FreeBSD : chromium -- multiple vulnerabilities (68ac6266-25c3-11e1-b63a-00262d5ed8ee)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Google Chrome Releases reports :

[81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching.
Credit to David Holloway of the Chromium development community.
[95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to
Google Chrome Security Team (Inferno). [98809] Medium CVE-2011-3906:
Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG.
[99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit
to Mitja Kolsek of ACROS Security. [100863] Low CVE-2011-3908:
Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG.
[101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS
property array. Credit to Google Chrome Security Team (scarybeasts)
and Chu. [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV
video frame handling. Credit to Google Chrome Security Team (Cris
Neckar). [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF.
Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki
of the Google Security Team. [102359] High CVE-2011-3912:
Use-after-free in SVG filters. Credit to Arthur Gerkis. [103921] High
CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur
Gerkis. [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n
handling. Credit to Slawomir Blazek. [104529] High CVE-2011-3915:
Buffer overflow in PDF font handling. Credit to Atte Kettunen of
OUSPG. [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross
references. Credit to Atte Kettunen of OUSPG. [105162] Medium
CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google
Chrome Security Team (Marty Barbella). [107258] High CVE-2011-3904:
Use-after-free in bidi handling. Credit to Google Chrome Security Team
(Inferno) and miaubiz.

See also :

http://www.nessus.org/u?29fa020e
http://www.nessus.org/u?51c2b178

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now