Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.850558
Kategorie:SuSE Local Security Checks
Titel:openSUSE: Security Advisory for chromium (openSUSE-SU-2013:1861-1)
Zusammenfassung:The remote host is missing an update for the 'chromium'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'chromium'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Chromium was updated to 31.0.1650.57: Stable channel update:

- Security Fixes:

* CVE-2013-6632: Multiple memory corruption issues.

- Update to Chromium 31.0.1650.48 Stable Channel update:

- Security fixes:

* CVE-2013-6621: Use after free related to speech input
elements..

* CVE-2013-6622: Use after free related to media
elements.

* CVE-2013-6623: Out of bounds read in SVG.

* CVE-2013-6624: Use after free related to id
attribute strings.

* CVE-2013-6625: Use after free in DOM ranges.

* CVE-2013-6626: Address bar spoofing related to
interstitial warnings.

* CVE-2013-6627: Out of bounds read in HTTP parsing.

* CVE-2013-6628: Issue with certificates not being
checked during TLS renegotiation.

* CVE-2013-2931: Various fixes from internal audits,
fuzzing and other initiatives.

* CVE-2013-6629: Read of uninitialized memory in
libjpeg and libjpeg-turbo.

* CVE-2013-6630: Read of uninitialized memory in
libjpeg-turbo.

* CVE-2013-6631: Use after free in libjingle.

- Added patch chromium-fix-chromedriver-build.diff to fix
the chromedriver build

- Enable ARM build for Chromium.

* Added patches chromium-arm-webrtc-fix.patch,
chromium-fix-arm-icu.patch and
chromium-fix-arm-sysroot.patch to resolve ARM specific
build issues

- Update to Chromium 30.0.1599.114 Stable Channel update:
fix build for 32bit systems

- Drop patch chromium-fix-chromedriver-build.diff. This is
now fixed upstream

- For openSUSE versions lower than 13.1, build against the
in-tree libicu

- Update to Chromium 30.0.1599.101

- Security Fixes:
+ CVE-2013-2925: Use after free in XHR
+ CVE-2013-2926: Use after free in editing
+ CVE-2013-2927: Use after free in forms.
+ CVE-2013-2928: Various fixes from internal audits,
fuzzing and other initiatives.

- Update to Chromium 30.0.1599.66

- Easier searching by image

- A number of new apps/extension APIs

- Lots of under the hood changes for stability and
performance

- Security fixes:
+ CVE-2013-2906: Races in Web Audio
+ CVE-2013-2907: Out of bounds read in Window.prototype
object
+ CVE-2013-2908: Address bar spoofing related to the
204 No Content status code
+ CVE-2013-2909: Use after free in inline-block rendering
+ CVE-2013-2910: Use-after-free in Web Audio
+ CVE-2013-2911: Use-after-free in XSLT
+ CVE-2013-2912: Use-after-free in PPAPI
+ CVE-2013-2913: Use-after-free in XML document parsing
+ CVE-2013-2914: Use after free in the Windows color
chooser dialog
+ CVE-2013-2915: Address bar spoofing via a malformed
scheme
+ CVE-2013-2916: ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
chromium on openSUSE 13.1

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-2906
Debian Security Information: DSA-2785 (Google Search)
http://www.debian.org/security/2013/dsa-2785
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19013
SuSE Security Announcement: openSUSE-SU-2013:1556 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html
SuSE Security Announcement: openSUSE-SU-2013:1861 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
SuSE Security Announcement: openSUSE-SU-2014:0065 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-2907
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18695
Common Vulnerability Exposure (CVE) ID: CVE-2013-2908
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18782
Common Vulnerability Exposure (CVE) ID: CVE-2013-2909
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19012
Common Vulnerability Exposure (CVE) ID: CVE-2013-2910
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18812
Common Vulnerability Exposure (CVE) ID: CVE-2013-2911
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18687
Common Vulnerability Exposure (CVE) ID: CVE-2013-2912
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18962
Common Vulnerability Exposure (CVE) ID: CVE-2013-2913
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18843
Common Vulnerability Exposure (CVE) ID: CVE-2013-2914
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18081
Common Vulnerability Exposure (CVE) ID: CVE-2013-2915
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18319
Common Vulnerability Exposure (CVE) ID: CVE-2013-2916
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18968
Common Vulnerability Exposure (CVE) ID: CVE-2013-2917
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18820
Common Vulnerability Exposure (CVE) ID: CVE-2013-2918
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18839
Common Vulnerability Exposure (CVE) ID: CVE-2013-2919
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18840
Common Vulnerability Exposure (CVE) ID: CVE-2013-2920
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18451
Common Vulnerability Exposure (CVE) ID: CVE-2013-2921
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18389
Common Vulnerability Exposure (CVE) ID: CVE-2013-2922
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18358
Common Vulnerability Exposure (CVE) ID: CVE-2013-2923
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18103
Common Vulnerability Exposure (CVE) ID: CVE-2013-2924
BugTraq ID: 64758
http://www.securityfocus.com/bid/64758
Debian Security Information: DSA-2786 (Google Search)
http://www.debian.org/security/2013/dsa-2786
http://jvn.jp/en/jp/JVN85336306/index.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19017
Common Vulnerability Exposure (CVE) ID: CVE-2013-2925
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18866
SuSE Security Announcement: openSUSE-SU-2013:1729 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-11/msg00077.html
SuSE Security Announcement: openSUSE-SU-2013:1776 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-2926
http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18837
Common Vulnerability Exposure (CVE) ID: CVE-2013-2927
http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html
http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html
http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19155
Common Vulnerability Exposure (CVE) ID: CVE-2013-2928
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19065
Common Vulnerability Exposure (CVE) ID: CVE-2013-2931
Debian Security Information: DSA-2799 (Google Search)
http://www.debian.org/security/2013/dsa-2799
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19183
SuSE Security Announcement: openSUSE-SU-2013:1777 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-6621
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19006
Common Vulnerability Exposure (CVE) ID: CVE-2013-6622
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18335
Common Vulnerability Exposure (CVE) ID: CVE-2013-6623
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19311
Common Vulnerability Exposure (CVE) ID: CVE-2013-6624
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19168
Common Vulnerability Exposure (CVE) ID: CVE-2013-6625
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19257
Common Vulnerability Exposure (CVE) ID: CVE-2013-6626
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18401
Common Vulnerability Exposure (CVE) ID: CVE-2013-6627
https://www.exploit-db.com/exploits/40944/
http://seclists.org/fulldisclosure/2016/Dec/65
http://blog.skylined.nl/20161219001.html
http://packetstormsecurity.com/files/140209/Chrome-HTTP-1xx-Out-Of-Bounds-Read.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19113
Common Vulnerability Exposure (CVE) ID: CVE-2013-6628
https://secure-resumption.com/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19108
Common Vulnerability Exposure (CVE) ID: CVE-2013-6629
BugTraq ID: 63676
http://www.securityfocus.com/bid/63676
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html
http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html
http://security.gentoo.org/glsa/glsa-201406-32.xml
https://security.gentoo.org/glsa/201606-03
HPdes Security Advisory: HPSBUX03091
http://marc.info/?l=bugtraq&m=140852886808946&w=2
HPdes Security Advisory: HPSBUX03092
http://marc.info/?l=bugtraq&m=140852974709252&w=2
HPdes Security Advisory: SSRT101667
HPdes Security Advisory: SSRT101668
http://www.mandriva.com/security/advisories?name=MDVSA-2013:273
RedHat Security Advisories: RHSA-2013:1803
http://rhn.redhat.com/errata/RHSA-2013-1803.html
RedHat Security Advisories: RHSA-2013:1804
http://rhn.redhat.com/errata/RHSA-2013-1804.html
RedHat Security Advisories: RHSA-2014:0413
https://access.redhat.com/errata/RHSA-2014:0413
RedHat Security Advisories: RHSA-2014:0414
https://access.redhat.com/errata/RHSA-2014:0414
http://www.securitytracker.com/id/1029470
http://www.securitytracker.com/id/1029476
http://secunia.com/advisories/56175
http://secunia.com/advisories/58974
http://secunia.com/advisories/59058
SuSE Security Announcement: openSUSE-SU-2013:1916 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html
SuSE Security Announcement: openSUSE-SU-2013:1917 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html
SuSE Security Announcement: openSUSE-SU-2013:1918 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html
SuSE Security Announcement: openSUSE-SU-2013:1957 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html
SuSE Security Announcement: openSUSE-SU-2013:1958 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html
SuSE Security Announcement: openSUSE-SU-2013:1959 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html
SuSE Security Announcement: openSUSE-SU-2014:0008 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html
http://www.ubuntu.com/usn/USN-2052-1
http://www.ubuntu.com/usn/USN-2053-1
http://www.ubuntu.com/usn/USN-2060-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-6630
Common Vulnerability Exposure (CVE) ID: CVE-2013-6631
Common Vulnerability Exposure (CVE) ID: CVE-2013-6632
http://www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls/
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.