Vulnerabilities > CVE-2011-3087 - Multiple Security vulnerability in Google Chrome 19.0.1084.45
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201205-03.NASL description The remote host is affected by the vulnerability described in GLSA-201205-03 (Chromium, V8: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact : A context-dependent attacker could entice a user to open a specially crafted website or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 59627 published 2012-06-21 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59627 title GLSA-201205-03 : Chromium, V8: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201205-03. # # The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(59627); script_version("1.10"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2011-3083", "CVE-2011-3084", "CVE-2011-3085", "CVE-2011-3086", "CVE-2011-3087", "CVE-2011-3088", "CVE-2011-3089", "CVE-2011-3090", "CVE-2011-3091", "CVE-2011-3092", "CVE-2011-3093", "CVE-2011-3094", "CVE-2011-3095", "CVE-2011-3096", "CVE-2011-3100", "CVE-2011-3101"); script_bugtraq_id(53540); script_xref(name:"GLSA", value:"201205-03"); script_name(english:"GLSA-201205-03 : Chromium, V8: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201205-03 (Chromium, V8: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact : A context-dependent attacker could entice a user to open a specially crafted website or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition. Workaround : There is no known workaround at this time." ); # https://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9d67fc0e" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201205-03" ); script_set_attribute( attribute:"solution", value: "All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/chromium-19.0.1084.46' All V8 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.9.24.21'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:chromium"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:v8"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2012/05/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/06/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"www-client/chromium", unaffected:make_list("ge 19.0.1084.46"), vulnerable:make_list("lt 19.0.1084.46"))) flag++; if (qpkg_check(package:"dev-lang/v8", unaffected:make_list("ge 3.9.24.21"), vulnerable:make_list("lt 3.9.24.21"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Chromium / V8"); }
NASL family Windows NASL id GOOGLE_CHROME_19_0_1084_46.NASL description The version of Google Chrome installed on the remote host is earlier than 19.0.1084.46 and is, therefore, affected by the following vulnerabilities : - Video content with FTP can cause crashes. (CVE-2011-3083) - Internal links are not loaded in their own process. (CVE-2011-3084) - Lengthy auto-filled values can corrupt the user interface. (CVE-2011-3085) - Use-after free errors exist related to style elements, table handling, indexed DBs, GTK last seen 2020-06-01 modified 2020-06-02 plugin id 59117 published 2012-05-16 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59117 title Google Chrome < 19.0.1084.46 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(59117); script_version("1.13"); script_cvs_date("Date: 2019/12/04"); script_cve_id( "CVE-2011-3083", "CVE-2011-3084", "CVE-2011-3085", "CVE-2011-3086", "CVE-2011-3087", "CVE-2011-3088", "CVE-2011-3089", "CVE-2011-3090", "CVE-2011-3091", "CVE-2011-3092", "CVE-2011-3093", "CVE-2011-3094", "CVE-2011-3095", "CVE-2011-3097", "CVE-2011-3098", "CVE-2011-3099", "CVE-2011-3100", "CVE-2011-3102" ); script_bugtraq_id(53540, 53808); script_name(english:"Google Chrome < 19.0.1084.46 Multiple Vulnerabilities"); script_summary(english:"Checks version number of Google Chrome"); script_set_attribute(attribute:"synopsis", value: "The remote host contains a web browser that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Google Chrome installed on the remote host is earlier than 19.0.1084.46 and is, therefore, affected by the following vulnerabilities : - Video content with FTP can cause crashes. (CVE-2011-3083) - Internal links are not loaded in their own process. (CVE-2011-3084) - Lengthy auto-filled values can corrupt the user interface. (CVE-2011-3085) - Use-after free errors exist related to style elements, table handling, indexed DBs, GTK 'omnibox' handling, and corrupt font encoding names related to PDF handling. (CVE-2011-3086, CVE-2011-3089, CVE-2011-3091, CVE-2011-3096, CVE-2011-3099) - An error exists related to windows navigation. (CVE-2011-3087) - Out-of-bounds read errors exist related to hairline drawing, glyph handling, Tibetan, OGG containers, PDF sampled functions and drawing dash paths. (CVE-2011-3088, CVE-2011-3093, CVE-2011-3094, CVE-2011-3095, CVE-2011-3097, CVE-2011-3100) - A race condition related to workers exists. (CVE-2011-3090) - An invalid write exists in the v8 regex processing. (CVE-2011-3092) - An error exists related to Windows Media Player plugin and the search path. (CVE-2011-3098) - An off-by-one out-of-bounds write error exists in libxml. (CVE-2011-3102)"); # http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?57869300"); # http://build.chromium.org/f/chromium/perf/dashboard/ui/changelog.html?url=/trunk/src&range=119867:129376&mode=html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ac840e6e"); script_set_attribute(attribute:"solution", value: "Upgrade to Google Chrome 19.0.1084.46 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2011-3099"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/05/15"); script_set_attribute(attribute:"patch_publication_date", value:"2012/05/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/05/16"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("google_chrome_installed.nasl"); script_require_keys("SMB/Google_Chrome/Installed"); exit(0); } include("google_chrome_version.inc"); get_kb_item_or_exit("SMB/Google_Chrome/Installed"); installs = get_kb_list("SMB/Google_Chrome/*"); google_chrome_check_version(installs:installs, fix:'19.0.1084.46', severity:SECURITY_HOLE);
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_1449AF379EBA11E1B9C100262D5ED8EE.NASL description Google Chrome Releases reports : [112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to Aki Helin of OUSPG. [113496] Low CVE-2011-3084: Load links from internal pages in their own process. Credit to Brett Wilson of the Chromium development community. [118374] Medium CVE-2011-3085: UI corruption with long autofilled values. Credit to last seen 2020-06-01 modified 2020-06-02 plugin id 59103 published 2012-05-16 reporter This script is Copyright (C) 2012-2013 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59103 title FreeBSD : chromium -- multiple vulnerabilities (1449af37-9eba-11e1-b9c1-00262d5ed8ee) NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-295.NASL description Chromium update to 21.0.1145 - Fixed several issues around audio not playing with videos - Crash Fixes - Improvements to trackpad on Cr-48 - Security Fixes (bnc#762481) - CVE-2011-3083: Browser crash with video + FTP - CVE-2011-3084: Load links from internal pages in their own process. - CVE-2011-3085: UI corruption with long autofilled values - CVE-2011-3086: Use-after-free with style element. - CVE-2011-3087: Incorrect window navigation - CVE-2011-3088: Out-of-bounds read in hairline drawing - CVE-2011-3089: Use-after-free in table handling. - CVE-2011-3090: Race condition with workers. - CVE-2011-3091: Use-after-free with indexed DB - CVE-2011-3092: Invalid write in v8 regex - CVE-2011-3093: Out-of-bounds read in glyph handling - CVE-2011-3094: Out-of-bounds read in Tibetan handling - CVE-2011-3095: Out-of-bounds write in OGG container. - CVE-2011-3096: Use-after-free in GTK omnibox handling. - CVE-2011-3098: Bad search path for Windows Media Player plug-in - CVE-2011-3100: Out-of-bounds read drawing dash paths. - CVE-2011-3101: Work around Linux Nvidia driver bug - CVE-2011-3102: Off-by-one out-of-bounds write in libxml. last seen 2020-06-05 modified 2014-06-13 plugin id 74634 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74634 title openSUSE Security Update : chromium / v8 (openSUSE-SU-2012:0656-1)
Oval
accepted | 2013-08-12T04:07:43.138-04:00 | ||||||||||||
class | vulnerability | ||||||||||||
contributors |
| ||||||||||||
definition_extensions |
| ||||||||||||
description | Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors. | ||||||||||||
family | windows | ||||||||||||
id | oval:org.mitre.oval:def:15567 | ||||||||||||
status | accepted | ||||||||||||
submitted | 2012-05-16T08:35:52.000-04:00 | ||||||||||||
title | Google Chrome before 19.0.1084.46 does not properly perform window navigation | ||||||||||||
version | 44 |
References
- http://code.google.com/p/chromium/issues/detail?id=118664
- http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html
- http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html
- http://security.gentoo.org/glsa/glsa-201205-03.xml
- http://www.securityfocus.com/bid/53540
- http://www.securitytracker.com/id?1027067
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75592
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15567