Vulnerabilities > CVE-2011-3019 - Out-Of-Bounds Write vulnerability in Google Chrome
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Windows NASL id GOOGLE_CHROME_17_0_963_56.NASL description The version of Google Chrome installed on the remote host is earlier than 17.0.963.56 and is, therefore, affected by the following vulnerabilities: - Integer overflow errors exist related to PDF codecs and libpng. (CVE-2011-3015, CVE-2011-3026) - A read-after-free error exists related to last seen 2020-06-01 modified 2020-06-02 plugin id 57974 published 2012-02-16 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57974 title Google Chrome < 17.0.963.56 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(57974); script_version("1.9"); script_cvs_date("Date: 2018/11/15 20:50:26"); script_cve_id( "CVE-2011-3015", "CVE-2011-3016", "CVE-2011-3017", "CVE-2011-3018", "CVE-2011-3019", "CVE-2011-3020", "CVE-2011-3021", "CVE-2011-3022", "CVE-2011-3023", "CVE-2011-3024", "CVE-2011-3025", "CVE-2011-3026", "CVE-2011-3027" ); script_bugtraq_id(52031, 52049); script_name(english:"Google Chrome < 17.0.963.56 Multiple Vulnerabilities"); script_summary(english:"Checks version number of Google Chrome"); script_set_attribute(attribute:"synopsis", value: "The remote host contains a web browser that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Google Chrome installed on the remote host is earlier than 17.0.963.56 and is, therefore, affected by the following vulnerabilities: - Integer overflow errors exist related to PDF codecs and libpng. (CVE-2011-3015, CVE-2011-3026) - A read-after-free error exists related to 'counter nodes'. (CVE-2011-3016) - Use-after-free errors exist related to database handling, subframe loading, and drag-and-drop functionality. (CVE-2011-3017, CVE-2011-3021, CVE-2011-3023) - Heap-overflow errors exist related to path rendering and 'MKV' handling. (CVE-2011-3018, CVE-2011-3019) - Unspecified errors exist related to the native client validator and HTTP use with translation scripts. (CVE-2011-3020, CVE-2011-3022) - Empty x509 certificates can cause browser crashes. (CVE-2011-3024) - An out-of-bounds read error exists related to h.264 parsing. (CVE-2011-3025) - A bad variable cast exists related to column handling. (CVE-2011-3027)"); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?32f2be13"); script_set_attribute(attribute:"solution", value:"Upgrade to Google Chrome 17.0.963.56 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/02/15"); script_set_attribute(attribute:"patch_publication_date", value:"2012/02/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/16"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc."); script_dependencies("google_chrome_installed.nasl"); script_require_keys("SMB/Google_Chrome/Installed"); exit(0); } include("google_chrome_version.inc"); get_kb_item_or_exit("SMB/Google_Chrome/Installed"); installs = get_kb_list("SMB/Google_Chrome/*"); google_chrome_check_version(installs:installs, fix:'17.0.963.56', severity:SECURITY_HOLE);NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201202-01.NASL description The remote host is affected by the vulnerability described in GLSA-201202-01 (Chromium: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, information leak (clipboard contents), bypass of the Same Origin Policy, or escape from NativeClient last seen 2020-06-01 modified 2020-06-02 plugin id 58025 published 2012-02-20 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/58025 title GLSA-201202-01 : Chromium: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201202-01. # # The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(58025); script_version("1.13"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2011-3016", "CVE-2011-3017", "CVE-2011-3018", "CVE-2011-3019", "CVE-2011-3020", "CVE-2011-3021", "CVE-2011-3022", "CVE-2011-3023", "CVE-2011-3024", "CVE-2011-3025", "CVE-2011-3027", "CVE-2011-3953", "CVE-2011-3954", "CVE-2011-3955", "CVE-2011-3956", "CVE-2011-3957", "CVE-2011-3958", "CVE-2011-3959", "CVE-2011-3960", "CVE-2011-3961", "CVE-2011-3962", "CVE-2011-3963", "CVE-2011-3964", "CVE-2011-3965", "CVE-2011-3966", "CVE-2011-3967", "CVE-2011-3968", "CVE-2011-3969", "CVE-2011-3970", "CVE-2011-3971", "CVE-2011-3972"); script_bugtraq_id(51911, 52031); script_xref(name:"GLSA", value:"201202-01"); script_name(english:"GLSA-201202-01 : Chromium: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201202-01 (Chromium: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, information leak (clipboard contents), bypass of the Same Origin Policy, or escape from NativeClient's sandbox. A remote attacker could also entice the user to perform a set of UI actions (drag and drop) to trigger an URL bar spoofing vulnerability. Workaround : There is no known workaround at this time." ); # https://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?529c26ac" ); # https://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a14ea6c1" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201202-01" ); script_set_attribute( attribute:"solution", value: "All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/chromium-17.0.963.56'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:chromium"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2012/02/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/20"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"www-client/chromium", unaffected:make_list("ge 17.0.963.56"), vulnerable:make_list("lt 17.0.963.56"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Chromium"); }NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_2F5FF968582911E1828800262D5ED8EE.NASL description Google Chrome Releases reports : [105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team (scarybeasts). [106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz. [108695] High CVE-2011-3017: Possible use-after-free in database handling. Credit to miaubiz. [110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to Aki Helin of OUSPG. [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the Google Security Team. [111575] Medium CVE-2011-3020: Native client validator error. Credit to Nick Bray of the Chromium development community. [111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to Arthur Gerkis. [112236] Medium CVE-2011-3022: Inappropriate use of http for translation script. Credit to Google Chrome Security Team (Jorge Obes). [112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit to pa_kt. [112451] Low CVE-2011-3024: Browser crash with empty x509 certificate. Credit to chrometot. [112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit to Slawomir Blazek. [112822] High CVE-2011-3026: Integer overflow / truncation in libpng. Credit to Juri Aedla. [112847] Medium CVE-2011-3027: Bad cast in column handling. Credit to miaubiz. last seen 2020-06-01 modified 2020-06-02 plugin id 57968 published 2012-02-16 reporter This script is Copyright (C) 2012-2013 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57968 title FreeBSD : chromium -- multiple vulnerabilities (2f5ff968-5829-11e1-8288-00262d5ed8ee) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the FreeBSD VuXML database : # # Copyright 2003-2013 Jacques Vidrine and contributors # # Redistribution and use in source (VuXML) and 'compiled' forms (SGML, # HTML, PDF, PostScript, RTF and so forth) with or without modification, # are permitted provided that the following conditions are met: # 1. Redistributions of source code (VuXML) must retain the above # copyright notice, this list of conditions and the following # disclaimer as the first lines of this file unmodified. # 2. Redistributions in compiled form (transformed to other DTDs, # published online in any format, converted to PDF, PostScript, # RTF and other formats) must reproduce the above copyright # notice, this list of conditions and the following disclaimer # in the documentation and/or other materials provided with the # distribution. # # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # include("compat.inc"); if (description) { script_id(57968); script_version("$Revision: 1.4 $"); script_cvs_date("$Date: 2013/06/21 23:48:18 $"); script_cve_id("CVE-2011-3015", "CVE-2011-3016", "CVE-2011-3017", "CVE-2011-3018", "CVE-2011-3019", "CVE-2011-3020", "CVE-2011-3021", "CVE-2011-3022", "CVE-2011-3023", "CVE-2011-3024", "CVE-2011-3025", "CVE-2011-3026", "CVE-2011-3027"); script_name(english:"FreeBSD : chromium -- multiple vulnerabilities (2f5ff968-5829-11e1-8288-00262d5ed8ee)"); script_summary(english:"Checks for updated package in pkg_info output"); script_set_attribute( attribute:"synopsis", value:"The remote FreeBSD host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Google Chrome Releases reports : [105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team (scarybeasts). [106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz. [108695] High CVE-2011-3017: Possible use-after-free in database handling. Credit to miaubiz. [110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to Aki Helin of OUSPG. [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the Google Security Team. [111575] Medium CVE-2011-3020: Native client validator error. Credit to Nick Bray of the Chromium development community. [111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to Arthur Gerkis. [112236] Medium CVE-2011-3022: Inappropriate use of http for translation script. Credit to Google Chrome Security Team (Jorge Obes). [112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit to pa_kt. [112451] Low CVE-2011-3024: Browser crash with empty x509 certificate. Credit to chrometot. [112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit to Slawomir Blazek. [112822] High CVE-2011-3026: Integer overflow / truncation in libpng. Credit to Juri Aedla. [112847] Medium CVE-2011-3027: Bad cast in column handling. Credit to miaubiz." ); # http://googlechromereleases.blogspot.com/search/label/Stable%20updates script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?29fa020e" ); # http://www.freebsd.org/ports/portaudit/2f5ff968-5829-11e1-8288-00262d5ed8ee.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?758fd594" ); script_set_attribute(attribute:"solution", value:"Update the affected package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:chromium"); script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/02/15"); script_set_attribute(attribute:"patch_publication_date", value:"2012/02/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2013 Tenable Network Security, Inc."); script_family(english:"FreeBSD Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info"); exit(0); } include("audit.inc"); include("freebsd_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD"); if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (pkg_test(save_report:TRUE, pkg:"chromium<17.0.963.56")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-142.NASL description Chromium version 19.0.1046 and v8 version 3.9.7.0 fix several security issues. last seen 2020-06-05 modified 2014-06-13 plugin id 74563 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/74563 title openSUSE Security Update : chromium / v8 (openSUSE-2012-142) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2012-142. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(74563); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2011-3015", "CVE-2011-3016", "CVE-2011-3017", "CVE-2011-3018", "CVE-2011-3019", "CVE-2011-3020", "CVE-2011-3021", "CVE-2011-3022", "CVE-2011-3023", "CVE-2011-3024", "CVE-2011-3025", "CVE-2011-3026", "CVE-2011-3027", "CVE-2011-3953", "CVE-2011-3954", "CVE-2011-3955", "CVE-2011-3956", "CVE-2011-3957", "CVE-2011-3958", "CVE-2011-3959", "CVE-2011-3960", "CVE-2011-3961", "CVE-2011-3962", "CVE-2011-3963", "CVE-2011-3964", "CVE-2011-3965", "CVE-2011-3966", "CVE-2011-3967", "CVE-2011-3968", "CVE-2011-3969", "CVE-2011-3970", "CVE-2011-3971", "CVE-2011-3972"); script_name(english:"openSUSE Security Update : chromium / v8 (openSUSE-2012-142)"); script_summary(english:"Check for the openSUSE-2012-142 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Chromium version 19.0.1046 and v8 version 3.9.7.0 fix several security issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=747327" ); script_set_attribute( attribute:"solution", value:"Update the affected chromium / v8 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-desktop-gnome"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-desktop-kde"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-suid-helper"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libv8-3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libv8-3-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:v8-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:v8-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:v8-private-headers-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1"); script_set_attribute(attribute:"patch_publication_date", value:"2012/02/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE12.1", reference:"chromium-19.0.1046.0-1.9.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"chromium-debuginfo-19.0.1046.0-1.9.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"chromium-debugsource-19.0.1046.0-1.9.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"chromium-desktop-gnome-19.0.1046.0-1.9.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"chromium-desktop-kde-19.0.1046.0-1.9.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"chromium-suid-helper-19.0.1046.0-1.9.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"chromium-suid-helper-debuginfo-19.0.1046.0-1.9.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libv8-3-3.9.7.0-1.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libv8-3-debuginfo-3.9.7.0-1.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"v8-debugsource-3.9.7.0-1.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"v8-devel-3.9.7.0-1.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"v8-private-headers-devel-3.9.7.0-1.13.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "chromium / chromium-debuginfo / chromium-debugsource / etc"); }
Oval
| accepted | 2014-04-07T04:01:53.780-04:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| description | Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:14998 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| submitted | 2012-02-22T08:19:37.000-05:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| title | Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| version | 50 |