openSUSE Security Update : chromium / v8 (openSUSE-SU-2012:0656-1)

Critical Nessus Plugin ID 74634


The remote openSUSE host is missing a security update.


Chromium update to 21.0.1145

- Fixed several issues around audio not playing with videos

- Crash Fixes

- Improvements to trackpad on Cr-48

- Security Fixes (bnc#762481)

- CVE-2011-3083: Browser crash with video + FTP

- CVE-2011-3084: Load links from internal pages in their own process.

- CVE-2011-3085: UI corruption with long autofilled values

- CVE-2011-3086: Use-after-free with style element.

- CVE-2011-3087: Incorrect window navigation

- CVE-2011-3088: Out-of-bounds read in hairline drawing

- CVE-2011-3089: Use-after-free in table handling.

- CVE-2011-3090: Race condition with workers.

- CVE-2011-3091: Use-after-free with indexed DB

- CVE-2011-3092: Invalid write in v8 regex

- CVE-2011-3093: Out-of-bounds read in glyph handling

- CVE-2011-3094: Out-of-bounds read in Tibetan handling

- CVE-2011-3095: Out-of-bounds write in OGG container.

- CVE-2011-3096: Use-after-free in GTK omnibox handling.

- CVE-2011-3098: Bad search path for Windows Media Player plug-in

- CVE-2011-3100: Out-of-bounds read drawing dash paths.

- CVE-2011-3101: Work around Linux Nvidia driver bug

- CVE-2011-3102: Off-by-one out-of-bounds write in libxml.


Update the affected chromium / v8 packages.

See Also

Plugin Details

Severity: Critical

ID: 74634

File Name: openSUSE-2012-295.nasl

Version: $Revision: 1.3 $

Type: local

Agent: unix

Published: 2014/06/13

Modified: 2016/05/20

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:ND

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:chromium, p-cpe:/a:novell:opensuse:chromium-debuginfo, p-cpe:/a:novell:opensuse:chromium-debugsource, p-cpe:/a:novell:opensuse:chromium-desktop-gnome, p-cpe:/a:novell:opensuse:chromium-desktop-kde, p-cpe:/a:novell:opensuse:chromium-suid-helper, p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo, p-cpe:/a:novell:opensuse:libv8-3, p-cpe:/a:novell:opensuse:libv8-3-debuginfo, p-cpe:/a:novell:opensuse:v8-debugsource, p-cpe:/a:novell:opensuse:v8-devel, p-cpe:/a:novell:opensuse:v8-private-headers-devel, cpe:/o:novell:opensuse:12.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/05/24

Reference Information

CVE: CVE-2011-3083, CVE-2011-3084, CVE-2011-3085, CVE-2011-3086, CVE-2011-3087, CVE-2011-3088, CVE-2011-3089, CVE-2011-3090, CVE-2011-3091, CVE-2011-3092, CVE-2011-3093, CVE-2011-3094, CVE-2011-3095, CVE-2011-3096, CVE-2011-3098, CVE-2011-3100, CVE-2011-3101, CVE-2011-3102

OSVDB: 81945, 81946, 81947, 81948, 81949, 81950, 81951, 81952, 81953, 81954, 81955, 81956, 81957, 81958, 81960, 81962, 81963, 81964