Gentoo FoundationMGASA-2014-0107Updated chromium-browser-stable packages address multiple vulnerabilities
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.034 Low
EPSS
Percentile
91.4%
Use-after-free related to web contents (CVE-2013-6653). Bad cast in SVG (CVE-2013-6654). Use-after-free in layout (CVE-2013-6655). Information leaks in XSS auditor (CVE-2013-6656, CVE-2013-6657). Use-after-free in layout (CVE-2013-6658). Issue with certificates validation in TLS handshake (CVE-2013-6659). Information leak in drag and drop (CVE-2013-6660). Various fixes from internal audits, fuzzing and other initiatives. Of these, seven are fixes for issues that could have allowed for sandbox escapes from compromised renderers (CVE-2013-6661).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | chromium-browser-stable | < 33.0.1750.117-1 | chromium-browser-stable-33.0.1750.117-1.mga3 |
| Mageia | 3 | noarch | chromium-browser-stable | < 33.0.1750.117-1 | chromium-browser-stable-33.0.1750.117-1.mga3.tainted |
| Mageia | 4 | noarch | chromium-browser-stable | < 33.0.1750.117-1 | chromium-browser-stable-33.0.1750.117-1.mga4 |
| Mageia | 4 | noarch | chromium-browser-stable | < 33.0.1750.117-1 | chromium-browser-stable-33.0.1750.117-1.mga4.tainted |
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.034 Low
EPSS
Percentile
91.4%