Executive Summary
Summary | |
---|---|
Title | chromium-browser security update |
Informations | |||
---|---|---|---|
Name | DSA-2245 | First vendor Publication | 2011-05-29 |
Vendor | Debian | Last vendor Modification | 2011-05-29 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1292 Use-after-free vulnerability in the frame-loader implementation in Google Chrome allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-1293 Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-1440 Use-after-free vulnerability in Google Chrome allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. CVE-2011-1444 Race condition in the sandbox launcher implementation in Google Chrome on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-1797 Google Chrome does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-1799 Google Chrome does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. For the stable distribution (squeeze), these problems have been fixed in version 6.0.472.63~r59945-5+squeeze5. For the testing distribution (wheezy), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 11.0.696.68~r84545-1. We recommend that you upgrade your chromium-browser packages. |
Original Source
Url : http://www.debian.org/security/2011/dsa-2245 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-416 | Use After Free |
17 % | CWE-704 | Incorrect Type Conversion or Cast |
17 % | CWE-362 | Race Condition |
17 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13001 | |||
Oval ID: | oval:org.mitre.oval:def:13001 | ||
Title: | DSA-2245-1 chromium-browser -- several vulnerabilities | ||
Description: | Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1292 Use-after-free vulnerability in the frame-loader implementation in Google Chrome allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-1293 Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-1440 Use-after-free vulnerability in Google Chrome allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets token sequences. CVE-2011-1444 Race condition in the sandbox launcher implementation in Google Chrome on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-1797 Google Chrome does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-1799 Google Chrome does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2245-1 CVE-2011-1292 CVE-2011-1293 CVE-2011-1440 CVE-2011-1444 CVE-2011-1797 CVE-2011-1799 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | chromium-browser |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13876 | |||
Oval ID: | oval:org.mitre.oval:def:13876 | ||
Title: | Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
Description: | Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1292 | Version: | 15 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14029 | |||
Oval ID: | oval:org.mitre.oval:def:14029 | ||
Title: | Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
Description: | Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1799 | Version: | 15 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14083 | |||
Oval ID: | oval:org.mitre.oval:def:14083 | ||
Title: | Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. | ||
Description: | Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1440 | Version: | 15 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14367 | |||
Oval ID: | oval:org.mitre.oval:def:14367 | ||
Title: | Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
Description: | Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1293 | Version: | 15 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14372 | |||
Oval ID: | oval:org.mitre.oval:def:14372 | ||
Title: | DEPRECATED: Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
Description: | Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1444 | Version: | 13 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-05-24 | Name : Apple Safari Multiple Vulnerabilities - Oct 2011 (Windows) File : nvt/secpod_apple_safari_mult_vuln_win_oct11.nasl |
2011-10-20 | Name : Apple iTunes Multiple Vulnerabilities - Oct 11 File : nvt/gb_apple_itunes_mult_vuln_oct11_win.nasl |
2011-10-20 | Name : Apple MAC OS X v10.6.8 Safari Multiple Vulnerabilities File : nvt/gb_safari_mult_vuln_macosx.nasl |
2011-08-12 | Name : Apple Safari Multiple Vulnerabilities - July 2011 (Mac OS X) File : nvt/gb_apple_safari_mult_vuln_july11_macosx.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2245-1 (chromium-browser) File : nvt/deb_2245_1.nasl |
2011-07-27 | Name : Apple Safari Multiple Vulnerabilities - July 2011 File : nvt/secpod_apple_safari_mult_vuln_july11.nasl |
2011-05-26 | Name : Google Chrome Multiple Denial of Service Vulnerabilities - May11 (Linux) File : nvt/gb_google_chrome_mult_dos_vuln_may11_lin.nasl |
2011-05-26 | Name : Google Chrome Multiple Denial of Service Vulnerabilities - May11 (Windows) File : nvt/gb_google_chrome_mult_dos_vuln_may11_win.nasl |
2011-05-11 | Name : Google Chrome multiple vulnerabilities - May11 (Linux) File : nvt/gb_google_chrome_mult_vuln_may11_lin.nasl |
2011-05-11 | Name : Google Chrome multiple vulnerabilities - May11 (Windows) File : nvt/gb_google_chrome_mult_vuln_may11_win.nasl |
2011-04-01 | Name : Google Chrome multiple vulnerabilities - March 11 (Linux) File : nvt/secpod_google_chrome_mult_vuln_mar11_lin.nasl |
2011-04-01 | Name : Google Chrome multiple vulnerabilities - March 11 (Windows) File : nvt/secpod_google_chrome_mult_vuln_mar11_win.nasl |
2011-01-24 | Name : FreeBSD Ports: chromium File : nvt/freebsd_chromium.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
74016 | Apple Safari WebKit Unspecified Memory Corruption (2011-1797) A memory corruption flaw exists in Apple Safari. The WebKit component fails to sanitize unspecified user-supplied input, resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can execute arbitrary code. |
72369 | Google Chrome WebKit Glue Incorrect Type Cast DoS Google Chrome contains a flaw related to WebKit glue causing incorrect type casts that may allow an attacker to cause a denial of service or have other unspecified impact. No further details have been provided. |
72266 | Google Chrome Frame Loader Use-after-free DoS Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when by an unspecified issue in the Frame Loader, and will result in loss of availability for the application. |
72265 | Google Chrome HTMLCollection Use-after-free DoS Chrome contains a flaw that may allow a remote denial of service. The issue is triggered by an unspecified HTMLCollection issue, and will result in loss of availability for the application. |
72209 | Google Chrome Sandbox Launcher Race Condition Unspecified DoS Google Chrome contains a race condition flaw in the sandbox launcher that may allow a remote attacker to cause a denial of service or have other unspecified impact. No further details have been provided. |
72205 | Google Chrome <ruby> Tag / CSS Use-after-free Unspecified DoS Google Chrome contains a user-after-free error related to the '<ruby>' tag and CSS that may allow a remote attacker to cause a denial of service or have other unspecified impact. No further details have been provided. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-03-15 | Google Chrome and Apple Safari Ruby before and after memory corruption RuleID : 29755 - Revision : 2 - Type : BROWSER-CHROME |
2014-01-10 | Google Chrome and Apple Safari Ruby before and after memory corruption RuleID : 20579 - Revision : 8 - Type : BROWSER-CHROME |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-11-02 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201111-01.nasl - Type : ACT_GATHER_INFO |
2011-10-13 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari5_1_1.nasl - Type : ACT_GATHER_INFO |
2011-10-13 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_5_1_1.nasl - Type : ACT_GATHER_INFO |
2011-10-12 | Name : The remote host contains a multimedia application that has multiple vulnerabi... File : itunes_10_5.nasl - Type : ACT_GATHER_INFO |
2011-10-12 | Name : The remote host contains a multimedia application that has multiple vulnerabi... File : itunes_10_5_banner.nasl - Type : ACT_GATHER_INFO |
2011-07-21 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari5_1.nasl - Type : ACT_GATHER_INFO |
2011-07-21 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_5_1.nasl - Type : ACT_GATHER_INFO |
2011-06-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2245.nasl - Type : ACT_GATHER_INFO |
2011-05-12 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_11_0_696_68.nasl - Type : ACT_GATHER_INFO |
2011-04-27 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_11_0_696_57.nasl - Type : ACT_GATHER_INFO |
2011-03-25 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_10_0_648_204.nasl - Type : ACT_GATHER_INFO |
2010-12-08 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_6887828f022911e0b84d00262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:30:12 |
|