http://code.google.com/p/chromium/issues/detail?id=90217

http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html

chrome-whitespace-security-bypass(70954)

oval:org.mitre.oval:def:13042

The remote host is affected by the vulnerability described in GLSA-201111-01 (Chromium, V8: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and V8. Please       review the CVE identifiers and release notes referenced below for       details.
  Impact :

    A local attacker could gain root privileges (CVE-2011-1444, fixed in       chromium-11.0.696.57).
    A context-dependent attacker could entice a user to open a specially       crafted website or JavaScript program using Chromium or V8, possibly       resulting in the execution of arbitrary code with the privileges of the       process, or a Denial of Service condition. The attacker also could obtain       cookies and other sensitive information, conduct man-in-the-middle       attacks, perform address bar spoofing, bypass the same origin policy,       perform Cross-Site Scripting attacks, or bypass pop-up blocks.
  Workaround :

    There is no known workaround at this time.

Versions of Google Chrome earlier than 15.0.874.102 are affected by multiple vulnerabilities : 

  - Several URL bar spoofing errors exist related to history handling and drag-and-drop of URLs. (CVE-2011-28245, CVE-2011-3875)

  - Whitespace is stripped from the end of download filenames. (CVE-2011-3876)

  - A cross-site scripting issue exists related to the appcache internals page. (CVE-2011-3877)

  - A race condition exists related to working process initialization. (CVE-2011-3878)

  - An error exists related to redirection to chrome scheme URIs. (CVE-2011-3879)

  - Unspecified special characters may be used as delimiters in HTTP headers. (CVE-2011-3880)

  - Several cross-origin policy violation issues exist. (CVE-2011-3881)

  - Several use-after-free errors exist related to media buffer handling, counter handling, stale styles, plugins and editing, and video source handling. (CVE-2011-3882, CVE-2011-3883, CVE-2011-3885, CVE-2011-3888, CVE-2011-3890)

  - Timing issues exist related to DOM traversal. (CVE-2011-3884)

  - An out-of-bounds write error exists in the V8 JavaScript engine. (CVE-2011-3886)

  - Cookie theft is possible via JavaScript URIs. (CVE-2011-3887)

  - A heap overflow issue exists related to Web Audio. (CVE-2011-3889)

  - Functions internal to the V8 JavaScript engine are exposed. (CVE-2011-3891)

The version of Google Chrome installed on the remote host is earlier than 15.0.874.102.  It therefore is potentially affected by the following vulnerabilities :

  - Several URL bar spoofing errors exist related to     history handling and drag-and-drop of URLs.
    (CVE-2011-2845, CVE-2011-3875)

  - Whitespace is stripped from the end of download     filenames. (CVE-2011-3876)

  - A cross-site scripting issue exists related to the     'appcache' internals page. (CVE-2011-3877)

  - A race condition exists related to working process     initialization. (CVE-2011-3878)

  - An error exists related to redirection to 'chrome     scheme' URIs. (CVE-2011-3879)

  - Unspecified special characters may be used as     delimiters in HTTP headers. (CVE-2011-3880)

  - Several cross-origin policy violation issues exist.
    (CVE-2011-3881)

  - Several use-after-free errors exist related to media     buffer handling, counter handling, stale styles,     plugins and editing, and video source handling.
    (CVE-2011-3882, CVE-2011-3883, CVE-2011-3885,     CVE-2011-3888, CVE-2011-3890)

  - Timing issues exist related to DOM traversal.
    (CVE-2011-3884)

  - An out-of-bounds write error exists in the V8     JavaScript engine. (CVE-2011-3886)

  - Cookie theft is possible via JavaScript URIs.
    (CVE-2011-3887)

  - A heap overflow issue exists related to Web Audio.
    (CVE-2011-3889)

  - Functions internal to the V8 JavaScript engine are     exposed. (CVE-2011-3891)

ID	Name	Product	Family	Severity
56686	GLSA-201111-01 : Chromium, V8: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
800887	Google Chrome < 15.0.874.102 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
6050	Google Chrome < 15.0.874.102 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
56650	Google Chrome < 15.0.874.102 Multiple Vulnerabilities	Nessus	Windows	high
51069	FreeBSD : chromium -- multiple vulnerabilities (6887828f-0229-11e0-b84d-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	critical

CVE-2011-3876

MEDIUM

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Tenable Plugins

high

high

high

high

critical