Executive Summary
Summary | |
---|---|
Title | Chromium: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201408-16 | First vendor Publication | 2014-08-30 |
Vendor | Gentoo | Last vendor Modification | 2014-08-30 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to execute arbitrary code. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201408-16.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201408-16.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
32 % | CWE-399 | Resource Management Errors |
13 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
13 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
11 % | CWE-20 | Improper Input Validation |
8 % | CWE-264 | Permissions, Privileges, and Access Controls |
8 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
5 % | CWE-416 | Use After Free |
5 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
3 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
3 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:22007 | |||
Oval ID: | oval:org.mitre.oval:def:22007 | ||
Title: | A use-after-free issue in web database | ||
Description: | Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of scheduled tasks during shutdown of a thread. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1702 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22190 | |||
Oval ID: | oval:org.mitre.oval:def:22190 | ||
Title: | Multiple security vulnerabilities in the V8 | ||
Description: | Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1704 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22444 | |||
Oval ID: | oval:org.mitre.oval:def:22444 | ||
Title: | Use-after-free in speech | ||
Description: | Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of a certain utterance data structure. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1700 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22625 | |||
Oval ID: | oval:org.mitre.oval:def:22625 | ||
Title: | A sandbox-bypass issue exists due to a use-after-free in web sockets | ||
Description: | Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDrop function in content/browser/renderer_host/websocket_dispatcher_host.cc in the Web Sockets implementation in Google Chrome before 33.0.1750.149 might allow remote attackers to bypass the sandbox protection mechanism by leveraging an incorrect deletion in a certain failure case. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1703 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22690 | |||
Oval ID: | oval:org.mitre.oval:def:22690 | ||
Title: | A cross-site scripting issue in events | ||
Description: | The GenerateFunction function in bindings/scripts/code_generator_v8.pm in Blink, as used in Google Chrome before 33.0.1750.149, does not implement a certain cross-origin restriction for the EventTarget::dispatchEvent function, which allows remote attackers to conduct Universal XSS (UXSS) attacks via vectors involving events. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1701 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23458 | |||
Oval ID: | oval:org.mitre.oval:def:23458 | ||
Title: | Directory traversal issue in Google Chrome before 33.0.1750.154 on Windows | ||
Description: | Directory traversal vulnerability in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows has unspecified impact and attack vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1715 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23718 | |||
Oval ID: | oval:org.mitre.oval:def:23718 | ||
Title: | Multiple unspecified vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1729) | ||
Description: | Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, as used in Google Chrome before 34.0.1847.116, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1729 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23760 | |||
Oval ID: | oval:org.mitre.oval:def:23760 | ||
Title: | Windows clipboard vulnerability in Google Chrome before 33.0.1750.154 | ||
Description: | The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scoped_clipboard_writer.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does not verify a certain format value, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the clipboard. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1714 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23829 | |||
Oval ID: | oval:org.mitre.oval:def:23829 | ||
Title: | Multiple unspecified vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1728) | ||
Description: | Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1728 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23895 | |||
Oval ID: | oval:org.mitre.oval:def:23895 | ||
Title: | Vulnerability in Google Chrome before 35.0.1916.114 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer | ||
Description: | The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1746 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23944 | |||
Oval ID: | oval:org.mitre.oval:def:23944 | ||
Title: | Vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1726) | ||
Description: | The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1726 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23988 | |||
Oval ID: | oval:org.mitre.oval:def:23988 | ||
Title: | Use-after-free vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1720) | ||
Description: | Use-after-free vulnerability in the HTMLBodyElement::insertedInto function in core/html/HTMLBodyElement.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attributes. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1720 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24003 | |||
Oval ID: | oval:org.mitre.oval:def:24003 | ||
Title: | Memory corruption in V8 in Google Chrome before 33.0.1750.154 on Windows | ||
Description: | Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1705 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24105 | |||
Oval ID: | oval:org.mitre.oval:def:24105 | ||
Title: | Use-after-free in Blink bindings in Google Chrome before 33.0.1750.154 on Windows | ||
Description: | Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1713 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24125 | |||
Oval ID: | oval:org.mitre.oval:def:24125 | ||
Title: | Vulnerability in Google Chrome before 35.0.1916.114 allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame | ||
Description: | The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1748 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24130 | |||
Oval ID: | oval:org.mitre.oval:def:24130 | ||
Title: | Cross-site scripting vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1716) | ||
Description: | Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1716 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24207 | |||
Oval ID: | oval:org.mitre.oval:def:24207 | ||
Title: | Vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1725) | ||
Description: | The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome before 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via a window.atob method call. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1725 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24243 | |||
Oval ID: | oval:org.mitre.oval:def:24243 | ||
Title: | Vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1717) | ||
Description: | Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1717 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24278 | |||
Oval ID: | oval:org.mitre.oval:def:24278 | ||
Title: | Use-after-free vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1722) | ||
Description: | Use-after-free vulnerability in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving addition of a child node. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1722 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24361 | |||
Oval ID: | oval:org.mitre.oval:def:24361 | ||
Title: | DSA-2883-1 chromium-browser - security update | ||
Description: | Several vulnerabilities have been discovered in the chromium web browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2883-1 CVE-2013-6653 CVE-2013-6654 CVE-2013-6655 CVE-2013-6656 CVE-2013-6657 CVE-2013-6658 CVE-2013-6659 CVE-2013-6660 CVE-2013-6661 CVE-2013-6663 CVE-2013-6664 CVE-2013-6665 CVE-2013-6666 CVE-2013-6667 CVE-2013-6668 CVE-2014-1700 CVE-2014-1701 CVE-2014-1702 CVE-2014-1703 CVE-2014-1704 CVE-2014-1705 CVE-2014-1713 CVE-2014-1715 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | chromium-browser |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24516 | |||
Oval ID: | oval:org.mitre.oval:def:24516 | ||
Title: | Vulnerability in Google Chrome before 35.0.1916.114 allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content | ||
Description: | Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1747 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24525 | |||
Oval ID: | oval:org.mitre.oval:def:24525 | ||
Title: | Use-after-free vulnerability in Google Chrome before 35.0.1916.114 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact | ||
Description: | Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers tree mutation. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1743 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24532 | |||
Oval ID: | oval:org.mitre.oval:def:24532 | ||
Title: | Use-after-free vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1724) | ||
Description: | Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1724 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24546 | |||
Oval ID: | oval:org.mitre.oval:def:24546 | ||
Title: | Use-after-free vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1727) | ||
Description: | Use-after-free vulnerability in content/renderer/renderer_webcolorchooser_impl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1727 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24578 | |||
Oval ID: | oval:org.mitre.oval:def:24578 | ||
Title: | Use-after-free vulnerability in Google Chrome before 34.0.1847.137 on Windows (CVE-2014-1742) | ||
Description: | Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1742 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24583 | |||
Oval ID: | oval:org.mitre.oval:def:24583 | ||
Title: | Integer overflow vulnerability in Google Chrome before 35.0.1916.114 allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
Description: | Integer overflow in the AudioInputRendererHost::OnCreateStream function in content/browser/renderer_host/media/audio_input_renderer_host.cc in Google Chrome before 35.0.1916.114 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large shared-memory allocation. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1744 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24594 | |||
Oval ID: | oval:org.mitre.oval:def:24594 | ||
Title: | Vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1723) | ||
Description: | The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Google Chrome before 34.0.1847.116 does not properly handle bidirectional Internationalized Resource Identifiers (IRIs), which makes it easier for remote attackers to spoof URLs via crafted use of right-to-left (RTL) Unicode text. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1723 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24602 | |||
Oval ID: | oval:org.mitre.oval:def:24602 | ||
Title: | Vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1721) | ||
Description: | Google V8, as used in Google Chrome before 34.0.1847.116, does not properly implement lazy deoptimization, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by improper handling of a heap allocation of a number outside the Small Integer (aka smi) range. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1721 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24608 | |||
Oval ID: | oval:org.mitre.oval:def:24608 | ||
Title: | Use-after-free vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1719) | ||
Description: | Use-after-free vulnerability in the WebSharedWorkerStub::OnTerminateWorkerContext function in content/worker/websharedworker_stub.cc in the Web Workers implementation in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger a SharedWorker termination during script loading. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1719 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24669 | |||
Oval ID: | oval:org.mitre.oval:def:24669 | ||
Title: | Vulnerability in Google Chrome before 34.0.1847.116 on Windows (CVE-2014-1718) | ||
Description: | Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/renderer_host/software_frame_manager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted mapping of a large amount of renderer memory. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1718 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24693 | |||
Oval ID: | oval:org.mitre.oval:def:24693 | ||
Title: | Use-after-free vulnerability in Google Chrome before 34.0.1847.137 on Windows (CVE-2014-1740) | ||
Description: | Multiple use-after-free vulnerabilities in net/websockets/websocket_job.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob deletion. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1740 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24715 | |||
Oval ID: | oval:org.mitre.oval:def:24715 | ||
Title: | Multiple integer overflow vulnerability in Google Chrome before 34.0.1847.137 on Windows | ||
Description: | Multiple integer overflows in the replace-data functionality in the CharacterData interface implementation in core/dom/CharacterData.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to ranges. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1741 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24746 | |||
Oval ID: | oval:org.mitre.oval:def:24746 | ||
Title: | Use-after-free vulnerability in Google Chrome before 35.0.1916.114 allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
Description: | Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1745 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24782 | |||
Oval ID: | oval:org.mitre.oval:def:24782 | ||
Title: | Vulnerability in Google Chrome before 36.0.1985.125, allow attackers to cause a denial of service or possibly have other impact | ||
Description: | Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.125 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3162 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24791 | |||
Oval ID: | oval:org.mitre.oval:def:24791 | ||
Title: | Vulnerability in Google Chrome before 35.0.1916.153, allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
Description: | Buffer overflow in the clipboard implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unexpected bitmap data, related to content/renderer/renderer_clipboard_client.cc and content/renderer/webclipboard_impl.cc. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3156 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24831 | |||
Oval ID: | oval:org.mitre.oval:def:24831 | ||
Title: | Heap-based buffer overflow vulnerability in Google Chrome before 35.0.1916.153, allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
Description: | Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3157 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24855 | |||
Oval ID: | oval:org.mitre.oval:def:24855 | ||
Title: | Vulnerability in Google Chrome before 36.0.1985.125, allows remote attackers to bypass the Same Origin Policy via a crafted file | ||
Description: | The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3160 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25017 | |||
Oval ID: | oval:org.mitre.oval:def:25017 | ||
Title: | Vulnerability in Google Chrome before 35.0.1916.153, allows remote attackers to cause a denial of service (out-of-bounds read) | ||
Description: | net/spdy/spdy_write_queue.cc in the SPDY implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging incorrect queue maintenance. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3155 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25028 | |||
Oval ID: | oval:org.mitre.oval:def:25028 | ||
Title: | Use-after-free vulnerability in Google Chrome before 35.0.1916.153, allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
Description: | Use-after-free vulnerability in the ChildThread::Shutdown function in content/child/child_thread.cc in the filesystem API in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a Blink shutdown. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3154 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25078 | |||
Oval ID: | oval:org.mitre.oval:def:25078 | ||
Title: | DSA-2959-1 chromium-browser - security update | ||
Description: | Several vulnerabilities have been discovered in the chromium web browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2959-1 CVE-2014-3154 CVE-2014-3155 CVE-2014-3156 CVE-2014-3157 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | chromium-browser |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25510 | |||
Oval ID: | oval:org.mitre.oval:def:25510 | ||
Title: | Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143 | ||
Description: | Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an unexpectedly long lifetime of a temporary object during method completion. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3165 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25735 | |||
Oval ID: | oval:org.mitre.oval:def:25735 | ||
Title: | The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation | ||
Description: | The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as demonstrated by a chrome:// URL. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3172 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25970 | |||
Oval ID: | oval:org.mitre.oval:def:25970 | ||
Title: | Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.143 allow attackers to cause a denial of service or possibly have other impact via unknown vectors | ||
Description: | Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.143 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3167 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26033 | |||
Oval ID: | oval:org.mitre.oval:def:26033 | ||
Title: | The WebGL implementation in Google Chrome before 37.0.2062.94 does not ensure that clear calls interact properly with the state of a draw buffer | ||
Description: | The WebGL implementation in Google Chrome before 37.0.2062.94 does not ensure that clear calls interact properly with the state of a draw buffer, which allows remote attackers to cause a denial of service (read of uninitialized memory) via a crafted CANVAS element, related to gpu/command_buffer/service/framebuffer_manager.cc and gpu/command_buffer/service/gles2_cmd_decoder.cc. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3173 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26114 | |||
Oval ID: | oval:org.mitre.oval:def:26114 | ||
Title: | Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8 | ||
Description: | Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3177 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26311 | |||
Oval ID: | oval:org.mitre.oval:def:26311 | ||
Title: | The Public Key Pinning (PKP) implementation in Google Chrome before 36.0.1985.143 on Windows does not correctly consider the properties of SPDY connections | ||
Description: | The Public Key Pinning (PKP) implementation in Google Chrome before 36.0.1985.143 on Windows, OS X, and Linux, and before 36.0.1985.135 on Android, does not correctly consider the properties of SPDY connections, which allows remote attackers to obtain sensitive information by leveraging the use of multiple domain names. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3166 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26339 | |||
Oval ID: | oval:org.mitre.oval:def:26339 | ||
Title: | extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name | ||
Description: | extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3170 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26403 | |||
Oval ID: | oval:org.mitre.oval:def:26403 | ||
Title: | Allows attackers to cause a denial of service or possibly have other impact | ||
Description: | Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1735 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26543 | |||
Oval ID: | oval:org.mitre.oval:def:26543 | ||
Title: | Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94 | ||
Description: | Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging script execution that occurs before notification of node removal. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3169 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26585 | |||
Oval ID: | oval:org.mitre.oval:def:26585 | ||
Title: | modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients | ||
Description: | modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service (read of uninitialized memory) via crafted API calls. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3174 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26624 | |||
Oval ID: | oval:org.mitre.oval:def:26624 | ||
Title: | USN-2320-1 -- oxide-qt vulnerabilities | ||
Description: | Several security issues were fixed in Oxide. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2320-1 CVE-2014-3165 CVE-2014-3166 CVE-2014-3167 | Version: | 3 |
Platform(s): | Ubuntu 14.04 | Product(s): | oxide-qt |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26628 | |||
Oval ID: | oval:org.mitre.oval:def:26628 | ||
Title: | DEPRECATED: SUSE-SU-2014:1035-1 -- Security update for flash-player | ||
Description: | This flash-player update fixes the several security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1035-1 CVE-2014-0540 CVE-2014-0542 CVE-2014-0543 CVE-2014-0544 CVE-2014-0545 CVE-2014-0541 CVE-2014-0538 | Version: | 4 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | flash-player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26639 | |||
Oval ID: | oval:org.mitre.oval:def:26639 | ||
Title: | Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors | ||
Description: | Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors, related to the load_truetype_glyph function in truetype/ttgload.c in FreeType and other functions in other components. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3175 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26647 | |||
Oval ID: | oval:org.mitre.oval:def:26647 | ||
Title: | Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8 | ||
Description: | Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3176 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26658 | |||
Oval ID: | oval:org.mitre.oval:def:26658 | ||
Title: | Allows attackers to cause a denial of service or possibly have other impact | ||
Description: | Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1734 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26672 | |||
Oval ID: | oval:org.mitre.oval:def:26672 | ||
Title: | Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94 | ||
Description: | Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper caching associated with animation. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3168 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26678 | |||
Oval ID: | oval:org.mitre.oval:def:26678 | ||
Title: | USN-2326-1 -- oxide-qt vulnerabilities | ||
Description: | Several security issues were fixed in Oxide. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2326-1 CVE-2014-3168 CVE-2014-3169 CVE-2014-3171 CVE-2014-3173 CVE-2014-3174 CVE-2014-3175 | Version: | 3 |
Platform(s): | Ubuntu 14.04 | Product(s): | oxide-qt |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26727 | |||
Oval ID: | oval:org.mitre.oval:def:26727 | ||
Title: | Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062.94 | ||
Description: | Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper use of HashMap add operations instead of HashMap set operations, related to bindings/core/v8/DOMWrapperMap.h and bindings/core/v8/SerializedScriptValue.cpp. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-3171 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26738 | |||
Oval ID: | oval:org.mitre.oval:def:26738 | ||
Title: | Allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
Description: | core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1731 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26766 | |||
Oval ID: | oval:org.mitre.oval:def:26766 | ||
Title: | Allows remote attackers to bypass intended sandbox restrictions | ||
Description: | The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1733 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26790 | |||
Oval ID: | oval:org.mitre.oval:def:26790 | ||
Title: | Allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values | ||
Description: | Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1730 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26793 | |||
Oval ID: | oval:org.mitre.oval:def:26793 | ||
Title: | Allows attackers to cause a denial of service or possibly have other impact | ||
Description: | Multiple unspecified vulnerabilities in Google Chrome before 35.0.1916.114 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1749 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26835 | |||
Oval ID: | oval:org.mitre.oval:def:26835 | ||
Title: | Allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
Description: | Use-after-free vulnerability in browser/ui/views/speech_recognition_bubble_views.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that triggers the presence of a Speech Recognition Bubble window for an incorrect duration. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1732 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26859 | |||
Oval ID: | oval:org.mitre.oval:def:26859 | ||
Title: | SUSE-SU-2014:1035-1 -- Security update for flash-player | ||
Description: | This flash-player update fixes the several security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1035-1 CVE-2014-0540 CVE-2014-0542 CVE-2014-0543 CVE-2014-0544 CVE-2014-0545 CVE-2014-0541 CVE-2014-0538 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | flash-player |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-07-24 | IAVM : 2014-B-0100 - Multiple Security Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0053311 |
2014-06-12 | IAVM : 2014-B-0071 - Multiple Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0052483 |
2014-05-22 | IAVM : 2014-B-0060 - Multiple Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0050897 |
2014-05-15 | IAVM : 2014-B-0056 - Multiple Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0050433 |
2014-05-01 | IAVM : 2014-B-0048 - Multiple Security Vulnerabilities in Apple iOS Severity : Category I - VMSKEY : V0050015 |
2014-05-01 | IAVM : 2014-B-0049 - Multiple Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0050017 |
2014-04-10 | IAVM : 2014-B-0039 - Multiple Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0048683 |
2014-03-20 | IAVM : 2014-B-0031 - Multiple Security Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0046767 |
2014-03-13 | IAVM : 2014-B-0026 - Multiple Security Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0046159 |
Snort® IPS/IDS
Date | Description |
---|---|
2018-07-26 | Google Chrome V8 __defineGetter__ memory corruption attempt RuleID : 47019 - Revision : 3 - Type : BROWSER-CHROME |
2018-07-26 | Google Chrome V8 __defineGetter__ memory corruption attempt RuleID : 47018 - Revision : 3 - Type : BROWSER-CHROME |
2014-11-25 | Google Chrome Blink locationAttributeSetter use after free attempt RuleID : 32320 - Revision : 4 - Type : BROWSER-CHROME |
2014-11-25 | Google Chrome Blink locationAttributeSetter use after free attempt RuleID : 32319 - Revision : 4 - Type : BROWSER-CHROME |
2014-11-16 | Adobe Flash Player MMgc use-after-free attempt RuleID : 31733 - Revision : 3 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player MMgc use-after-free attempt RuleID : 31732 - Revision : 3 - Type : FILE-FLASH |
2014-01-10 | MHTML XSS attempt RuleID : 20133 - Revision : 10 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-04-01 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-412.nasl - Type : ACT_GATHER_INFO |
2016-04-01 | Name : The remote Fedora host is missing a security update. File : fedora_2016-9ec1850fff.nasl - Type : ACT_GATHER_INFO |
2016-03-28 | Name : The remote Fedora host is missing a security update. File : fedora_2016-fde7ffcb77.nasl - Type : ACT_GATHER_INFO |
2016-03-28 | Name : The remote Fedora host is missing a security update. File : fedora_2016-a4fcb02d6b.nasl - Type : ACT_GATHER_INFO |
2016-03-23 | Name : The remote Fedora host is missing a security update. File : fedora_2016-5d6d75dbea.nasl - Type : ACT_GATHER_INFO |
2016-03-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2937-1.nasl - Type : ACT_GATHER_INFO |
2016-03-21 | Name : The remote Fedora host is missing a security update. File : fedora_2016-1a7f7ffb58.nasl - Type : ACT_GATHER_INFO |
2016-02-05 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_1091d2d1cb2e11e5b14bbcaec565249c.nasl - Type : ACT_GATHER_INFO |
2014-12-16 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : macosx_Safari8_0_2.nasl - Type : ACT_GATHER_INFO |
2014-10-21 | Name : The remote host contains an application that is affected by multiple vulnerab... File : itunes_12_0_1_banner.nasl - Type : ACT_GATHER_INFO |
2014-10-21 | Name : The remote host contains an application that is affected by multiple vulnerab... File : itunes_12_0_1.nasl - Type : ACT_GATHER_INFO |
2014-09-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3039.nasl - Type : ACT_GATHER_INFO |
2014-09-23 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-550.nasl - Type : ACT_GATHER_INFO |
2014-09-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2326-1.nasl - Type : ACT_GATHER_INFO |
2014-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-16.nasl - Type : ACT_GATHER_INFO |
2014-08-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_fd5f305d2d3d11e4aa3d00262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-08-27 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_37_0_2062_94.nasl - Type : ACT_GATHER_INFO |
2014-08-27 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_37_0_2062_94.nasl - Type : ACT_GATHER_INFO |
2014-08-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2320-1.nasl - Type : ACT_GATHER_INFO |
2014-08-19 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_flash-player-140814.nasl - Type : ACT_GATHER_INFO |
2014-08-15 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-494.nasl - Type : ACT_GATHER_INFO |
2014-08-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-05.nasl - Type : ACT_GATHER_INFO |
2014-08-14 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-1051.nasl - Type : ACT_GATHER_INFO |
2014-08-14 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_df7754c0229411e4b505000c6e25e3e9.nasl - Type : ACT_GATHER_INFO |
2014-08-13 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_36_0_1985_143.nasl - Type : ACT_GATHER_INFO |
2014-08-13 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_36_0_1985_143.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote host has an ActiveX control installed that is affected by multiple... File : smb_kb2982794.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-483.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote Mac OS X host has a browser plugin that is affected by multiple vu... File : macosx_flash_player_14_0_0_176.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote Mac OS X host contains a version of Adobe AIR that is affected by ... File : macosx_adobe_air_14_0_0_178.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote Windows host has a browser plugin that is affected by multiple vul... File : flash_player_apsb14-18.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote Windows host contains a version of Adobe AIR that is affected by m... File : adobe_air_apsb14-18.nasl - Type : ACT_GATHER_INFO |
2014-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2298-1.nasl - Type : ACT_GATHER_INFO |
2014-07-18 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_3718833e0d2711e489db000c6e25e3e9.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_36_0_1985_125.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_36_0_1985_125.nasl - Type : ACT_GATHER_INFO |
2014-06-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2959.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-420.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-371.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-370.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-330.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-280.nasl - Type : ACT_GATHER_INFO |
2014-06-12 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_0b0fb9b0f0fb11e39bcd000c6e25e3e9.nasl - Type : ACT_GATHER_INFO |
2014-06-11 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_35_0_1916_153.nasl - Type : ACT_GATHER_INFO |
2014-06-11 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_35_0_1916_153.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : opera_2200.nasl - Type : ACT_GATHER_INFO |
2014-06-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2939.nasl - Type : ACT_GATHER_INFO |
2014-05-22 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : macosx_Safari7_0_4.nasl - Type : ACT_GATHER_INFO |
2014-05-21 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_35_0_1916_114.nasl - Type : ACT_GATHER_INFO |
2014-05-21 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_35_0_1916_114.nasl - Type : ACT_GATHER_INFO |
2014-05-21 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_64f3872be05d11e39dd400262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-05-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2930.nasl - Type : ACT_GATHER_INFO |
2014-05-15 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_cdf450fcdb5211e3a9fc00262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-05-14 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_34_0_1847_137.nasl - Type : ACT_GATHER_INFO |
2014-05-14 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_34_0_1847_137.nasl - Type : ACT_GATHER_INFO |
2014-05-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2920.nasl - Type : ACT_GATHER_INFO |
2014-05-01 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_7cf25a0cd03111e3947b00262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-04-25 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_34_0_1847_131.nasl - Type : ACT_GATHER_INFO |
2014-04-25 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_34_0_1847_131.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2905.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4625.nasl - Type : ACT_GATHER_INFO |
2014-04-09 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_963413a5bf5011e3a2d600262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_34_0_1847_116.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_34_0_1847_116.nasl - Type : ACT_GATHER_INFO |
2014-04-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-4081.nasl - Type : ACT_GATHER_INFO |
2014-04-02 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : macosx_Safari7_0_3.nasl - Type : ACT_GATHER_INFO |
2014-03-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2883.nasl - Type : ACT_GATHER_INFO |
2014-03-18 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_33_0_1750_152.nasl - Type : ACT_GATHER_INFO |
2014-03-18 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_33_0_1750_154.nasl - Type : ACT_GATHER_INFO |
2014-03-17 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a70966a1ac2211e38d0400262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-03-12 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_24cefa4ba94011e391f200262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-03-11 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_33_0_1750_149.nasl - Type : ACT_GATHER_INFO |
2014-03-11 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_33_0_1750_149.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-08-31 13:25:15 |
|
2014-08-30 05:23:30 |
|