FreeBSD : chromium -- multiple vulnerabilities (7cf25a0c-d031-11e3-947b-00262d5ed8ee)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Google Chrome Releases reports (belatedly) :

9 security fixes in this release, including :

- [354967] High CVE-2014-1730: Type confusion in V8. Credit to
Anonymous.

- [349903] High CVE-2014-1731: Type confusion in DOM. Credit to John
Butler.

- [359802] High CVE-2014-1736: Integer overflow in V8. Credit to
SkyLined working with HP's Zero Day Initiative.

- [352851] Medium CVE-2014-1732: Use-after-free in Speech Recognition.
Credit to Khalil Zhani.

- [351103] Medium CVE-2014-1733: Compiler bug in Seccomp-BPF. Credit
to Jed Davis.

- [367314] CVE-2014-1734: Various fixes from internal audits, fuzzing
and other initiatives.

- [359130, 359525, 360429] CVE-2014-1735: Multiple vulnerabilities in
V8 fixed in version 3.24.35.33.

See also :

http://googlechromereleases.blogspot.nl/
http://www.nessus.org/u?c7d0ef67

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 73793 ()

Bugtraq ID:

CVE ID: CVE-2014-1730
CVE-2014-1731
CVE-2014-1732
CVE-2014-1733
CVE-2014-1734
CVE-2014-1735
CVE-2014-1736

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now