Executive Summary
Summary | |
---|---|
Title | chromium-browser security update |
Informations | |||
---|---|---|---|
Name | DSA-2883 | First vendor Publication | 2014-03-23 |
Vendor | Debian | Last vendor Modification | 2014-03-23 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser. CVE-2013-6654 TheShow3511 discovered an issue in SVG handling. CVE-2013-6655 cloudfuzzer discovered a use-after-free issue in dom event handling. CVE-2013-6656 NeexEmil discovered an information leak in the XSS auditor. CVE-2013-6657 NeexEmil discovered a way to bypass the Same Origin policy in the XSS auditor. CVE-2013-6658 cloudfuzzer discovered multiple use-after-free issues surrounding the updateWidgetPositions function. CVE-2013-6659 Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was possible to trigger an unexpected certificate chain during TLS renegotiation. CVE-2013-6660 bishopjeffreys discovered an information leak in the drag and drop implementation. CVE-2013-6661 The Google Chrome team discovered and fixed multiple issues in version 33.0.1750.117. CVE-2013-6663 Atte Kettunen discovered a use-after-free issue in SVG handling. CVE-2013-6664 Khalil Zhani discovered a use-after-free issue in the speech recognition feature. CVE-2013-6665 cloudfuzzer discovered a buffer overflow issue in the software renderer. CVE-2013-6666 netfuzzer discovered a restriction bypass in the Pepper Flash plugin. CVE-2013-6667 The Google Chrome team discovered and fixed multiple issues in version 33.0.1750.146. CVE-2013-6668 Multiple vulnerabilities were fixed in version 3.24.35.10 of the V8 javascript library. CVE-2014-1700 Chamal de Silva discovered a use-after-free issue in speech synthesis. CVE-2014-1701 aidanhs discovered a cross-site scripting issue in event handling. CVE-2014-1702 Colin Payne discovered a use-after-free issue in the web database implementation. CVE-2014-1703 VUPEN discovered a use-after-free issue in web sockets that could lead to a sandbox escape. CVE-2014-1704 Multiple vulnerabilities were fixed in version 3.23.17.18 of the V8 javascript library. CVE-2014-1705 A memory corruption issue was discovered in the V8 javascript library. CVE-2014-1713 A use-after-free issue was discovered in the AttributeSetter function. CVE-2014-1715 A directory traversal issue was found and fixed. For the stable distribution (wheezy), these problems have been fixed in version 33.0.1750.152-1~deb7u1. For the testing distribution (jessie), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 33.0.1750.152-1. We recommend that you upgrade your chromium-browser packages. |
Original Source
Url : http://www.debian.org/security/2014/dsa-2883 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
42 % | CWE-399 | Resource Management Errors |
16 % | CWE-264 | Permissions, Privileges, and Access Controls |
5 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
5 % | CWE-416 | Use After Free |
5 % | CWE-310 | Cryptographic Issues |
5 % | CWE-200 | Information Exposure |
5 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
5 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
5 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
5 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:21971 | |||
Oval ID: | oval:org.mitre.oval:def:21971 | ||
Title: | Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout. | ||
Description: | Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6655 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22007 | |||
Oval ID: | oval:org.mitre.oval:def:22007 | ||
Title: | A use-after-free issue in web database | ||
Description: | Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of scheduled tasks during shutdown of a thread. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1702 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22190 | |||
Oval ID: | oval:org.mitre.oval:def:22190 | ||
Title: | Multiple security vulnerabilities in the V8 | ||
Description: | Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1704 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22435 | |||
Oval ID: | oval:org.mitre.oval:def:22435 | ||
Title: | Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running JavaScript code during execution of the updateWidgetPositions function or (2) making a call into a plugin during execution of the updateWidgetPositions function. | ||
Description: | Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running JavaScript code during execution of the updateWidgetPositions function or (2) making a call into a plugin during execution of the updateWidgetPositions function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6658 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22438 | |||
Oval ID: | oval:org.mitre.oval:def:22438 | ||
Title: | The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||
Description: | The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6656 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22444 | |||
Oval ID: | oval:org.mitre.oval:def:22444 | ||
Title: | Use-after-free in speech | ||
Description: | Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of a certain utterance data structure. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1700 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22517 | |||
Oval ID: | oval:org.mitre.oval:def:22517 | ||
Title: | core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. | ||
Description: | core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6657 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22591 | |||
Oval ID: | oval:org.mitre.oval:def:22591 | ||
Title: | The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of service (incorrect cast) or possibly have unspecified other impact via unknown vectors. | ||
Description: | The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of service (incorrect cast) or possibly have unspecified other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6654 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22625 | |||
Oval ID: | oval:org.mitre.oval:def:22625 | ||
Title: | A sandbox-bypass issue exists due to a use-after-free in web sockets | ||
Description: | Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDrop function in content/browser/renderer_host/websocket_dispatcher_host.cc in the Web Sockets implementation in Google Chrome before 33.0.1750.149 might allow remote attackers to bypass the sandbox protection mechanism by leveraging an incorrect deletion in a certain failure case. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1703 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22653 | |||
Oval ID: | oval:org.mitre.oval:def:22653 | ||
Title: | Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the color chooser. | ||
Description: | Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the color chooser. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6653 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22690 | |||
Oval ID: | oval:org.mitre.oval:def:22690 | ||
Title: | A cross-site scripting issue in events | ||
Description: | The GenerateFunction function in bindings/scripts/code_generator_v8.pm in Blink, as used in Google Chrome before 33.0.1750.149, does not implement a certain cross-origin restriction for the EventTarget::dispatchEvent function, which allows remote attackers to conduct Universal XSS (UXSS) attacks via vectors involving events. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1701 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23458 | |||
Oval ID: | oval:org.mitre.oval:def:23458 | ||
Title: | Directory traversal issue in Google Chrome before 33.0.1750.154 on Windows | ||
Description: | Directory traversal vulnerability in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows has unspecified impact and attack vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1715 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24003 | |||
Oval ID: | oval:org.mitre.oval:def:24003 | ||
Title: | Memory corruption in V8 in Google Chrome before 33.0.1750.154 on Windows | ||
Description: | Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1705 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24105 | |||
Oval ID: | oval:org.mitre.oval:def:24105 | ||
Title: | Use-after-free in Blink bindings in Google Chrome before 33.0.1750.154 on Windows | ||
Description: | Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1713 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24361 | |||
Oval ID: | oval:org.mitre.oval:def:24361 | ||
Title: | DSA-2883-1 chromium-browser - security update | ||
Description: | Several vulnerabilities have been discovered in the chromium web browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2883-1 CVE-2013-6653 CVE-2013-6654 CVE-2013-6655 CVE-2013-6656 CVE-2013-6657 CVE-2013-6658 CVE-2013-6659 CVE-2013-6660 CVE-2013-6661 CVE-2013-6663 CVE-2013-6664 CVE-2013-6665 CVE-2013-6666 CVE-2013-6667 CVE-2013-6668 CVE-2014-1700 CVE-2014-1701 CVE-2014-1702 CVE-2014-1703 CVE-2014-1704 CVE-2014-1705 CVE-2014-1713 CVE-2014-1715 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | chromium-browser |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26486 | |||
Oval ID: | oval:org.mitre.oval:def:26486 | ||
Title: | Allows attackers to cause a denial of service or possibly have other impact | ||
Description: | Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6668 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26584 | |||
Oval ID: | oval:org.mitre.oval:def:26584 | ||
Title: | Multiple unspecified vulnerabilities allow attackers to bypass the sandbox protection mechanism after obtaining renderer access | ||
Description: | Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6661 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26602 | |||
Oval ID: | oval:org.mitre.oval:def:26602 | ||
Title: | Allow remote attackers to bypass intended CORS restrictions via an inappropriate header | ||
Description: | The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pepper_flash_renderer_host.cc in Google Chrome before 33.0.1750.146 does not verify that all headers are Cross-Origin Resource Sharing (CORS) simple headers before proceeding with a PPB_Flash.Navigate operation, which might allow remote attackers to bypass intended CORS restrictions via an inappropriate header. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6666 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26763 | |||
Oval ID: | oval:org.mitre.oval:def:26763 | ||
Title: | Allows attackers to cause a denial of service or possibly have other impact | ||
Description: | Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.146 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6667 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26765 | |||
Oval ID: | oval:org.mitre.oval:def:26765 | ||
Title: | Allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
Description: | Use-after-free vulnerability in the SVGImage::setContainerSize function in core/svg/graphics/SVGImage.cpp in the SVG implementation in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the resizing of a view. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6663 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26772 | |||
Oval ID: | oval:org.mitre.oval:def:26772 | ||
Title: | Allows remote SSL servers to trigger use of a new certificate chain | ||
Description: | The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6659 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26812 | |||
Oval ID: | oval:org.mitre.oval:def:26812 | ||
Title: | Allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving FORM elements | ||
Description: | Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving FORM elements, as demonstrated by use of the speech-recognition feature. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6664 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26826 | |||
Oval ID: | oval:org.mitre.oval:def:26826 | ||
Title: | Allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
Description: | Heap-based buffer overflow in the ResourceProvider::InitializeSoftware function in cc/resources/resource_provider.cc in Google Chrome before 33.0.1750.146 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large texture size that triggers improper memory allocation in the software renderer. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6665 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26838 | |||
Oval ID: | oval:org.mitre.oval:def:26838 | ||
Title: | Allows remote attackers to discover full pathnames via a crafted web site | ||
Description: | The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6660 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-05-01 | IAVM : 2014-B-0048 - Multiple Security Vulnerabilities in Apple iOS Severity : Category I - VMSKEY : V0050015 |
2014-03-20 | IAVM : 2014-B-0031 - Multiple Security Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0046767 |
2014-03-13 | IAVM : 2014-B-0026 - Multiple Security Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0046159 |
2014-03-06 | IAVM : 2014-B-0023 - Multiple Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0045283 |
2014-02-27 | IAVM : 2014-B-0020 - Multiple Security Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0044539 |
Snort® IPS/IDS
Date | Description |
---|---|
2018-07-26 | Google Chrome V8 __defineGetter__ memory corruption attempt RuleID : 47019 - Revision : 3 - Type : BROWSER-CHROME |
2018-07-26 | Google Chrome V8 __defineGetter__ memory corruption attempt RuleID : 47018 - Revision : 3 - Type : BROWSER-CHROME |
2014-11-25 | Google Chrome Blink locationAttributeSetter use after free attempt RuleID : 32320 - Revision : 4 - Type : BROWSER-CHROME |
2014-11-25 | Google Chrome Blink locationAttributeSetter use after free attempt RuleID : 32319 - Revision : 4 - Type : BROWSER-CHROME |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-03-30 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2015-142.nasl - Type : ACT_GATHER_INFO |
2014-10-21 | Name : The remote host contains an application that is affected by multiple vulnerab... File : itunes_12_0_1_banner.nasl - Type : ACT_GATHER_INFO |
2014-10-21 | Name : The remote host contains an application that is affected by multiple vulnerab... File : itunes_12_0_1.nasl - Type : ACT_GATHER_INFO |
2014-09-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-11132.nasl - Type : ACT_GATHER_INFO |
2014-09-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-11065.nasl - Type : ACT_GATHER_INFO |
2014-09-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-10975.nasl - Type : ACT_GATHER_INFO |
2014-09-24 | Name : The remote device is affected by multiple vulnerabilities. File : appletv_7_0.nasl - Type : ACT_GATHER_INFO |
2014-09-18 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : macosx_Safari7_1.nasl - Type : ACT_GATHER_INFO |
2014-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-16.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-280.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-182.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4625.nasl - Type : ACT_GATHER_INFO |
2014-04-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4081.nasl - Type : ACT_GATHER_INFO |
2014-04-02 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : macosx_Safari7_0_3.nasl - Type : ACT_GATHER_INFO |
2014-03-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2883.nasl - Type : ACT_GATHER_INFO |
2014-03-18 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_33_0_1750_152.nasl - Type : ACT_GATHER_INFO |
2014-03-18 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_33_0_1750_154.nasl - Type : ACT_GATHER_INFO |
2014-03-17 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a70966a1ac2211e38d0400262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-03-12 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_24cefa4ba94011e391f200262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-03-11 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_33_0_1750_149.nasl - Type : ACT_GATHER_INFO |
2014-03-11 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_33_0_1750_149.nasl - Type : ACT_GATHER_INFO |
2014-03-07 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : opera_2000.nasl - Type : ACT_GATHER_INFO |
2014-03-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201403-01.nasl - Type : ACT_GATHER_INFO |
2014-03-06 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_b4023753a4ba11e3bec200262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_33_0_1750_146.nasl - Type : ACT_GATHER_INFO |
2014-03-04 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_33_0_1750_146.nasl - Type : ACT_GATHER_INFO |
2014-02-25 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_9dd47fa39d5311e3b20f00262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-02-21 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_33_0_1750_117.nasl - Type : ACT_GATHER_INFO |
2014-02-21 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_33_0_1750_117.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-03-26 13:21:34 |
|
2014-03-24 05:18:26 |
|