http://code.google.com/p/chromium/issues/detail?id=121899

http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html

APPLE-SA-2012-07-25-1

APPLE-SA-2012-09-12-1

APPLE-SA-2012-09-19-1

81647

48992

GLSA-201205-01

http://support.apple.com/kb/HT5400

http://support.apple.com/kb/HT5485

http://support.apple.com/kb/HT5503

53309

1027001

google-floats-handling-code-exec(75273)

oval:org.mitre.oval:def:15592

Chromium version 20.0.1128 fixes several security issues :

  - CVE-2011-3078: Use after free in floats handling.

  - CVE-2012-1521: Use after free in xml parser.

  - CVE-2011-3079: IPC validation failure.

  - CVE-2011-3080: Race condition in sandbox IPC

  - CVE-2011-3081: Use after free in floats handling.

Versions of Google Chrome prior to 18.0.1025.168 are affected by the following vulnerabilities :

  - Use-after-free errors exist related to floating element handling and the xml parser. (CVE-2011-3078, CVE-2012-1521, CVE-2011-3081)

  - A validation error exists related to Inter-Process Communications (IPC). (CVE-2011-3079)

  - A race condition exists in the method 'CrossCallParamsEx::CreateFromBuffer' in the file 'sandbox/src/crosscall_server.cc' and is related to sandbox Inter-Process Communication (IPC). (CVE-2011-3080)

A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The mobile device is running a version of iOS that is older than version 6.0.  Version 6.0 contains numerous security-related fixes for the following vulnerabilities :

  - Numerous memory errors exist related to handling     'TIFF', 'PNG' and 'JPEG' images and 'ImageIO' that could     allow arbitrary code execution. (CVE-2011-1167,     CVE-2011-3026, CVE-2011-3048, CVE-2011-3328,     CVE-2012-1173, CVE-2012-3726)

  - Several issues exist related to 'CoreGraphics' and     'FreeType' (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128,     CVE-2012-1129, CVE-2012-1130, CVE-2012-1131,     CVE-2012-1132, CVE-2012-1133, CVE-2012-1134,     CVE-2012-1135, CVE-2012-1136, CVE-2012-1137,     CVE-2012-1138, CVE-2012-1139, CVE-2012-1140,     CVE-2012-1141, CVE-2012-1142, CVE-2012-1143,     CVE-2012-1144)

  - Numerous issues exist related to libxml and could lead     to application crashes or arbitrary code execution.
    (CVE-2011-1944, CVE-2011-2821, CVE-2011-2834,     CVE-2011-3919)

  - A stack-based buffer overflow exists related to 'locale     ID' and 'International Components for Unicode' (ICU).
    (CVE-2011-4599)

  - An unitialized memory access issue exists related to     'Sorenson' encoded movie files and 'CoreMedia'.
    (CVE-2012-3722)

  - An URL handling issue exists related to 'CFNetwork'     that can disclose sensitive information. (CVE-2012-3724)

  - The 'DNAv4' protocol discloses sensitive information     when connecting to unencrypted WiFi networks.
    (CVE-2012-3725)

  - A buffer overflow error exists related to 'IPSec' and     'racoon' configuration files. (CVE-2012-3727)

  - An invalid pointer dereference error exists related to     the kernel and packet filter ioctls. (CVE-2012-3728)

  - An uninitialized memory access error exists related to     the kernel and the Berkeley Packet Filter interpreter.
    (CVE-2012-3729)

  - Several issues exist related to 'Mail' and the handling     of attachments and 'S/MIME' signed messages.
    (CVE-2012-3730, CVE-2012-3731, CVE-2012-3732)

  - Information disclosure issues exist related to     'Messages', 'Office Viewer', system logs, and 'UIKit'.
    (CVE-2012-3733, CVE-2012-3734, CVE-2012-3743,     CVE-2012-3746)

  - Memory corruption errors exist related to 'OpenGL'.
    (CVE-2011-3457)

  - Numerous errors exist related to 'Passcode Lock'.
    (CVE-2012-3735, CVE-2012-3736, CVE-2012-3737,     CVE-2012-3738, CVE-2012-3739, CVE-2012-3740)

  - An error exists in 'Restrictions' that could allow     unauthorized purchases. (CVE-2012-3741)

  - Errors exist in 'Safari' that are related to misleading     URL characters and password auto complete.
    (CVE-2012-3742, CVE-2012-0680)

  - A buffer overflow error exists related to 'Telephony'     and SMS handling. (CVE-2012-3745)

  - Many errors exist related to the bundled 'WebKit'     components. (CVE-2011-2845, CVE-2011-3016,     CVE-2011-3021, CVE-2011-3027, CVE-2011-3032,     CVE-2011-3034, CVE-2011-3035, CVE-2011-3036,     CVE-2011-3037, CVE-2011-3038, CVE-2011-3039,     CVE-2011-3040, CVE-2011-3041, CVE-2011-3042,     CVE-2011-3043, CVE-2011-3044, CVE-2011-3050,     CVE-2011-3053, CVE-2011-3059, CVE-2011-3060,     CVE-2011-3064, CVE-2011-3067, CVE-2011-3068,     CVE-2011-3069, CVE-2011-3071, CVE-2011-3073,     CVE-2011-3074, CVE-2011-3075, CVE-2011-3076,     CVE-2011-3078, CVE-2011-3081, CVE-2011-3086,     CVE-2011-3089, CVE-2011-3090, CVE-2011-3105,     CVE-2011-3913, CVE-2011-3924, CVE-2011-3926,     CVE-2011-3958, CVE-2011-3966, CVE-2011-3968,     CVE-2011-3969, CVE-2011-3971, CVE-2012-0682,     CVE-2012-0683, CVE-2012-1520, CVE-2012-1521,     CVE-2012-2815, CVE-2012-2818, CVE-2012-3589,     CVE-2012-3590, CVE-2012-3591, CVE-2012-3592,     CVE-2012-3593, CVE-2012-3594, CVE-2012-3595,     CVE-2012-3596, CVE-2012-3597, CVE-2012-3598,     CVE-2012-3599, CVE-2012-3600, CVE-2012-3601,     CVE-2012-3602, CVE-2012-3603, CVE-2012-3604,     CVE-2012-3605, CVE-2012-3608, CVE-2012-3609,     CVE-2012-3610, CVE-2012-3611, CVE-2012-3612,     CVE-2012-3613, CVE-2012-3614, CVE-2012-3615,     CVE-2012-3617, CVE-2012-3618, CVE-2012-3620,     CVE-2012-3624, CVE-2012-3625, CVE-2012-3626,     CVE-2012-3627, CVE-2012-3628, CVE-2012-3629,     CVE-2012-3630, CVE-2012-3631, CVE-2012-3633,     CVE-2012-3634, CVE-2012-3635, CVE-2012-3636,     CVE-2012-3637, CVE-2012-3638, CVE-2012-3639,     CVE-2012-3640, CVE-2012-3641, CVE-2012-3642,     CVE-2012-3644, CVE-2012-3645, CVE-2012-3646,     CVE-2012-3647, CVE-2012-3648, CVE-2012-3650,     CVE-2012-3651, CVE-2012-3652, CVE-2012-3653,     CVE-2012-3655, CVE-2012-3656, CVE-2012-3658,     CVE-2012-3659, CVE-2012-3660, CVE-2012-3661,     CVE-2012-3663, CVE-2012-3664, CVE-2012-3665,     CVE-2012-3666, CVE-2012-3667, CVE-2012-3668,     CVE-2012-3669, CVE-2012-3670, CVE-2012-3671,     CVE-2012-3672, CVE-2012-3673, CVE-2012-3674,     CVE-2012-3676, CVE-2012-3677, CVE-2012-3678,     CVE-2012-3679, CVE-2012-3680, CVE-2012-3681,     CVE-2012-3682, CVE-2012-3683, CVE-2012-3684,     CVE-2012-3686, CVE-2012-3691, CVE-2012-3693,     CVE-2012-3695, CVE-2012-3696, CVE-2012-3703,     CVE-2012-3704, CVE-2012-3706, CVE-2012-3708,     CVE-2012-3710, CVE-2012-3747)

According to its banner, the remote Apple iOS device is missing a security update.  Versions of Apple iOS prior to 6.0 are exposed to the following vulnerabilities :

  - Numerous memory errors exist related to handling 'TIFF', 'PNG' and 'JPEG' images and 'ImageIO' that can allow arbitrary code execution. (CVE-2011-1167, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2012-1173, CVE-2012-3726)

  - Several issues exist related to 'CoreGraphics' and 'FreeType' (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133, CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137, CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141, CVE-2012-1142, CVE-2012-1143, CVE-2012-1144)

  - Numerous issues exist related to libxml and can lead to application crashes or arbitrary code execution. (CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3919)

  - A stack-based buffer overflow exists related to 'locale ID' and 'International Components for Unicode' (ICU). (CVE-2011-4599)

  - An unitialized memory access issue exists related to 'Sorenson' encoded movie files and 'CoreMedia'. (CVE-2012-3722)

  - An URL handling issue exists related to 'CFNetwork' that can disclose sensitive information. (CVE-2012-3724)

  - The 'DNAv4' protocol discloses sensitive information when connecting to unencrypted Wi-Fi networks. (CVE-2012-3725)

  - A buffer overflow error exists related to 'IPSec' and 'racoon' configuration files. (CVE-2012-3727)

  - An invalid pointer dereference error exists related to the kernel and packet filter ioctls. (CVE-2012-3728)

  - An uninitialized memory access error exists related to the kernel and the Berkeley Packet Filter interpreter. (CVE-2012-3729)

  - Several issues exist related to 'Mail' and the handling of attachments and 'S/MIME' signed messages. (CVE-2012-3730, CVE-2012-3731, CVE-2012-3732)

  - Information disclosure issues exist related to 'Messages', 'Office Viewer', system logs, and 'UIKit'. (CVE-2012-3733, CVE-2012-3734, CVE-2012-3743, CVE-2012-3746)

  - Memory corruption errors exist related to 'OpenGL'. (CVE-2011-3457)

  - Numerous errors exist related to 'Passcode Lock'. (CVE-2012-3735, CVE-2012-3736, CVE-2012-3737, CVE-2012-3738, CVE-2012-3739, CVE-2012-3740)

  - An error exists in 'Restrictions' that can allow unauthorized purchases. (CVE-2012-3741)

  - Errors exist in 'Safari' that are related to misleading URL characters and password auto complete. (CVE-2012-3742, CVE-2012-0680)

  - A buffer overflow error exists related to 'Telephony' and SMS handling. (CVE-2012-3745)

  - Many errors exist related to the bundled 'WebKit' components. (CVE-2011-2845, CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078, CVE-2011-3081, CVE-2011-3086, CVE-2011-3089, CVE-2011-3090, CVE-2011-3105, CVE-2011-3913, CVE-2011-3924, CVE-2011-3926, CVE-2011-3958, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-1521, CVE-2012-2815, CVE-2012-2818, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3598, CVE-2012-3599, CVE-2012-3600, CVE-2012-3601, CVE-2012-3602, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3612, CVE-2012-3613, CVE-2012-3614, CVE-2012-3615, CVE-2012-3617, CVE-2012-3618, CVE-2012-3620, CVE-2012-3624, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3647, CVE-2012-3648, CVE-2012-3650, CVE-2012-3651, CVE-2012-3652, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3658, CVE-2012-3659, CVE-2012-3660, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3673, CVE-2012-3674, CVE-2012-3676, CVE-2012-3677, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3684, CVE-2012-3686, CVE-2012-3691, CVE-2012-3693, CVE-2012-3695, CVE-2012-3696, CVE-2012-3703, CVE-2012-3704, CVE-2012-3706, CVE-2012-3708, CVE-2012-3710, CVE-2012-3747)

The remote host has iTunes installed, a popular media player for Windows and Mac OS. 

Versions of iTunes earlier than 10.7 are reportedly affected by multiple memory corruption vulnerabilities in WebKit.

The version of Apple iTunes on the remote host is prior to version 10.7. It is, therefore, affected by multiple memory corruption vulnerabilities in the WebKit component.

The version of Apple iTunes installed on the remote Windows host is older than 10.7 and is, therefore, affected by multiple memory corruption vulnerabilities in WebKit.

Versions of Safari earlier than 6.0 are reportedly affected by several issues :

  - An unspecified cross-site scripting issue exists. (CVE-2012-0678)

  - An error in the handling of 'feed://' URLs can allow local files to be disclosed to remote servers. (CVE-2012-0679)

  - Password input elements are auto completed even when a webpage specifically forbids it. (CVE-2012-0680)

  - A cross-site scripting issue exists due to improper handling of the HTTP 'Content-Disposition' header value of 'attachment'. (CVE-2011-3426)

  - Numerous issues exist in WebKit. (CVE-2011-2845, CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078, CVE-2011-3081, CVE-2011-3086, CVE-2011-3089, CVE-2011-3090, CVE-2011-3913, CVE-2011-3924, CVE-2011-3926, CVE-2011-3958, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-1521, CVE-2012-2815, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3599, CVE-2012-3600, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3615, CVE-2012-3618, CVE-2012-3620, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3650, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3674, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3686, CVE-2012-3689, CVE-2012-3690, CVE-2012-3691, CVE-2012-3693, CVE-2012-3694, CVE-2012-3695, CVE-2012-3696, CVE-2012-3697)

The version of Apple Safari installed on the remote Mac OS X host is earlier than 6.0.  It is, therefore, potentially affected by several issues :

  - An unspecified cross-site scripting issue exists.
    (CVE-2012-0678)

  - An error in the handling of 'feed://' URLs can allow     local files to be disclosed to remote servers.
    (CVE-2012-0679)

  - Password input elements are auto completed even when     a webpage specifically forbids it. (CVE-2012-0680)

  - A cross-site scripting issue exists due to improper     handling of the HTTP 'Content-Disposition' header     value of 'attachment'. (CVE-2011-3426)

  - Numerous issues exist in WebKit. (CVE-2011-2845,     CVE-2011-3016, CVE-2011-3021, CVE-2011-3027,     CVE-2011-3032, CVE-2011-3034, CVE-2011-3035,     CVE-2011-3036, CVE-2011-3037, CVE-2011-3038,     CVE-2011-3039, CVE-2011-3040, CVE-2011-3041,     CVE-2011-3042, CVE-2011-3043, CVE-2011-3044,     CVE-2011-3050, CVE-2011-3053, CVE-2011-3059,     CVE-2011-3060, CVE-2011-3064, CVE-2011-3067,     CVE-2011-3068, CVE-2011-3069, CVE-2011-3071,     CVE-2011-3073, CVE-2011-3074, CVE-2011-3075,     CVE-2011-3076, CVE-2011-3078, CVE-2011-3081,     CVE-2011-3086, CVE-2011-3089, CVE-2011-3090,     CVE-2011-3913, CVE-2011-3924, CVE-2011-3926,     CVE-2011-3958, CVE-2011-3966, CVE-2011-3968,     CVE-2011-3969, CVE-2011-3971, CVE-2012-0682,     CVE-2012-0683, CVE-2012-1520, CVE-2012-1521,     CVE-2012-2815, CVE-2012-3589, CVE-2012-3590,     CVE-2012-3591, CVE-2012-3592, CVE-2012-3593,     CVE-2012-3594, CVE-2012-3595, CVE-2012-3596,     CVE-2012-3597, CVE-2012-3599, CVE-2012-3600,     CVE-2012-3603, CVE-2012-3604, CVE-2012-3605,     CVE-2012-3608, CVE-2012-3609, CVE-2012-3610,     CVE-2012-3611, CVE-2012-3615, CVE-2012-3618,     CVE-2012-3620, CVE-2012-3625, CVE-2012-3626,     CVE-2012-3627, CVE-2012-3628, CVE-2012-3629,     CVE-2012-3630, CVE-2012-3631, CVE-2012-3633,     CVE-2012-3634, CVE-2012-3635, CVE-2012-3636,     CVE-2012-3637, CVE-2012-3638, CVE-2012-3639,     CVE-2012-3640, CVE-2012-3641, CVE-2012-3642,     CVE-2012-3644, CVE-2012-3645, CVE-2012-3646,     CVE-2012-3650, CVE-2012-3653, CVE-2012-3655,     CVE-2012-3656, CVE-2012-3661, CVE-2012-3663,     CVE-2012-3664, CVE-2012-3665, CVE-2012-3666,     CVE-2012-3667, CVE-2012-3668, CVE-2012-3669,     CVE-2012-3670, CVE-2012-3674, CVE-2012-3678,     CVE-2012-3679, CVE-2012-3680, CVE-2012-3681,     CVE-2012-3682, CVE-2012-3683, CVE-2012-3686,     CVE-2012-3689, CVE-2012-3690, CVE-2012-3691,     CVE-2012-3693, CVE-2012-3694, CVE-2012-3695,     CVE-2012-3696, CVE-2012-3697)

The remote host is affected by the vulnerability described in GLSA-201205-01 (Chromium: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium. Please review       the CVE identifiers and release notes referenced below for details.
  Impact :

    A remote attacker could entice a user to open a specially crafted web       site using Chromium, possibly resulting in the execution of arbitrary       code with the privileges of the process, or a Denial of Service       condition.
  Workaround :

    There is no known workaround at this time.

Google Chrome Releases reports :

[106413] High CVE-2011-3078: Use after free in floats handling. Credit to Google Chrome Security Team (Marty Barbella) and independent later discovery by miaubiz.

[117627] Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie.

[121726] Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to Willem Pinckaers of Matasano.

[121899] High CVE-2011-3081: Use after free in floats handling. Credit to miaubiz.

[117110] High CVE-2012-1521: Use after free in xml parser. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by wushi of team509 reported through iDefense VCP (V-874rcfpq7z).

The version of Google Chrome installed on the remote host is earlier than 18.0.1025.168 and is, therefore, affected by the following vulnerabilities :

  - Use-after-free errors exist related to floating element     handling and the xml parser. (CVE-2011-3078,     CVE-2012-1521, CVE-2011-3081)

  - A validation error exists related to Inter-Process     Communications (IPC). (CVE-2011-3079)

  - A race condition exists in the method     'CrossCallParamsEx::CreateFromBuffer' in the file     'sandbox/src/crosscall_server.cc' and is related to     sandbox Inter-Process Communication (IPC).
    (CVE-2011-3080)

ID	Name	Product	Family	Severity
74622	openSUSE Security Update : chromium / v8 (openSUSE-SU-2012:0613-1)	Nessus	SuSE Local Security Checks	critical
800935	Google Chrome < 18.0.1025.168 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
62707	Ubuntu 12.04 LTS : webkit vulnerabilities (USN-1617-1)	Nessus	Ubuntu Local Security Checks	critical
62242	Apple iOS < 6.0 Multiple Vulnerabilities	Nessus	Mobile Devices	critical
6589	Apple iOS < 6.0 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high
6575	iTunes < 10.7 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
62078	Apple iTunes < 10.7 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	critical
62077	Apple iTunes < 10.7 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	critical
800986	Safari < 6.0 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
60127	Mac OS X : Apple Safari < 6.0 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
6522	Safari < 6.0 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
59625	GLSA-201205-01 : Chromium: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
58963	FreeBSD : chromium -- multiple vulnerabilities (94c0ac4f-9388-11e1-b242-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	critical
58954	Google Chrome < 18.0.1025.168 Multiple Vulnerabilities	Nessus	Windows	high

CVE-2011-3081

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins