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14508
XForce ISS Database: googlechrome-v8engine-code-exec(56213)
https://exchange.xforce.ibmcloud.com/vulnerabilities/56213
Common Vulnerability Exposure (CVE) ID: CVE-2010-0646
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14222
Common Vulnerability Exposure (CVE) ID: CVE-2010-0647
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
http://www.osvdb.org/62317
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14094
http://secunia.com/advisories/41856
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
http://www.vupen.com/english/advisories/2011/0212
http://www.vupen.com/english/advisories/2011/0552
XForce ISS Database: googlechrome-ruby-tags-code-exec(56214)
https://exchange.xforce.ibmcloud.com/vulnerabilities/56214
Common Vulnerability Exposure (CVE) ID: CVE-2010-0649
http://www.osvdb.org/62320
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14256
XForce ISS Database: googlechrome-sandbox-code-exec(56217)
https://exchange.xforce.ibmcloud.com/vulnerabilities/56217
Common Vulnerability Exposure (CVE) ID: CVE-2010-0556
Bugtraq: 20100216 Chrome Password Manager Cross Origin Weakness (CVE-2010-0556) (Google Search)
http://www.securityfocus.com/archive/1/509543/100/0/threaded
http://www.vsecurity.com/advisory/20100215-1.txt
http://www.osvdb.org/62319
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14407
XForce ISS Database: googlechrome-dialogs-phishing(56216)
https://exchange.xforce.ibmcloud.com/vulnerabilities/56216

Copyright Copyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902120
Categoría:	General
Título:	Google Chrome Multiple Vulnerabilities - (Windows)
Resumen:	This host is installed with Google Chrome and is prone to multiple; vulnerabilities.
Descripción:	Summary: This host is installed with Google Chrome and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An unspecified 'DNS' and 'fall-back' behavior of proxies, which could disclose sensitive information. - An integer overflow errors in the 'v8 engine', which could be exploited to execute arbitrary code. - An error related to the processing of 'ruby' tags, which could be exploited to execute arbitrary code. - An error related to 'iframe' data, which could leak redirection targets. - An error when displaying HTTP authentication dialogs, which could allow phishing attacks. - An integer overflow when deserializing 'sandbox' messages, which could allow code execution. Vulnerability Impact: Successful exploitation will let the attacker bypass restrictions, disclose sensitive information or compromise a vulnerable system. Affected Software/OS: Google Chrome version prior to 4.0.249.89 Solution: Upgrade to version 4.0.249.89 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	BugTraq ID: 38177 Common Vulnerability Exposure (CVE) ID: CVE-2010-0643 http://www.securityfocus.com/bid/38177 http://www.osvdb.org/62315 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14500 http://securitytracker.com/id?1023583 http://secunia.com/advisories/38545 http://www.vupen.com/english/advisories/2010/0361 XForce ISS Database: googlechrome-fallback-info-disc(56212) https://exchange.xforce.ibmcloud.com/vulnerabilities/56212 Common Vulnerability Exposure (CVE) ID: CVE-2010-0644 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13926 Common Vulnerability Exposure (CVE) ID: CVE-2010-0645 http://www.osvdb.org/62316 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14508 XForce ISS Database: googlechrome-v8engine-code-exec(56213) https://exchange.xforce.ibmcloud.com/vulnerabilities/56213 Common Vulnerability Exposure (CVE) ID: CVE-2010-0646 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14222 Common Vulnerability Exposure (CVE) ID: CVE-2010-0647 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.osvdb.org/62317 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14094 http://secunia.com/advisories/41856 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0552 XForce ISS Database: googlechrome-ruby-tags-code-exec(56214) https://exchange.xforce.ibmcloud.com/vulnerabilities/56214 Common Vulnerability Exposure (CVE) ID: CVE-2010-0649 http://www.osvdb.org/62320 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14256 XForce ISS Database: googlechrome-sandbox-code-exec(56217) https://exchange.xforce.ibmcloud.com/vulnerabilities/56217 Common Vulnerability Exposure (CVE) ID: CVE-2010-0556 Bugtraq: 20100216 Chrome Password Manager Cross Origin Weakness (CVE-2010-0556) (Google Search) http://www.securityfocus.com/archive/1/509543/100/0/threaded http://www.vsecurity.com/advisory/20100215-1.txt http://www.osvdb.org/62319 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14407 XForce ISS Database: googlechrome-dialogs-phishing(56216) https://exchange.xforce.ibmcloud.com/vulnerabilities/56216
Copyright	Copyright (C) 2010 Greenbone Networks GmbH