Executive Summary

Summary
Title Chromium, V8: Multiple vulnerabilities
Informations
Name GLSA-201205-04 First vendor Publication 2012-05-27
Vendor Gentoo Last vendor Modification 2012-05-27
Severity (Vendor) Normal Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code.

Background

Chromium is an open source web browser project. V8 is Google’s open source JavaScript engine.

Description

Multiple vulnerabilities have been discovered in Chromium and V8.
Please review the CVE identifiers and release notes referenced below for details.

Impact

A context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-19.0.1084.52"

All V8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/v8-3.9.24.28"

References

[ 1 ] CVE-2011-3103 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3103
[ 2 ] CVE-2011-3104 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3104
[ 3 ] CVE-2011-3105 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3105
[ 4 ] CVE-2011-3106 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3106
[ 5 ] CVE-2011-3107 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3107
[ 6 ] CVE-2011-3108 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3108
[ 7 ] CVE-2011-3109 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3109
[ 8 ] CVE-2011-3111 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3111
[ 9 ] CVE-2011-3115 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3115
[ 10 ] Release Notes 19.0.1084.52

http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201205-04.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201205-04.xml

CWE : Common Weakness Enumeration

% Id Name
57 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
43 % CWE-399 Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14947
 
Oval ID: oval:org.mitre.oval:def:14947
Title: Use-after-free vulnerability in Google Chrome before 19.0.1084.52 via vectors related to the browser cache
Description: Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute arbitrary code via vectors related to the browser cache.
Family: windows Class: vulnerability
Reference(s): CVE-2011-3108
 Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
 Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15095
 
Oval ID: oval:org.mitre.oval:def:15095
Title: Google V8, as used in Google Chrome before 19.0.1084.52, does not properly perform garbage collection
Description: Google V8, as used in Google Chrome before 19.0.1084.52, does not properly perform garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code.
Family: windows Class: vulnerability
Reference(s): CVE-2011-3103
 Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
 Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15409
 
Oval ID: oval:org.mitre.oval:def:15409
Title: Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins
Description: Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2011-3107
 Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
 Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15433
 
Oval ID: oval:org.mitre.oval:def:15433
Title: Vulnerability in Google V8, as used in Google Chrome before 19.0.1084.52 via vectors that trigger "type corruption"
Description: Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger "type corruption."
Family: windows Class: vulnerability
Reference(s): CVE-2011-3115
 Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
 Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15470
 
Oval ID: oval:org.mitre.oval:def:15470
Title: The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL
Description: The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2011-3106
 Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
 Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15471
 
Oval ID: oval:org.mitre.oval:def:15471
Title: Vulnerability in Skia, as used in Google Chrome before 19.0.1084.52
Description: Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2011-3104
 Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
 Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15535
 
Oval ID: oval:org.mitre.oval:def:15535
Title: Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 via vectors related to the :first-letter pseudo-element
Description: Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.
Family: windows Class: vulnerability
Reference(s): CVE-2011-3105
 Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
 Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15549
 
Oval ID: oval:org.mitre.oval:def:15549
Title: Vulnerability in Google V8, as used in Google Chrome before 19.0.1084.52, via unspecified vectors.
Description: Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2011-3111
 Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
 Product(s): Google Chrome
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2329

OpenVAS Exploits

Date Description
2012-10-01 Name : Apple Safari Multiple Vulnerabilities - Oct 2012 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_oct12_macosx.nasl
2012-09-17 Name : Apple iTunes Multiple Vulnerabilities - Sep 12 (Windows)
File : nvt/gb_apple_itunes_mult_vuln_sep12_win.nasl
2012-05-31 Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium11.nasl
2012-05-31 Name : Gentoo Security Advisory GLSA 201205-04 (chromium v8)
File : nvt/glsa_201205_04.nasl
2012-05-25 Name : Google Chrome Multiple Vulnerabilities(02) - May 12 (Linux)
File : nvt/secpod_google_chrome_mult_vuln_may12_lin.nasl
2012-05-25 Name : Google Chrome Multiple Vulnerabilities(02) - May 12 (Mac OS X)
File : nvt/secpod_google_chrome_mult_vuln_may12_macosx.nasl
2012-05-25 Name : Google Chrome Multiple Vulnerabilities(02) - May 12 (Windows)
File : nvt/secpod_google_chrome_mult_vuln_may12_win.nasl

Nessus® Vulnerability Scanner

Date Description
2012-09-20 Name : The remote host contains a web browser that is affected by several vulnerabil...
File : macosx_Safari6_0_1.nasl - Type : ACT_GATHER_INFO
2012-09-13 Name : The remote host contains a multimedia application that has multiple vulnerabi...
File : itunes_10_7.nasl - Type : ACT_GATHER_INFO
2012-09-13 Name : The remote host contains a multimedia application that has multiple vulnerabi...
File : itunes_10_7_banner.nasl - Type : ACT_GATHER_INFO
2012-06-21 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201205-04.nasl - Type : ACT_GATHER_INFO
2012-05-29 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_219d0bfda91511e1b51900262d5ed8ee.nasl - Type : ACT_GATHER_INFO
2012-05-24 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_19_0_1084_52.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:37:20
  • Multiple Updates