FreeBSD : chromium -- multiple vulnerabilities (68ac6266-25c3-11e1-b63a-00262d5ed8ee)

High Nessus Plugin ID 57292

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Google Chrome Releases reports :

[81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching.
Credit to David Holloway of the Chromium development community.
[95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno). [98809] Medium CVE-2011-3906:
Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG.
[99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Mitja Kolsek of ACROS Security. [100863] Low CVE-2011-3908:
Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG.
[101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu. [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar). [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF.
Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team. [102359] High CVE-2011-3912:
Use-after-free in SVG filters. Credit to Arthur Gerkis. [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis. [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to Slawomir Blazek. [104529] High CVE-2011-3915:
Buffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG. [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG. [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella). [107258] High CVE-2011-3904:
Use-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?29fa020e

http://www.nessus.org/u?51c2b178

Plugin Details

Severity: High

ID: 57292

File Name: freebsd_pkg_68ac626625c311e1b63a00262d5ed8ee.nasl

Version: 1.7

Type: local

Published: 2011/12/14

Updated: 2019/08/02

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:chromium, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2011/12/13

Vulnerability Publication Date: 2011/12/13

Reference Information

CVE: CVE-2011-3903, CVE-2011-3904, CVE-2011-3905, CVE-2011-3906, CVE-2011-3907, CVE-2011-3908, CVE-2011-3909, CVE-2011-3910, CVE-2011-3911, CVE-2011-3912, CVE-2011-3913, CVE-2011-3914, CVE-2011-3915, CVE-2011-3916, CVE-2011-3917