FreeBSD : chromium -- multiple vulnerabilities (1449af37-9eba-11e1-b9c1-00262d5ed8ee)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Google Chrome Releases reports :

[112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to
Aki Helin of OUSPG.

[113496] Low CVE-2011-3084: Load links from internal pages in their
own process. Credit to Brett Wilson of the Chromium development
community.

[118374] Medium CVE-2011-3085: UI corruption with long autofilled
values. Credit to 'psaldorn'.

[118642] High CVE-2011-3086: Use-after-free with style element. Credit
to Arthur Gerkis.

[118664] Low CVE-2011-3087: Incorrect window navigation. Credit to
Charlie Reis of the Chromium development community.

[120648] Medium CVE-2011-3088: Out-of-bounds read in hairline drawing.
Credit to Aki Helin of OUSPG.

[120711] High CVE-2011-3089: Use-after-free in table handling. Credit
to miaubiz.

[121223] Medium CVE-2011-3090: Race condition with workers. Credit to
Arthur Gerkis.

[121734] High CVE-2011-3091: Use-after-free with indexed DB. Credit to
Google Chrome Security Team (Inferno).

[122337] High CVE-2011-3092: Invalid write in v8 regex. Credit to
Christian Holler.

[122585] Medium CVE-2011-3093: Out-of-bounds read in glyph handling.
Credit to miaubiz.

[122586] Medium CVE-2011-3094: Out-of-bounds read in Tibetan handling.
Credit to miaubiz.

[123481] High CVE-2011-3095: Out-of-bounds write in OGG container.
Credit to Hannu Heikkinen.

[Linux only] [123530] Low CVE-2011-3096: Use-after-free in GTK omnibox
handling. Credit to Arthur Gerkis.

[123733] [124182] High CVE-2011-3097: Out-of-bounds write in sampled
functions with PDF. Credit to Kostya Serebryany of Google and Evgeniy
Stepanov of Google.

[124479] High CVE-2011-3099: Use-after-free in PDF with corrupt font
encoding name. Credit to Mateusz Jurczyk of Google Security Team and
Gynvael Coldwind of Google Security Team.

[124652] Medium CVE-2011-3100: Out-of-bounds read drawing dash paths.
Credit to Google Chrome Security Team (Inferno).

See also :

http://www.nessus.org/u?29fa020e
http://www.nessus.org/u?52ef9bf4

Solution :

Update the affected package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now