Debian DSA-2883-1 : chromium-browser - security update

critical Nessus Plugin ID 73164

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser.

- CVE-2013-6654 TheShow3511 discovered an issue in SVG handling.

- CVE-2013-6655 cloudfuzzer discovered a use-after-free issue in dom event handling.

- CVE-2013-6656 NeexEmil discovered an information leak in the XSS auditor.

- CVE-2013-6657 NeexEmil discovered a way to bypass the Same Origin policy in the XSS auditor.

- CVE-2013-6658 cloudfuzzer discovered multiple use-after-free issues surrounding the updateWidgetPositions function.

- CVE-2013-6659 Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was possible to trigger an unexpected certificate chain during TLS renegotiation.

- CVE-2013-6660 bishopjeffreys discovered an information leak in the drag and drop implementation.

- CVE-2013-6661 The Google Chrome team discovered and fixed multiple issues in version 33.0.1750.117.

- CVE-2013-6663 Atte Kettunen discovered a use-after-free issue in SVG handling.

- CVE-2013-6664 Khalil Zhani discovered a use-after-free issue in the speech recognition feature.

- CVE-2013-6665 cloudfuzzer discovered a buffer overflow issue in the software renderer.

- CVE-2013-6666 netfuzzer discovered a restriction bypass in the Pepper Flash plugin.

- CVE-2013-6667 The Google Chrome team discovered and fixed multiple issues in version 33.0.1750.146.

- CVE-2013-6668 Multiple vulnerabilities were fixed in version 3.24.35.10 of the V8 JavaScript library.

- CVE-2014-1700 Chamal de Silva discovered a use-after-free issue in speech synthesis.

- CVE-2014-1701 aidanhs discovered a cross-site scripting issue in event handling.

- CVE-2014-1702 Colin Payne discovered a use-after-free issue in the web database implementation.

- CVE-2014-1703 VUPEN discovered a use-after-free issue in web sockets that could lead to a sandbox escape.

- CVE-2014-1704 Multiple vulnerabilities were fixed in version 3.23.17.18 of the V8 JavaScript library.

- CVE-2014-1705 A memory corruption issue was discovered in the V8 JavaScript library.

- CVE-2014-1713 A use-after-free issue was discovered in the AttributeSetter function.

- CVE-2014-1715 A directory traversal issue was found and fixed.

Solution

Upgrade the chromium-browser packages.

For the stable distribution (wheezy), these problems have been fixed in version 33.0.1750.152-1~deb7u1.

See Also

https://security-tracker.debian.org/tracker/CVE-2013-6653

https://security-tracker.debian.org/tracker/CVE-2013-6654

https://security-tracker.debian.org/tracker/CVE-2013-6655

https://security-tracker.debian.org/tracker/CVE-2013-6656

https://security-tracker.debian.org/tracker/CVE-2013-6657

https://security-tracker.debian.org/tracker/CVE-2013-6658

https://security-tracker.debian.org/tracker/CVE-2013-6659

https://security-tracker.debian.org/tracker/CVE-2013-6660

https://security-tracker.debian.org/tracker/CVE-2013-6661

https://security-tracker.debian.org/tracker/CVE-2013-6663

https://security-tracker.debian.org/tracker/CVE-2013-6664

https://security-tracker.debian.org/tracker/CVE-2013-6665

https://security-tracker.debian.org/tracker/CVE-2013-6666

https://security-tracker.debian.org/tracker/CVE-2013-6667

https://security-tracker.debian.org/tracker/CVE-2013-6668

https://security-tracker.debian.org/tracker/CVE-2014-1700

https://security-tracker.debian.org/tracker/CVE-2014-1701

https://security-tracker.debian.org/tracker/CVE-2014-1702

https://security-tracker.debian.org/tracker/CVE-2014-1703

https://security-tracker.debian.org/tracker/CVE-2014-1704

https://security-tracker.debian.org/tracker/CVE-2014-1705

https://security-tracker.debian.org/tracker/CVE-2014-1713

https://security-tracker.debian.org/tracker/CVE-2014-1715

https://packages.debian.org/source/wheezy/chromium-browser

https://www.debian.org/security/2014/dsa-2883

Plugin Details

Severity: Critical

ID: 73164

File Name: debian_DSA-2883.nasl

Version: 1.13

Type: local

Agent: unix

Published: 3/25/2014

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent

Risk Information

VPR

Risk Factor: High

Score: 7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-browser, cpe:/o:debian:debian_linux:7.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 3/23/2014

Vulnerability Publication Date: 2/23/2014

Reference Information

CVE: CVE-2013-6653, CVE-2013-6654, CVE-2013-6655, CVE-2013-6656, CVE-2013-6657, CVE-2013-6658, CVE-2013-6659, CVE-2013-6660, CVE-2013-6661, CVE-2013-6663, CVE-2013-6664, CVE-2013-6665, CVE-2013-6666, CVE-2013-6667, CVE-2013-6668, CVE-2014-1700, CVE-2014-1701, CVE-2014-1702, CVE-2014-1703, CVE-2014-1704, CVE-2014-1705, CVE-2014-1713, CVE-2014-1715

BID: 65699, 65930, 66120, 66239, 66243, 66249

DSA: 2883