FreeBSD : chromium -- multiple vulnerabilities (4865d189-cd62-11e2-ae11-00262d5ed8ee)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Google Chrome Releases reports :

[242322] Medium CVE-2013-2855: Memory corruption in dev tools API.
Credit to 'daniel.zulla'.

[242224] High CVE-2013-2856: Use-after-free in input handling. Credit
to miaubiz.

[240124] High CVE-2013-2857: Use-after-free in image handling. Credit
to miaubiz.

[239897] High CVE-2013-2858: Use-after-free in HTML5 Audio. Credit to
'cdel921'.

[237022] High CVE-2013-2859: Cross-origin namespace pollution. to
'bobbyholley'.

[225546] High CVE-2013-2860: Use-after-free with workers accessing
database APIs. Credit to Collin Payne.

[209604] High CVE-2013-2861: Use-after-free with SVG. Credit to
miaubiz.

[161077] High CVE-2013-2862: Memory corruption in Skia GPU handling.
Credit to Atte Kettunen of OUSPG.

[232633] Critical CVE-2013-2863: Memory corruption in SSL socket
handling. Credit to Sebastian Marchand of the Chromium development
community.

[239134] High CVE-2013-2864: Bad free in PDF viewer. Credit to Mateusz
Jurczyk, with contributions by Gynvael Coldwind, both from Google
Security Team.

[246389] High CVE-2013-2865: Various fixes from internal audits,
fuzzing and other initiatives.

See also :

http://googlechromereleases.blogspot.nl/
http://www.nessus.org/u?5bc8e5b4

Solution :

Update the affected package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now