http://code.google.com/p/chromium/issues/detail?id=119525

http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html

APPLE-SA-2012-07-25-1

APPLE-SA-2012-09-12-1

APPLE-SA-2012-09-19-1

48732

48749

GLSA-201204-03

http://support.apple.com/kb/HT5400

http://support.apple.com/kb/HT5485

http://support.apple.com/kb/HT5503

52913

1026892

chrome-style-code-execution(74635)

oval:org.mitre.oval:def:15141

The mobile device is running a version of iOS that is older than version 6.0.  Version 6.0 contains numerous security-related fixes for the following vulnerabilities :

  - Numerous memory errors exist related to handling     'TIFF', 'PNG' and 'JPEG' images and 'ImageIO' that could     allow arbitrary code execution. (CVE-2011-1167,     CVE-2011-3026, CVE-2011-3048, CVE-2011-3328,     CVE-2012-1173, CVE-2012-3726)

  - Several issues exist related to 'CoreGraphics' and     'FreeType' (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128,     CVE-2012-1129, CVE-2012-1130, CVE-2012-1131,     CVE-2012-1132, CVE-2012-1133, CVE-2012-1134,     CVE-2012-1135, CVE-2012-1136, CVE-2012-1137,     CVE-2012-1138, CVE-2012-1139, CVE-2012-1140,     CVE-2012-1141, CVE-2012-1142, CVE-2012-1143,     CVE-2012-1144)

  - Numerous issues exist related to libxml and could lead     to application crashes or arbitrary code execution.
    (CVE-2011-1944, CVE-2011-2821, CVE-2011-2834,     CVE-2011-3919)

  - A stack-based buffer overflow exists related to 'locale     ID' and 'International Components for Unicode' (ICU).
    (CVE-2011-4599)

  - An unitialized memory access issue exists related to     'Sorenson' encoded movie files and 'CoreMedia'.
    (CVE-2012-3722)

  - An URL handling issue exists related to 'CFNetwork'     that can disclose sensitive information. (CVE-2012-3724)

  - The 'DNAv4' protocol discloses sensitive information     when connecting to unencrypted WiFi networks.
    (CVE-2012-3725)

  - A buffer overflow error exists related to 'IPSec' and     'racoon' configuration files. (CVE-2012-3727)

  - An invalid pointer dereference error exists related to     the kernel and packet filter ioctls. (CVE-2012-3728)

  - An uninitialized memory access error exists related to     the kernel and the Berkeley Packet Filter interpreter.
    (CVE-2012-3729)

  - Several issues exist related to 'Mail' and the handling     of attachments and 'S/MIME' signed messages.
    (CVE-2012-3730, CVE-2012-3731, CVE-2012-3732)

  - Information disclosure issues exist related to     'Messages', 'Office Viewer', system logs, and 'UIKit'.
    (CVE-2012-3733, CVE-2012-3734, CVE-2012-3743,     CVE-2012-3746)

  - Memory corruption errors exist related to 'OpenGL'.
    (CVE-2011-3457)

  - Numerous errors exist related to 'Passcode Lock'.
    (CVE-2012-3735, CVE-2012-3736, CVE-2012-3737,     CVE-2012-3738, CVE-2012-3739, CVE-2012-3740)

  - An error exists in 'Restrictions' that could allow     unauthorized purchases. (CVE-2012-3741)

  - Errors exist in 'Safari' that are related to misleading     URL characters and password auto complete.
    (CVE-2012-3742, CVE-2012-0680)

  - A buffer overflow error exists related to 'Telephony'     and SMS handling. (CVE-2012-3745)

  - Many errors exist related to the bundled 'WebKit'     components. (CVE-2011-2845, CVE-2011-3016,     CVE-2011-3021, CVE-2011-3027, CVE-2011-3032,     CVE-2011-3034, CVE-2011-3035, CVE-2011-3036,     CVE-2011-3037, CVE-2011-3038, CVE-2011-3039,     CVE-2011-3040, CVE-2011-3041, CVE-2011-3042,     CVE-2011-3043, CVE-2011-3044, CVE-2011-3050,     CVE-2011-3053, CVE-2011-3059, CVE-2011-3060,     CVE-2011-3064, CVE-2011-3067, CVE-2011-3068,     CVE-2011-3069, CVE-2011-3071, CVE-2011-3073,     CVE-2011-3074, CVE-2011-3075, CVE-2011-3076,     CVE-2011-3078, CVE-2011-3081, CVE-2011-3086,     CVE-2011-3089, CVE-2011-3090, CVE-2011-3105,     CVE-2011-3913, CVE-2011-3924, CVE-2011-3926,     CVE-2011-3958, CVE-2011-3966, CVE-2011-3968,     CVE-2011-3969, CVE-2011-3971, CVE-2012-0682,     CVE-2012-0683, CVE-2012-1520, CVE-2012-1521,     CVE-2012-2815, CVE-2012-2818, CVE-2012-3589,     CVE-2012-3590, CVE-2012-3591, CVE-2012-3592,     CVE-2012-3593, CVE-2012-3594, CVE-2012-3595,     CVE-2012-3596, CVE-2012-3597, CVE-2012-3598,     CVE-2012-3599, CVE-2012-3600, CVE-2012-3601,     CVE-2012-3602, CVE-2012-3603, CVE-2012-3604,     CVE-2012-3605, CVE-2012-3608, CVE-2012-3609,     CVE-2012-3610, CVE-2012-3611, CVE-2012-3612,     CVE-2012-3613, CVE-2012-3614, CVE-2012-3615,     CVE-2012-3617, CVE-2012-3618, CVE-2012-3620,     CVE-2012-3624, CVE-2012-3625, CVE-2012-3626,     CVE-2012-3627, CVE-2012-3628, CVE-2012-3629,     CVE-2012-3630, CVE-2012-3631, CVE-2012-3633,     CVE-2012-3634, CVE-2012-3635, CVE-2012-3636,     CVE-2012-3637, CVE-2012-3638, CVE-2012-3639,     CVE-2012-3640, CVE-2012-3641, CVE-2012-3642,     CVE-2012-3644, CVE-2012-3645, CVE-2012-3646,     CVE-2012-3647, CVE-2012-3648, CVE-2012-3650,     CVE-2012-3651, CVE-2012-3652, CVE-2012-3653,     CVE-2012-3655, CVE-2012-3656, CVE-2012-3658,     CVE-2012-3659, CVE-2012-3660, CVE-2012-3661,     CVE-2012-3663, CVE-2012-3664, CVE-2012-3665,     CVE-2012-3666, CVE-2012-3667, CVE-2012-3668,     CVE-2012-3669, CVE-2012-3670, CVE-2012-3671,     CVE-2012-3672, CVE-2012-3673, CVE-2012-3674,     CVE-2012-3676, CVE-2012-3677, CVE-2012-3678,     CVE-2012-3679, CVE-2012-3680, CVE-2012-3681,     CVE-2012-3682, CVE-2012-3683, CVE-2012-3684,     CVE-2012-3686, CVE-2012-3691, CVE-2012-3693,     CVE-2012-3695, CVE-2012-3696, CVE-2012-3703,     CVE-2012-3704, CVE-2012-3706, CVE-2012-3708,     CVE-2012-3710, CVE-2012-3747)

According to its banner, the remote Apple iOS device is missing a security update.  Versions of Apple iOS prior to 6.0 are exposed to the following vulnerabilities :

  - Numerous memory errors exist related to handling 'TIFF', 'PNG' and 'JPEG' images and 'ImageIO' that can allow arbitrary code execution. (CVE-2011-1167, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2012-1173, CVE-2012-3726)

  - Several issues exist related to 'CoreGraphics' and 'FreeType' (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133, CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137, CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141, CVE-2012-1142, CVE-2012-1143, CVE-2012-1144)

  - Numerous issues exist related to libxml and can lead to application crashes or arbitrary code execution. (CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3919)

  - A stack-based buffer overflow exists related to 'locale ID' and 'International Components for Unicode' (ICU). (CVE-2011-4599)

  - An unitialized memory access issue exists related to 'Sorenson' encoded movie files and 'CoreMedia'. (CVE-2012-3722)

  - An URL handling issue exists related to 'CFNetwork' that can disclose sensitive information. (CVE-2012-3724)

  - The 'DNAv4' protocol discloses sensitive information when connecting to unencrypted Wi-Fi networks. (CVE-2012-3725)

  - A buffer overflow error exists related to 'IPSec' and 'racoon' configuration files. (CVE-2012-3727)

  - An invalid pointer dereference error exists related to the kernel and packet filter ioctls. (CVE-2012-3728)

  - An uninitialized memory access error exists related to the kernel and the Berkeley Packet Filter interpreter. (CVE-2012-3729)

  - Several issues exist related to 'Mail' and the handling of attachments and 'S/MIME' signed messages. (CVE-2012-3730, CVE-2012-3731, CVE-2012-3732)

  - Information disclosure issues exist related to 'Messages', 'Office Viewer', system logs, and 'UIKit'. (CVE-2012-3733, CVE-2012-3734, CVE-2012-3743, CVE-2012-3746)

  - Memory corruption errors exist related to 'OpenGL'. (CVE-2011-3457)

  - Numerous errors exist related to 'Passcode Lock'. (CVE-2012-3735, CVE-2012-3736, CVE-2012-3737, CVE-2012-3738, CVE-2012-3739, CVE-2012-3740)

  - An error exists in 'Restrictions' that can allow unauthorized purchases. (CVE-2012-3741)

  - Errors exist in 'Safari' that are related to misleading URL characters and password auto complete. (CVE-2012-3742, CVE-2012-0680)

  - A buffer overflow error exists related to 'Telephony' and SMS handling. (CVE-2012-3745)

  - Many errors exist related to the bundled 'WebKit' components. (CVE-2011-2845, CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078, CVE-2011-3081, CVE-2011-3086, CVE-2011-3089, CVE-2011-3090, CVE-2011-3105, CVE-2011-3913, CVE-2011-3924, CVE-2011-3926, CVE-2011-3958, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-1521, CVE-2012-2815, CVE-2012-2818, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3598, CVE-2012-3599, CVE-2012-3600, CVE-2012-3601, CVE-2012-3602, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3612, CVE-2012-3613, CVE-2012-3614, CVE-2012-3615, CVE-2012-3617, CVE-2012-3618, CVE-2012-3620, CVE-2012-3624, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3647, CVE-2012-3648, CVE-2012-3650, CVE-2012-3651, CVE-2012-3652, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3658, CVE-2012-3659, CVE-2012-3660, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3673, CVE-2012-3674, CVE-2012-3676, CVE-2012-3677, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3684, CVE-2012-3686, CVE-2012-3691, CVE-2012-3693, CVE-2012-3695, CVE-2012-3696, CVE-2012-3703, CVE-2012-3704, CVE-2012-3706, CVE-2012-3708, CVE-2012-3710, CVE-2012-3747)

The remote host has iTunes installed, a popular media player for Windows and Mac OS. 

Versions of iTunes earlier than 10.7 are reportedly affected by multiple memory corruption vulnerabilities in WebKit.

The version of Apple iTunes on the remote host is prior to version 10.7. It is, therefore, affected by multiple memory corruption vulnerabilities in the WebKit component.

The version of Apple iTunes installed on the remote Windows host is older than 10.7 and is, therefore, affected by multiple memory corruption vulnerabilities in WebKit.

A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Versions of Safari earlier than 6.0 are reportedly affected by several issues :

  - An unspecified cross-site scripting issue exists. (CVE-2012-0678)

  - An error in the handling of 'feed://' URLs can allow local files to be disclosed to remote servers. (CVE-2012-0679)

  - Password input elements are auto completed even when a webpage specifically forbids it. (CVE-2012-0680)

  - A cross-site scripting issue exists due to improper handling of the HTTP 'Content-Disposition' header value of 'attachment'. (CVE-2011-3426)

  - Numerous issues exist in WebKit. (CVE-2011-2845, CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078, CVE-2011-3081, CVE-2011-3086, CVE-2011-3089, CVE-2011-3090, CVE-2011-3913, CVE-2011-3924, CVE-2011-3926, CVE-2011-3958, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-1521, CVE-2012-2815, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3599, CVE-2012-3600, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3615, CVE-2012-3618, CVE-2012-3620, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3650, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3674, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3686, CVE-2012-3689, CVE-2012-3690, CVE-2012-3691, CVE-2012-3693, CVE-2012-3694, CVE-2012-3695, CVE-2012-3696, CVE-2012-3697)

The version of Apple Safari installed on the remote Mac OS X host is earlier than 6.0.  It is, therefore, potentially affected by several issues :

  - An unspecified cross-site scripting issue exists.
    (CVE-2012-0678)

  - An error in the handling of 'feed://' URLs can allow     local files to be disclosed to remote servers.
    (CVE-2012-0679)

  - Password input elements are auto completed even when     a webpage specifically forbids it. (CVE-2012-0680)

  - A cross-site scripting issue exists due to improper     handling of the HTTP 'Content-Disposition' header     value of 'attachment'. (CVE-2011-3426)

  - Numerous issues exist in WebKit. (CVE-2011-2845,     CVE-2011-3016, CVE-2011-3021, CVE-2011-3027,     CVE-2011-3032, CVE-2011-3034, CVE-2011-3035,     CVE-2011-3036, CVE-2011-3037, CVE-2011-3038,     CVE-2011-3039, CVE-2011-3040, CVE-2011-3041,     CVE-2011-3042, CVE-2011-3043, CVE-2011-3044,     CVE-2011-3050, CVE-2011-3053, CVE-2011-3059,     CVE-2011-3060, CVE-2011-3064, CVE-2011-3067,     CVE-2011-3068, CVE-2011-3069, CVE-2011-3071,     CVE-2011-3073, CVE-2011-3074, CVE-2011-3075,     CVE-2011-3076, CVE-2011-3078, CVE-2011-3081,     CVE-2011-3086, CVE-2011-3089, CVE-2011-3090,     CVE-2011-3913, CVE-2011-3924, CVE-2011-3926,     CVE-2011-3958, CVE-2011-3966, CVE-2011-3968,     CVE-2011-3969, CVE-2011-3971, CVE-2012-0682,     CVE-2012-0683, CVE-2012-1520, CVE-2012-1521,     CVE-2012-2815, CVE-2012-3589, CVE-2012-3590,     CVE-2012-3591, CVE-2012-3592, CVE-2012-3593,     CVE-2012-3594, CVE-2012-3595, CVE-2012-3596,     CVE-2012-3597, CVE-2012-3599, CVE-2012-3600,     CVE-2012-3603, CVE-2012-3604, CVE-2012-3605,     CVE-2012-3608, CVE-2012-3609, CVE-2012-3610,     CVE-2012-3611, CVE-2012-3615, CVE-2012-3618,     CVE-2012-3620, CVE-2012-3625, CVE-2012-3626,     CVE-2012-3627, CVE-2012-3628, CVE-2012-3629,     CVE-2012-3630, CVE-2012-3631, CVE-2012-3633,     CVE-2012-3634, CVE-2012-3635, CVE-2012-3636,     CVE-2012-3637, CVE-2012-3638, CVE-2012-3639,     CVE-2012-3640, CVE-2012-3641, CVE-2012-3642,     CVE-2012-3644, CVE-2012-3645, CVE-2012-3646,     CVE-2012-3650, CVE-2012-3653, CVE-2012-3655,     CVE-2012-3656, CVE-2012-3661, CVE-2012-3663,     CVE-2012-3664, CVE-2012-3665, CVE-2012-3666,     CVE-2012-3667, CVE-2012-3668, CVE-2012-3669,     CVE-2012-3670, CVE-2012-3674, CVE-2012-3678,     CVE-2012-3679, CVE-2012-3680, CVE-2012-3681,     CVE-2012-3682, CVE-2012-3683, CVE-2012-3686,     CVE-2012-3689, CVE-2012-3690, CVE-2012-3691,     CVE-2012-3693, CVE-2012-3694, CVE-2012-3695,     CVE-2012-3696, CVE-2012-3697)

The remote host is affected by the vulnerability described in GLSA-201204-03 (Chromium: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium. Please review       the CVE identifiers and release notes referenced below for details.
  Impact :

    A remote attacker could entice a user to open a specially crafted web       site using Chromium, possibly resulting in the execution of arbitrary       code with the privileges of the process, a Denial of Service condition,       or bypass of the same origin policy.
  Workaround :

    There is no known workaround at this time.

Versions of Google Chrome earlier than 18.0.1025.151 are potentially affected by the following vulnerabilities :

  - An out-of-bounds read issue exists related to 'Skia' clipping. (CVE-2011-3066)

  - An error exists related to cross-origin iframe replacement. (CVE-2011-3067)

  - Use-after-free errors exist related to 'run-in' handling, line box editing, v8 JavaScript engine bindings, 'HTMLMediaElemet', SVG resource handling, media handling, style command application, and focus handling. (CVE-2011-3068, CVE-2011-3069, CVE-2011-3070, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076)

  - A cross-origin violation error exists related to pop-up windows. (CVE-2011-3072)

  - A read-after-free error exists related to script binding. (CVE-2011-3077)\
  - The bundled Adobe Flash Player is vulnerable to several memory corruption issues that can lead to arbitrary code execution. (CVE-2012-0724, CVE-2012-0725)

The version of Google Chrome installed on the remote host is earlier than 18.0.1025.151 and is, therefore, affected by the following vulnerabilities :

  - An out-of-bounds read issue exists related to 'Skia'     clipping. (CVE-2011-3066)

  - An error exists related to cross-origin iframe     replacement. (CVE-2011-3067)

  - Use-after-free errors exist related to 'run-in'     handling, line box editing, v8 JavaScript engine     bindings, 'HTMLMediaElement', SVG resource handling,     media handling, style command application, and focus     handling. (CVE-2011-3068, CVE-2011-3069, CVE-2011-3070,     CVE-2011-3071, CVE-2011-3073, CVE-2011-3074,     CVE-2011-3075, CVE-2011-3076)

  - A cross-origin violation error exists related to pop-up     windows. (CVE-2011-3072)

  - A read-after-free error exists related to script     binding. (CVE-2011-3077)

  - The bundled Adobe Flash Player is vulnerable to several     memory corruption issues that can lead to arbitrary     code execution. (CVE-2012-0724, CVE-2012-0725)

Google Chrome Releases reports :

[106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
Credit to miaubiz.

[117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to Sergey Glazunov.

[117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to miaubiz.

[117728] High CVE-2011-3069: Use-after-free in line box handling.
Credit to miaubiz.

[118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to Google Chrome Security Team (SkyLined).

[118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement.
Credit to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).

[118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up window. Credit to Sergey Glazunov.

[118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
Credit to Arthur Gerkis.

[119281] Medium CVE-2011-3074: Use-after-free in media handling.
Credit to Slawomir Blazek.

[119525] High CVE-2011-3075: Use-after-free applying style command.
Credit to miaubiz.

[120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to miaubiz.

[120189] Medium CVE-2011-3077: Read-after-free in script bindings.
Credit to Google Chrome Security Team (Inferno).

ID	Name	Product	Family	Severity
62242	Apple iOS < 6.0 Multiple Vulnerabilities	Nessus	Mobile Devices	critical
6589	Apple iOS < 6.0 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high
6575	iTunes < 10.7 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
62078	Apple iTunes < 10.7 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	critical
62077	Apple iTunes < 10.7 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	critical
61458	Ubuntu 12.04 LTS : webkit vulnerabilities (USN-1524-1)	Nessus	Ubuntu Local Security Checks	critical
800986	Safari < 6.0 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
60127	Mac OS X : Apple Safari < 6.0 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
6522	Safari < 6.0 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
59619	GLSA-201204-03 : Chromium: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
800927	Google Chrome < 18.0.1025.151 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
58644	Google Chrome < 18.0.1025.151 Multiple Vulnerabilities	Nessus	Windows	high
58609	FreeBSD : chromium -- multiple vulnerabilities (057130e6-7f61-11e1-8a43-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	high

CVE-2011-3075

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins