Debian DSA-2189-1 : chromium-browser - several vulnerabilities

high Nessus Plugin ID 52621
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2011-1108 Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.

- CVE-2011-1109 Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a 'stale pointer'.

- CVE-2011-1113 Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

- CVE-2011-1114 Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a 'stale node'.

- CVE-2011-1115 Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a 'stale pointer'.

- CVE-2011-1121 Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element.

- CVE-2011-1122 The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960.

- In addition, this upload fixes the following issues (they don't have a CVE id yet) :

- Out-of-bounds read in text searching. [69640]
- Memory corruption in SVG fonts. [72134]

- Memory corruption with counter nodes. [69628]

- Stale node in box layout. [70027]

- Cross-origin error message leak with workers. [70336]

- Stale pointer in table painting. [72028]

- Stale pointer with SVG cursors. [73746]

Solution

Upgrade the chromium-browser packages.

For the stable distribution (squeeze), these problems have been fixed in version 6.0.472.63~r59945-5+squeeze3.

See Also

https://security-tracker.debian.org/tracker/CVE-2011-1108

https://security-tracker.debian.org/tracker/CVE-2011-1109

https://security-tracker.debian.org/tracker/CVE-2011-1113

https://security-tracker.debian.org/tracker/CVE-2011-1114

https://security-tracker.debian.org/tracker/CVE-2011-1115

https://security-tracker.debian.org/tracker/CVE-2011-1121

https://security-tracker.debian.org/tracker/CVE-2011-1122

https://packages.debian.org/source/squeeze/chromium-browser

https://www.debian.org/security/2011/dsa-2189

Plugin Details

Severity: High

ID: 52621

File Name: debian_DSA-2189.nasl

Version: 1.12

Type: local

Agent: unix

Published: 3/11/2011

Updated: 1/4/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-browser, cpe:/o:debian:debian_linux:6.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 3/10/2011

Reference Information

CVE: CVE-2011-1108, CVE-2011-1109, CVE-2011-1113, CVE-2011-1114, CVE-2011-1115, CVE-2011-1121, CVE-2011-1122

BID: 46614

DSA: 2189