Debian DSA-2166-1 : chromium-browser - several vulnerabilities

critical Nessus Plugin ID 52029

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2011-0777 Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading.

- CVE-2011-0778 Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

- CVE-2011-0783 Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a 'bad volume setting'.

- CVE-2011-0983 Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a 'stale pointer'.

- CVE-2011-0981 Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a'stale pointer'.

- CVE-2011-0984 Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

- CVE-2011-0985 Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors.

Solution

Upgrade the chromium-browser packages.

For the stable distribution (squeeze), these problems have been fixed in version 6.0.472.63~r59945-5+squeeze2.

See Also

https://security-tracker.debian.org/tracker/CVE-2011-0777

https://security-tracker.debian.org/tracker/CVE-2011-0778

https://security-tracker.debian.org/tracker/CVE-2011-0783

https://security-tracker.debian.org/tracker/CVE-2011-0983

https://security-tracker.debian.org/tracker/CVE-2011-0981

https://security-tracker.debian.org/tracker/CVE-2011-0984

https://security-tracker.debian.org/tracker/CVE-2011-0985

https://packages.debian.org/source/squeeze/chromium-browser

https://www.debian.org/security/2011/dsa-2166

Plugin Details

Severity: Critical

ID: 52029

File Name: debian_DSA-2166.nasl

Version: 1.13

Type: local

Agent: unix

Published: 2/20/2011

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-browser, cpe:/o:debian:debian_linux:6.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 2/16/2011

Reference Information

CVE: CVE-2011-0777, CVE-2011-0778, CVE-2011-0783, CVE-2011-0981, CVE-2011-0983, CVE-2011-0984, CVE-2011-0985

BID: 46144, 46262

DSA: 2166