http://code.google.com/p/chromium/issues/detail?id=57908

http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html

75538

chrome-flags-unspecified(69864)

oval:org.mitre.oval:def:14139

The remote host is affected by the vulnerability described in GLSA-201111-01 (Chromium, V8: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and V8. Please       review the CVE identifiers and release notes referenced below for       details.
  Impact :

    A local attacker could gain root privileges (CVE-2011-1444, fixed in       chromium-11.0.696.57).
    A context-dependent attacker could entice a user to open a specially       crafted website or JavaScript program using Chromium or V8, possibly       resulting in the execution of arbitrary code with the privileges of the       process, or a Denial of Service condition. The attacker also could obtain       cookies and other sensitive information, conduct man-in-the-middle       attacks, perform address bar spoofing, bypass the same origin policy,       perform Cross-Site Scripting attacks, or bypass pop-up blocks.
  Workaround :

    There is no known workaround at this time.

Versions of Google Chrome earlier than 14.0.835.163 are affected by multiple vulnerabilities : 

  - A race condition exists related to the certificate cache. (Issue 49377)

  - The Windows Media Player plugin allows click-free access to the system Flash. (Issue 51464)
  - PIC / pie compiler lags are not used. (Linux only)(Issue 57908)
 - MIME types are not treated authoritatively at plugin load time. (Issue 75070)
  - An unspecified error allows V8 script object wrappers to crash. (Issue 76771)
  - The included PDF functionality contains a garbage collection error. (Issue 78639)
  - The Mac installer insecurely handles lock files. (Mac only)(Issue 80680)  - Out-of-bounds read issues exist related to media buffers, mp3 files, box handling, Khmer characters, video handling, Tibetan characters, and triangle arrays. (Issues 82438, 85041, 89991, 90134, 90173, 95563, 95625)
  - An unspecified error allows data displayed in the URL to be spoofed. (Issue 83031)
  - Use-after-free error exist related to unload event handling, the document loader, plugin handling, ruby table style handling, and the focus controller. (Issues 89219, 89330, 91197, 92651, 94800, 93420, 93587)
  - The URL bar can be spoofed in an unspecified manner related to the forward button. (Issue 89564)
  - A NULL pointer error exists related to WebSockets. Issue 89795)
  An off-by-one error exists related to the V8 JavaScript engine. (Issue 91120)
  - A stale node error exists related to CSS stylesheet handling. (Issue 92959)
  - A cross-origin bypass error exists related to the V8 JavaScript engine. (Issue 93416)
  - A double-free error exists related to XPath handling in libxml. (Issue 93472)
  - Incorrect permissions are assigned to non-gallery pages. (Issue 93497)
  - An improper string read occurs in the included PDF functionality. (Issue 93596)
  - An unspecified error allows unintended access to objects build in to the V8 JavaScript engine. (Issue 93906)
  - Self-signed certificates are not pinned properly. (Issue 95917)
  - A variable-type confusion issue exists in the V8 JavaScript engine related to object sealing. (Issue 95920)

ID	Name	Product	Family	Severity
56686	GLSA-201111-01 : Chromium, V8: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
800955	Google Chrome < 14.0.835.163 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
6024	Google Chrome < 14.0.835.163 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
51069	FreeBSD : chromium -- multiple vulnerabilities (6887828f-0229-11e0-b84d-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	critical

CVE-2011-2837

HIGH

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Tenable Plugins

high

high

high

critical