Test Kennung:	1.3.6.1.4.1.25623.1.0.802103
Kategorie:	General
Titel:	Google Chrome Multiple Vulnerabilities - June 11(Linux)
Zusammenfassung:	The host is running Google Chrome and is prone to multiple; vulnerabilities.
Beschreibung:	Summary: The host is running Google Chrome and is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to - Use-after-free vulnerability due to integer issues in float handling. - Use-after-free vulnerability in accessibility support. - Error in 'Cascading Style Sheets (CSS)' implementation, which fails to properly restrict access to the visit history, which allows remote attackers to obtain sensitive information via unspecified vectors. - Not properly handling a large number of form submissions. - Bypassing extensions permission. - 'Stale pointer' in extension framework. - Attempts to read data from an uninitialized pointer. - Extension script injection into new tab page. - Use-after-free vulnerability in developer tools, image loader - Fails to properly implement history deletion. - Extension injection into 'chrome://' pages. - Same origin bypass in 'v8' and 'DOM'. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code in the context of the browser, cause denial-of-service conditions, bypass the same-origin policy, and disclose potentially sensitive information. Affected Software/OS: Google Chrome version prior to 12.0.742.91 on Linux Solution: Upgrade to the Google Chrome 12.0.742.91 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 48129 Common Vulnerability Exposure (CVE) ID: CVE-2011-1808 http://www.securityfocus.com/bid/48129 http://osvdb.org/72778 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14659 http://secunia.com/advisories/44829 XForce ISS Database: chrome-float-handling-code-exec(67891) https://exchange.xforce.ibmcloud.com/vulnerabilities/67891 Common Vulnerability Exposure (CVE) ID: CVE-2011-1809 http://osvdb.org/72779 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14692 XForce ISS Database: chrome-support-code-execution(67892) https://exchange.xforce.ibmcloud.com/vulnerabilities/67892 Common Vulnerability Exposure (CVE) ID: CVE-2011-1810 http://osvdb.org/72780 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14433 XForce ISS Database: chrome-css-info-disclosure(67893) https://exchange.xforce.ibmcloud.com/vulnerabilities/67893 Common Vulnerability Exposure (CVE) ID: CVE-2011-1811 http://osvdb.org/72781 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14620 XForce ISS Database: chrome-submissions-dos(67894) https://exchange.xforce.ibmcloud.com/vulnerabilities/67894 Common Vulnerability Exposure (CVE) ID: CVE-2011-1812 http://osvdb.org/72782 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14546 XForce ISS Database: chrome-extensions-sec-bypas(67895) https://exchange.xforce.ibmcloud.com/vulnerabilities/67895 Common Vulnerability Exposure (CVE) ID: CVE-2011-1813 http://osvdb.org/72783 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14481 XForce ISS Database: chrome-extension-framenwork-ce(67896) https://exchange.xforce.ibmcloud.com/vulnerabilities/67896 Common Vulnerability Exposure (CVE) ID: CVE-2011-1814 http://osvdb.org/72784 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14565 XForce ISS Database: chrome-pointer-info-disclosure(67897) https://exchange.xforce.ibmcloud.com/vulnerabilities/67897 Common Vulnerability Exposure (CVE) ID: CVE-2011-1815 http://osvdb.org/72785 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14728 XForce ISS Database: chrome-tab-page-xss(67898) https://exchange.xforce.ibmcloud.com/vulnerabilities/67898 Common Vulnerability Exposure (CVE) ID: CVE-2011-1816 http://osvdb.org/72786 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13575 XForce ISS Database: chrome-developer-tools-code-exec(67899) https://exchange.xforce.ibmcloud.com/vulnerabilities/67899 Common Vulnerability Exposure (CVE) ID: CVE-2011-1817 http://osvdb.org/72787 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14128 XForce ISS Database: chrome-history-deletion-code-exec(67900) https://exchange.xforce.ibmcloud.com/vulnerabilities/67900 Common Vulnerability Exposure (CVE) ID: CVE-2011-1818 http://osvdb.org/72788 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14757 XForce ISS Database: chrome-image-loader-code-execution(67901) https://exchange.xforce.ibmcloud.com/vulnerabilities/67901 Common Vulnerability Exposure (CVE) ID: CVE-2011-1819 http://osvdb.org/72789 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14616 XForce ISS Database: chrome-chromepages-xss(67902) https://exchange.xforce.ibmcloud.com/vulnerabilities/67902 Common Vulnerability Exposure (CVE) ID: CVE-2011-2332 http://osvdb.org/72790 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14242 XForce ISS Database: chrome-v8-security-bypass(67903) https://exchange.xforce.ibmcloud.com/vulnerabilities/67903 Common Vulnerability Exposure (CVE) ID: CVE-2011-2342 http://osvdb.org/72791 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14663 XForce ISS Database: chrome-dom-security-bypass(67904) https://exchange.xforce.ibmcloud.com/vulnerabilities/67904
Copyright	Copyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.