GLSA-201309-16 : Chromium, V8: Multiple vulnerabilities

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-201309-16
(Chromium, V8: Multiple vulnerabilities)

Multiple vulnerabilities have been discovered in Chromium and V8. Please
review the CVE identifiers and release notes referenced below for
details.

Impact :

A context-dependent attacker could entice a user to open a specially
crafted website or JavaScript program using Chromium or V8, possibly
resulting in the execution of arbitrary code with the privileges of the
process or a Denial of Service condition. Furthermore, a remote attacker
may be able to bypass security restrictions or have other, unspecified,
impact.

Workaround :

There is no known workaround at this time.

See also :

http://www.nessus.org/u?90289ffe
http://www.nessus.org/u?a0938983
http://www.nessus.org/u?47d38cbb
http://www.gentoo.org/security/en/glsa/glsa-201309-16.xml

Solution :

All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
'>=www-client/chromium-29.0.1457.57'
All V8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-lang/v8-3.18.5.14'

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Gentoo Local Security Checks

Nessus Plugin ID: 70112 ()

Bugtraq ID: 56413
56684
56741
56903
58318
58388
58723
58724
58725
58727
58728
58729
58730
58731
58732
58733
58734
59326
59327
59328
59330
59331
59332
59334
59336
59337
59338
59339
59340
59342
59343
59344
59345
59346
59347
59349
59351
59413
59414
59415
59416
59417
59418
59419
59420
59422
59423
59425
59427
59428
59429
59430
59431
59433
59435
59436
59437
59438
59515
59516
59518
59520
59521
59522
59523
59524
59680
59681
59682
59683
60062
60063
60064
60065
60066
60067
60068
60069
60070
60071
60072
60073
60074
60076
60395
60396
60397
60398
60399
60400
60401
60403
60404
60405
61046
61047
61049
61050
61051
61052
61054
61055
61057
61059
61060
61061
61547
61548
61549
61550
61551
61552
61885
61886
61887
61888
61889
61890
61891

CVE ID: CVE-2012-5116
CVE-2012-5117
CVE-2012-5118
CVE-2012-5120
CVE-2012-5121
CVE-2012-5122
CVE-2012-5123
CVE-2012-5124
CVE-2012-5125
CVE-2012-5126
CVE-2012-5127
CVE-2012-5128
CVE-2012-5130
CVE-2012-5132
CVE-2012-5133
CVE-2012-5135
CVE-2012-5136
CVE-2012-5137
CVE-2012-5138
CVE-2012-5139
CVE-2012-5140
CVE-2012-5141
CVE-2012-5142
CVE-2012-5143
CVE-2012-5144
CVE-2012-5145
CVE-2012-5146
CVE-2012-5147
CVE-2012-5148
CVE-2012-5149
CVE-2012-5150
CVE-2012-5151
CVE-2012-5152
CVE-2012-5153
CVE-2012-5154
CVE-2013-0828
CVE-2013-0829
CVE-2013-0830
CVE-2013-0831
CVE-2013-0832
CVE-2013-0833
CVE-2013-0834
CVE-2013-0835
CVE-2013-0836
CVE-2013-0837
CVE-2013-0838
CVE-2013-0839
CVE-2013-0840
CVE-2013-0841
CVE-2013-0842
CVE-2013-0879
CVE-2013-0880
CVE-2013-0881
CVE-2013-0882
CVE-2013-0883
CVE-2013-0884
CVE-2013-0885
CVE-2013-0887
CVE-2013-0888
CVE-2013-0889
CVE-2013-0890
CVE-2013-0891
CVE-2013-0892
CVE-2013-0893
CVE-2013-0894
CVE-2013-0895
CVE-2013-0896
CVE-2013-0897
CVE-2013-0898
CVE-2013-0899
CVE-2013-0900
CVE-2013-0902
CVE-2013-0903
CVE-2013-0904
CVE-2013-0905
CVE-2013-0906
CVE-2013-0907
CVE-2013-0908
CVE-2013-0909
CVE-2013-0910
CVE-2013-0911
CVE-2013-0912
CVE-2013-0916
CVE-2013-0917
CVE-2013-0918
CVE-2013-0919
CVE-2013-0920
CVE-2013-0921
CVE-2013-0922
CVE-2013-0923
CVE-2013-0924
CVE-2013-0925
CVE-2013-0926
CVE-2013-2836
CVE-2013-2837
CVE-2013-2838
CVE-2013-2839
CVE-2013-2840
CVE-2013-2841
CVE-2013-2842
CVE-2013-2843
CVE-2013-2844
CVE-2013-2845
CVE-2013-2846
CVE-2013-2847
CVE-2013-2848
CVE-2013-2849
CVE-2013-2853
CVE-2013-2855
CVE-2013-2856
CVE-2013-2857
CVE-2013-2858
CVE-2013-2859
CVE-2013-2860
CVE-2013-2861
CVE-2013-2862
CVE-2013-2863
CVE-2013-2865
CVE-2013-2867
CVE-2013-2868
CVE-2013-2869
CVE-2013-2870
CVE-2013-2871
CVE-2013-2874
CVE-2013-2875
CVE-2013-2876
CVE-2013-2877
CVE-2013-2878
CVE-2013-2879
CVE-2013-2880
CVE-2013-2881
CVE-2013-2882
CVE-2013-2883
CVE-2013-2884
CVE-2013-2885
CVE-2013-2886
CVE-2013-2887
CVE-2013-2900
CVE-2013-2901
CVE-2013-2902
CVE-2013-2903
CVE-2013-2904
CVE-2013-2905