http://code.google.com/p/chromium/issues/detail?id=116746

http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html

APPLE-SA-2012-07-25-1

APPLE-SA-2012-09-12-1

APPLE-SA-2012-09-19-1

openSUSE-SU-2012:0466

80291

48512

48527

GLSA-201203-19

http://support.apple.com/kb/HT5400

http://support.apple.com/kb/HT5485

http://support.apple.com/kb/HT5503

52674

1026841

chrome-block-splitting-code-exec(74213)

oval:org.mitre.oval:def:14658

- Update to 19.0.1079 Security Fixes (bnc#754456) :

  - High CVE-2011-3050: Use-after-free with first-letter     handling

  - High CVE-2011-3045: libpng integer issue from upstream

  - High CVE-2011-3051: Use-after-free in CSS cross-fade     handling

  - High CVE-2011-3052: Memory corruption in WebGL canvas     handling

  - High CVE-2011-3053: Use-after-free in block splitting

  - Low CVE-2011-3054: Apply additional isolations to webui     privileges

  - Low CVE-2011-3055: Prompt in the browser native UI for     unpacked extension installation

  - High CVE-2011-3056: Cross-origin violation with     &ldquo;magic iframe&rdquo;.

  - Low CVE-2011-3049: Extension web request API can     interfere with system requests Other Fixes :

  - The short-cut key for caps lock (Shift + Search) is     disabled when an accessibility screen reader is enabled

  - Fixes an issue with files not being displayed in File     Manager when some file names contain UTF-8 characters     (generally accented characters)

  - Fixed dialog boxes in settings. (Issue: 118031)

  - Fixed flash videos turning white on mac when running     with 

    --disable-composited-core-animation-plugins (Issue:
    117916) 

  - Change to look for correctly sized favicon when multiple     images are provided. (Issue: 118275)

  - Fixed issues - 116044, 117470, 117068, 117668, 118620

  - Update to 19.0.1077

  - Update to 19.0.1074

  - Build Chromium on openSUSE > 12.1 with the gold linker 

  - Fix build issues with GCC 4.7

  - Update to 19.0.1071

  - Several fixes and improvements in the new Settings,     Extensions, and Help pages.

  - Fixed the flashing when switched between composited and     non-composited mode. [Issue: 116603]

  - Fixed stability issues 116913, 117217, 117347, 117081

A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The mobile device is running a version of iOS that is older than version 6.0.  Version 6.0 contains numerous security-related fixes for the following vulnerabilities :

  - Numerous memory errors exist related to handling     'TIFF', 'PNG' and 'JPEG' images and 'ImageIO' that could     allow arbitrary code execution. (CVE-2011-1167,     CVE-2011-3026, CVE-2011-3048, CVE-2011-3328,     CVE-2012-1173, CVE-2012-3726)

  - Several issues exist related to 'CoreGraphics' and     'FreeType' (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128,     CVE-2012-1129, CVE-2012-1130, CVE-2012-1131,     CVE-2012-1132, CVE-2012-1133, CVE-2012-1134,     CVE-2012-1135, CVE-2012-1136, CVE-2012-1137,     CVE-2012-1138, CVE-2012-1139, CVE-2012-1140,     CVE-2012-1141, CVE-2012-1142, CVE-2012-1143,     CVE-2012-1144)

  - Numerous issues exist related to libxml and could lead     to application crashes or arbitrary code execution.
    (CVE-2011-1944, CVE-2011-2821, CVE-2011-2834,     CVE-2011-3919)

  - A stack-based buffer overflow exists related to 'locale     ID' and 'International Components for Unicode' (ICU).
    (CVE-2011-4599)

  - An unitialized memory access issue exists related to     'Sorenson' encoded movie files and 'CoreMedia'.
    (CVE-2012-3722)

  - An URL handling issue exists related to 'CFNetwork'     that can disclose sensitive information. (CVE-2012-3724)

  - The 'DNAv4' protocol discloses sensitive information     when connecting to unencrypted WiFi networks.
    (CVE-2012-3725)

  - A buffer overflow error exists related to 'IPSec' and     'racoon' configuration files. (CVE-2012-3727)

  - An invalid pointer dereference error exists related to     the kernel and packet filter ioctls. (CVE-2012-3728)

  - An uninitialized memory access error exists related to     the kernel and the Berkeley Packet Filter interpreter.
    (CVE-2012-3729)

  - Several issues exist related to 'Mail' and the handling     of attachments and 'S/MIME' signed messages.
    (CVE-2012-3730, CVE-2012-3731, CVE-2012-3732)

  - Information disclosure issues exist related to     'Messages', 'Office Viewer', system logs, and 'UIKit'.
    (CVE-2012-3733, CVE-2012-3734, CVE-2012-3743,     CVE-2012-3746)

  - Memory corruption errors exist related to 'OpenGL'.
    (CVE-2011-3457)

  - Numerous errors exist related to 'Passcode Lock'.
    (CVE-2012-3735, CVE-2012-3736, CVE-2012-3737,     CVE-2012-3738, CVE-2012-3739, CVE-2012-3740)

  - An error exists in 'Restrictions' that could allow     unauthorized purchases. (CVE-2012-3741)

  - Errors exist in 'Safari' that are related to misleading     URL characters and password auto complete.
    (CVE-2012-3742, CVE-2012-0680)

  - A buffer overflow error exists related to 'Telephony'     and SMS handling. (CVE-2012-3745)

  - Many errors exist related to the bundled 'WebKit'     components. (CVE-2011-2845, CVE-2011-3016,     CVE-2011-3021, CVE-2011-3027, CVE-2011-3032,     CVE-2011-3034, CVE-2011-3035, CVE-2011-3036,     CVE-2011-3037, CVE-2011-3038, CVE-2011-3039,     CVE-2011-3040, CVE-2011-3041, CVE-2011-3042,     CVE-2011-3043, CVE-2011-3044, CVE-2011-3050,     CVE-2011-3053, CVE-2011-3059, CVE-2011-3060,     CVE-2011-3064, CVE-2011-3067, CVE-2011-3068,     CVE-2011-3069, CVE-2011-3071, CVE-2011-3073,     CVE-2011-3074, CVE-2011-3075, CVE-2011-3076,     CVE-2011-3078, CVE-2011-3081, CVE-2011-3086,     CVE-2011-3089, CVE-2011-3090, CVE-2011-3105,     CVE-2011-3913, CVE-2011-3924, CVE-2011-3926,     CVE-2011-3958, CVE-2011-3966, CVE-2011-3968,     CVE-2011-3969, CVE-2011-3971, CVE-2012-0682,     CVE-2012-0683, CVE-2012-1520, CVE-2012-1521,     CVE-2012-2815, CVE-2012-2818, CVE-2012-3589,     CVE-2012-3590, CVE-2012-3591, CVE-2012-3592,     CVE-2012-3593, CVE-2012-3594, CVE-2012-3595,     CVE-2012-3596, CVE-2012-3597, CVE-2012-3598,     CVE-2012-3599, CVE-2012-3600, CVE-2012-3601,     CVE-2012-3602, CVE-2012-3603, CVE-2012-3604,     CVE-2012-3605, CVE-2012-3608, CVE-2012-3609,     CVE-2012-3610, CVE-2012-3611, CVE-2012-3612,     CVE-2012-3613, CVE-2012-3614, CVE-2012-3615,     CVE-2012-3617, CVE-2012-3618, CVE-2012-3620,     CVE-2012-3624, CVE-2012-3625, CVE-2012-3626,     CVE-2012-3627, CVE-2012-3628, CVE-2012-3629,     CVE-2012-3630, CVE-2012-3631, CVE-2012-3633,     CVE-2012-3634, CVE-2012-3635, CVE-2012-3636,     CVE-2012-3637, CVE-2012-3638, CVE-2012-3639,     CVE-2012-3640, CVE-2012-3641, CVE-2012-3642,     CVE-2012-3644, CVE-2012-3645, CVE-2012-3646,     CVE-2012-3647, CVE-2012-3648, CVE-2012-3650,     CVE-2012-3651, CVE-2012-3652, CVE-2012-3653,     CVE-2012-3655, CVE-2012-3656, CVE-2012-3658,     CVE-2012-3659, CVE-2012-3660, CVE-2012-3661,     CVE-2012-3663, CVE-2012-3664, CVE-2012-3665,     CVE-2012-3666, CVE-2012-3667, CVE-2012-3668,     CVE-2012-3669, CVE-2012-3670, CVE-2012-3671,     CVE-2012-3672, CVE-2012-3673, CVE-2012-3674,     CVE-2012-3676, CVE-2012-3677, CVE-2012-3678,     CVE-2012-3679, CVE-2012-3680, CVE-2012-3681,     CVE-2012-3682, CVE-2012-3683, CVE-2012-3684,     CVE-2012-3686, CVE-2012-3691, CVE-2012-3693,     CVE-2012-3695, CVE-2012-3696, CVE-2012-3703,     CVE-2012-3704, CVE-2012-3706, CVE-2012-3708,     CVE-2012-3710, CVE-2012-3747)

According to its banner, the remote Apple iOS device is missing a security update.  Versions of Apple iOS prior to 6.0 are exposed to the following vulnerabilities :

  - Numerous memory errors exist related to handling 'TIFF', 'PNG' and 'JPEG' images and 'ImageIO' that can allow arbitrary code execution. (CVE-2011-1167, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2012-1173, CVE-2012-3726)

  - Several issues exist related to 'CoreGraphics' and 'FreeType' (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133, CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137, CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141, CVE-2012-1142, CVE-2012-1143, CVE-2012-1144)

  - Numerous issues exist related to libxml and can lead to application crashes or arbitrary code execution. (CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3919)

  - A stack-based buffer overflow exists related to 'locale ID' and 'International Components for Unicode' (ICU). (CVE-2011-4599)

  - An unitialized memory access issue exists related to 'Sorenson' encoded movie files and 'CoreMedia'. (CVE-2012-3722)

  - An URL handling issue exists related to 'CFNetwork' that can disclose sensitive information. (CVE-2012-3724)

  - The 'DNAv4' protocol discloses sensitive information when connecting to unencrypted Wi-Fi networks. (CVE-2012-3725)

  - A buffer overflow error exists related to 'IPSec' and 'racoon' configuration files. (CVE-2012-3727)

  - An invalid pointer dereference error exists related to the kernel and packet filter ioctls. (CVE-2012-3728)

  - An uninitialized memory access error exists related to the kernel and the Berkeley Packet Filter interpreter. (CVE-2012-3729)

  - Several issues exist related to 'Mail' and the handling of attachments and 'S/MIME' signed messages. (CVE-2012-3730, CVE-2012-3731, CVE-2012-3732)

  - Information disclosure issues exist related to 'Messages', 'Office Viewer', system logs, and 'UIKit'. (CVE-2012-3733, CVE-2012-3734, CVE-2012-3743, CVE-2012-3746)

  - Memory corruption errors exist related to 'OpenGL'. (CVE-2011-3457)

  - Numerous errors exist related to 'Passcode Lock'. (CVE-2012-3735, CVE-2012-3736, CVE-2012-3737, CVE-2012-3738, CVE-2012-3739, CVE-2012-3740)

  - An error exists in 'Restrictions' that can allow unauthorized purchases. (CVE-2012-3741)

  - Errors exist in 'Safari' that are related to misleading URL characters and password auto complete. (CVE-2012-3742, CVE-2012-0680)

  - A buffer overflow error exists related to 'Telephony' and SMS handling. (CVE-2012-3745)

  - Many errors exist related to the bundled 'WebKit' components. (CVE-2011-2845, CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078, CVE-2011-3081, CVE-2011-3086, CVE-2011-3089, CVE-2011-3090, CVE-2011-3105, CVE-2011-3913, CVE-2011-3924, CVE-2011-3926, CVE-2011-3958, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-1521, CVE-2012-2815, CVE-2012-2818, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3598, CVE-2012-3599, CVE-2012-3600, CVE-2012-3601, CVE-2012-3602, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3612, CVE-2012-3613, CVE-2012-3614, CVE-2012-3615, CVE-2012-3617, CVE-2012-3618, CVE-2012-3620, CVE-2012-3624, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3647, CVE-2012-3648, CVE-2012-3650, CVE-2012-3651, CVE-2012-3652, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3658, CVE-2012-3659, CVE-2012-3660, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3673, CVE-2012-3674, CVE-2012-3676, CVE-2012-3677, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3684, CVE-2012-3686, CVE-2012-3691, CVE-2012-3693, CVE-2012-3695, CVE-2012-3696, CVE-2012-3703, CVE-2012-3704, CVE-2012-3706, CVE-2012-3708, CVE-2012-3710, CVE-2012-3747)

The remote host has iTunes installed, a popular media player for Windows and Mac OS. 

Versions of iTunes earlier than 10.7 are reportedly affected by multiple memory corruption vulnerabilities in WebKit.

The version of Apple iTunes on the remote host is prior to version 10.7. It is, therefore, affected by multiple memory corruption vulnerabilities in the WebKit component.

The version of Apple iTunes installed on the remote Windows host is older than 10.7 and is, therefore, affected by multiple memory corruption vulnerabilities in WebKit.

Versions of Safari earlier than 6.0 are reportedly affected by several issues :

  - An unspecified cross-site scripting issue exists. (CVE-2012-0678)

  - An error in the handling of 'feed://' URLs can allow local files to be disclosed to remote servers. (CVE-2012-0679)

  - Password input elements are auto completed even when a webpage specifically forbids it. (CVE-2012-0680)

  - A cross-site scripting issue exists due to improper handling of the HTTP 'Content-Disposition' header value of 'attachment'. (CVE-2011-3426)

  - Numerous issues exist in WebKit. (CVE-2011-2845, CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078, CVE-2011-3081, CVE-2011-3086, CVE-2011-3089, CVE-2011-3090, CVE-2011-3913, CVE-2011-3924, CVE-2011-3926, CVE-2011-3958, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-1521, CVE-2012-2815, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3599, CVE-2012-3600, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3615, CVE-2012-3618, CVE-2012-3620, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3650, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3674, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3686, CVE-2012-3689, CVE-2012-3690, CVE-2012-3691, CVE-2012-3693, CVE-2012-3694, CVE-2012-3695, CVE-2012-3696, CVE-2012-3697)

The version of Apple Safari installed on the remote Mac OS X host is earlier than 6.0.  It is, therefore, potentially affected by several issues :

  - An unspecified cross-site scripting issue exists.
    (CVE-2012-0678)

  - An error in the handling of 'feed://' URLs can allow     local files to be disclosed to remote servers.
    (CVE-2012-0679)

  - Password input elements are auto completed even when     a webpage specifically forbids it. (CVE-2012-0680)

  - A cross-site scripting issue exists due to improper     handling of the HTTP 'Content-Disposition' header     value of 'attachment'. (CVE-2011-3426)

  - Numerous issues exist in WebKit. (CVE-2011-2845,     CVE-2011-3016, CVE-2011-3021, CVE-2011-3027,     CVE-2011-3032, CVE-2011-3034, CVE-2011-3035,     CVE-2011-3036, CVE-2011-3037, CVE-2011-3038,     CVE-2011-3039, CVE-2011-3040, CVE-2011-3041,     CVE-2011-3042, CVE-2011-3043, CVE-2011-3044,     CVE-2011-3050, CVE-2011-3053, CVE-2011-3059,     CVE-2011-3060, CVE-2011-3064, CVE-2011-3067,     CVE-2011-3068, CVE-2011-3069, CVE-2011-3071,     CVE-2011-3073, CVE-2011-3074, CVE-2011-3075,     CVE-2011-3076, CVE-2011-3078, CVE-2011-3081,     CVE-2011-3086, CVE-2011-3089, CVE-2011-3090,     CVE-2011-3913, CVE-2011-3924, CVE-2011-3926,     CVE-2011-3958, CVE-2011-3966, CVE-2011-3968,     CVE-2011-3969, CVE-2011-3971, CVE-2012-0682,     CVE-2012-0683, CVE-2012-1520, CVE-2012-1521,     CVE-2012-2815, CVE-2012-3589, CVE-2012-3590,     CVE-2012-3591, CVE-2012-3592, CVE-2012-3593,     CVE-2012-3594, CVE-2012-3595, CVE-2012-3596,     CVE-2012-3597, CVE-2012-3599, CVE-2012-3600,     CVE-2012-3603, CVE-2012-3604, CVE-2012-3605,     CVE-2012-3608, CVE-2012-3609, CVE-2012-3610,     CVE-2012-3611, CVE-2012-3615, CVE-2012-3618,     CVE-2012-3620, CVE-2012-3625, CVE-2012-3626,     CVE-2012-3627, CVE-2012-3628, CVE-2012-3629,     CVE-2012-3630, CVE-2012-3631, CVE-2012-3633,     CVE-2012-3634, CVE-2012-3635, CVE-2012-3636,     CVE-2012-3637, CVE-2012-3638, CVE-2012-3639,     CVE-2012-3640, CVE-2012-3641, CVE-2012-3642,     CVE-2012-3644, CVE-2012-3645, CVE-2012-3646,     CVE-2012-3650, CVE-2012-3653, CVE-2012-3655,     CVE-2012-3656, CVE-2012-3661, CVE-2012-3663,     CVE-2012-3664, CVE-2012-3665, CVE-2012-3666,     CVE-2012-3667, CVE-2012-3668, CVE-2012-3669,     CVE-2012-3670, CVE-2012-3674, CVE-2012-3678,     CVE-2012-3679, CVE-2012-3680, CVE-2012-3681,     CVE-2012-3682, CVE-2012-3683, CVE-2012-3686,     CVE-2012-3689, CVE-2012-3690, CVE-2012-3691,     CVE-2012-3693, CVE-2012-3694, CVE-2012-3695,     CVE-2012-3696, CVE-2012-3697)

The remote host is affected by the vulnerability described in GLSA-201203-19 (Chromium: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium. Please review       the CVE identifiers and release notes referenced below for details.
  Impact :

    A remote attacker could entice a user to open a specially crafted web       site using Chromium, possibly resulting in the execution of arbitrary       code with the privileges of the process, a Denial of Service condition,       Universal Cross-Site Scripting, or installation of an extension without       user interaction.
    A remote attacker could also entice a user to install a specially       crafted extension that would interfere with browser-issued web requests.
  Workaround :

    There is no known workaround at this time.

Google Chrome Releases reports :

[113902] High CVE-2011-3050: Use-after-free with first-letter handling. Credit to miaubiz.

[116162] High CVE-2011-3045: libpng integer issue from upstream.
Credit to Glenn Randers-Pehrson of the libpng project.

[116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling. Credit to Arthur Gerkis.

[116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling. Credit to Ben Vanik of Google.

[116746] High CVE-2011-3053: Use-after-free in block splitting. Credit to miaubiz.

[117418] Low CVE-2011-3054: Apply additional isolations to webui privileges. Credit to Sergey Glazunov.

[117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked extension installation. Credit to PinkiePie.

[117550] High CVE-2011-3056: Cross-origin violation with 'magic iframe'. Credit to Sergey Glazunov.

[117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

[108648] Low CVE-2011-3049: Extension web request API can interfere with system requests. Credit to Michael Gundlach. Fixed in an earlier release.

The version of Google Chrome installed on the remote host is earlier than 17.0.963.83 and is, therefore, affected by the following vulnerabilities :

  - An unspecified integer issue exists in libpng.
    (CVE-2011-3045)

  - An error exists related to the extension web request     API that could allow denial of service attacks.
    Note this issue was corrected in a previous, unspecified     release. (CVE-2011-3049)

  - Use-after-free errors exist related to 'first-letter'     handling, CSS cross-fade handling and block splitting.
    (CVE-2011-3050, CVE-2011-3051, CVE-2011-3053)

  - A memory corruption error exists related to WebGL     canvas handling. (CVE-2011-3052)

  - An error exists related to webui privilege isolation.
    (CVE-2011-3054)

  - Installation of unpacked extensions does not use the     application's native user interface for prompts.
    (CVE-2011-3055)

  - A cross-origin violation is possible with 'magic iframe'.
    (CVE-2011-3056)

  - The v8 JavaScript engine could allow invalid reads to     take place. (CVE-2011-3057)

Versions of Google Chrome earlier than 17.0.963.83 are potentially affected by the following vulnerabilities :

  - An unspecified integer issue exists in libpng. (CVE-2011-3045)

  - Use-after-free errors exist related to 'first-letter' handling, CSS cross-fade handling and block splitting. (CVE-2011-3050, CVE_2011-3051, CVE-2011-3053)

  - A memory corruption error exists related to WebGL canvas handling. (CVE-2011-3052)

  - An error exists related to webui privilege isolation. (CVE-2011-3054)

  - Installation of unpacked extensions does not use the application's native user interface for prompts. (CVE-2011-3055)

  - A cross-origin violation is possible with 'magic iframe'. (CVE-2011-3056)

  - The v8 JavaScript engine can allow invalid reads to take place. (CVE-2011-3057)

ID	Name	Product	Family	Severity
74587	openSUSE Security Update : chromium / v8 (openSUSE-SU-2012:0466-1)	Nessus	SuSE Local Security Checks	medium
62707	Ubuntu 12.04 LTS : webkit vulnerabilities (USN-1617-1)	Nessus	Ubuntu Local Security Checks	critical
62242	Apple iOS < 6.0 Multiple Vulnerabilities	Nessus	Mobile Devices	critical
6589	Apple iOS < 6.0 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high
6575	iTunes < 10.7 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
62078	Apple iTunes < 10.7 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	critical
62077	Apple iTunes < 10.7 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	critical
800986	Safari < 6.0 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
60127	Mac OS X : Apple Safari < 6.0 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
6522	Safari < 6.0 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
59611	GLSA-201203-19 : Chromium: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
58438	FreeBSD : chromium -- multiple vulnerabilities (330106da-7406-11e1-a1d7-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	high
58434	Google Chrome < 17.0.963.83 Multiple Vulnerabilities	Nessus	Windows	high
800954	Google Chrome < 17.0.963.83 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high

CVE-2011-3053

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins