Lucene search

K
nessusTenable800954.PRM
HistoryMar 21, 2012 - 12:00 a.m.

Google Chrome < 17.0.963.83 Multiple Vulnerabilities

2012-03-2100:00:00
Tenable
www.tenable.com
16

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.142

Percentile

95.7%

Versions of Google Chrome earlier than 17.0.963.83 are potentially affected by the following vulnerabilities :

  • An unspecified integer issue exists in libpng. (CVE-2011-3045)

  • Use-after-free errors exist related to ‘first-letter’ handling, CSS cross-fade handling and block splitting. (CVE-2011-3050, CVE_2011-3051, CVE-2011-3053)

  • A memory corruption error exists related to WebGL canvas handling. (CVE-2011-3052)

  • An error exists related to webui privilege isolation. (CVE-2011-3054)

  • Installation of unpacked extensions does not use the application’s native user interface for prompts. (CVE-2011-3055)

  • A cross-origin violation is possible with ‘magic iframe’. (CVE-2011-3056)

  • The v8 JavaScript engine can allow invalid reads to take place. (CVE-2011-3057)

Binary data 800954.prm

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.142

Percentile

95.7%