FreeBSD : chromium -- multiple vulnerabilities (99aef698-66ed-11e1-8288-00262d5ed8ee)

High Nessus Plugin ID 58210

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Google Chrome Releases reports :

[105867] High CVE-2011-3031: Use-after-free in v8 element wrapper.
Credit to Chamal de Silva.

[108037] High CVE-2011-3032: Use-after-free in SVG value handling.
Credit to Arthur Gerkis.

[108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing library. Credit to Aki Helin of OUSPG.

[111748] High CVE-2011-3034: Use-after-free in SVG document handling.
Credit to Arthur Gerkis.

[112212] High CVE-2011-3035: Use-after-free in SVG use handling.
Credit to Arthur Gerkis.

[113258] High CVE-2011-3036: Bad cast in line box handling. Credit to miaubiz.

[113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous block splitting. Credit to miaubiz.

[113497] High CVE-2011-3038: Use-after-free in multi-column handling.
Credit to miaubiz.

[113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to miaubiz.

[114054] High CVE-2011-3040: Out-of-bounds read in text handling.
Credit to miaubiz.

[114068] High CVE-2011-3041: Use-after-free in class attribute handling. Credit to miaubiz.

[114219] High CVE-2011-3042: Use-after-free in table section handling.
Credit to miaubiz.

[115681] High CVE-2011-3043: Use-after-free in flexbox with floats.
Credit to miaubiz.

[116093] High CVE-2011-3044: Use-after-free with SVG animation elements. Credit to Arthur Gerkis.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?29fa020e

http://www.nessus.org/u?5585386e

Plugin Details

Severity: High

ID: 58210

File Name: freebsd_pkg_99aef69866ed11e1828800262d5ed8ee.nasl

Version: 1.4

Type: local

Published: 2012/03/06

Updated: 2020/09/23

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:chromium, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2012/03/05

Vulnerability Publication Date: 2012/03/04

Reference Information

CVE: CVE-2011-3031, CVE-2011-3032, CVE-2011-3033, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044