openSUSE Security Update : chromium (openSUSE-SU-2014:1626-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

chromium was updated to version 39.0.2171.65 to fix 13 security

These security issues were fixed :

- Use-after-free in pepper plugins (CVE-2014-7906).

- Buffer overflow in OpenJPEG before r2911 in PDFium, as
used in Google Chromebefore 39.0.2171.65, al...

- Uninitialized memory read in Skia (CVE-2014-7909).

- Unspecified security issues (CVE-2014-7910).

- Integer overflow in media (CVE-2014-7908).

- Integer overflow in the opj_t2_read_packet_data function

- Use-after-free in blink (CVE-2014-7907).

- Address bar spoofing (CVE-2014-7899).

- Buffer overflow in Skia (CVE-2014-7904).

- Use-after-free vulnerability in the CPDF_Parser

- Use-after-free vulnerability in PDFium allows DoS

- Flaw allowing navigation to intents that do not have the
BROWSABLE category (CVE-2014-7905).

- Double-free in Flash (CVE-2014-0574).

See also :

Solution :

Update the affected chromium packages.

Risk factor :

Critical / CVSS Base Score : 10.0

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now