FreeBSD : chromium -- multiple vulnerabilities (057130e6-7f61-11e1-8a43-00262d5ed8ee)

high Nessus Plugin ID 58609
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 8.9


The remote FreeBSD host is missing a security-related update.


Google Chrome Releases reports :

[106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
Credit to miaubiz.

[117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to Sergey Glazunov.

[117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to miaubiz.

[117728] High CVE-2011-3069: Use-after-free in line box handling.
Credit to miaubiz.

[118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to Google Chrome Security Team (SkyLined).

[118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement.
Credit to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).

[118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up window. Credit to Sergey Glazunov.

[118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
Credit to Arthur Gerkis.

[119281] Medium CVE-2011-3074: Use-after-free in media handling.
Credit to Slawomir Blazek.

[119525] High CVE-2011-3075: Use-after-free applying style command.
Credit to miaubiz.

[120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to miaubiz.

[120189] Medium CVE-2011-3077: Read-after-free in script bindings.
Credit to Google Chrome Security Team (Inferno).


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 58609

File Name: freebsd_pkg_057130e67f6111e18a4300262d5ed8ee.nasl

Version: 1.8

Type: local

Published: 4/6/2012

Updated: 1/6/2021

Dependencies: ssh_get_info.nasl

Risk Information

Risk Factor: High

VPR Score: 8.9

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:chromium, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/5/2012

Vulnerability Publication Date: 4/5/2012

Reference Information

CVE: CVE-2011-3066, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3070, CVE-2011-3071, CVE-2011-3072, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3077