Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 E-Soft Inc.OPENVAS:136141256231069036
HistoryMar 09, 2011 - 12:00 a.m.

Gentoo Security Advisory GLSA 201012-01 (chromium)

2011-03-0900:00:00
Copyright (C) 2011 E-Soft Inc.
plugins.openvas.org
10

8.7 High

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.5%

JSON

The remote host is missing updates announced in
advisory GLSA 201012-01.

# SPDX-FileCopyrightText: 2011 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.69036");
  script_cve_id("CVE-2010-4574", "CVE-2010-4575", "CVE-2010-4576", "CVE-2010-4577", "CVE-2010-4578");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_version("2024-02-02T05:06:11+0000");
  script_tag(name:"last_modification", value:"2024-02-02 05:06:11 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2024-02-02 02:39:54 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"creation_date", value:"2011-03-09 05:54:11 +0100 (Wed, 09 Mar 2011)");
  script_name("Gentoo Security Advisory GLSA 201012-01 (chromium)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 E-Soft Inc.");
  script_family("Gentoo Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
  script_tag(name:"insight", value:"Multiple vulnerabilities have been reported in Chromium, some of which may
    allow user-assisted execution of arbitrary code.");
  script_tag(name:"solution", value:"All Chromium users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose '>=www-client/chromium-8.0.552.224'");

  script_xref(name:"URL", value:"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201012-01");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=325451");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=326717");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=330003");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=333559");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=335750");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=338204");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=341797");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=344201");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=347625");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=348651");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2010/06/stable-channel-update_24.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html");
  script_tag(name:"summary", value:"The remote host is missing updates announced in
advisory GLSA 201012-01.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("pkg-lib-gentoo.inc");
include("revisions-lib.inc");

res = "";
report = "";
report = "";
if ((res = ispkgvuln(pkg:"www-client/chromium", unaffected: make_list("ge 8.0.552.224"), vulnerable: make_list("lt 8.0.552.224"))) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99);
}

References

Related

openvas 21
nessus 13
debiancve 5
ubuntucve 5
veracode 1
prion 5
cvelist 5
cve 5
debian 1
exploitpack 1
securityvulns 1
packetstorm 1
seebug 1
freebsd 2
exploitdb 1
gentoo 1
redhat 1
oraclelinux 1
fedora 2
openvas
openvas
Gentoo Security Advisory GLSA 201012-01 (chromium)
2011-03-09 00:00:00
Google Chrome Multiple Vulnerabilities (Dec 2010) - Windows
2010-12-27 00:00:00
Google Chrome multiple vulnerabilities - Dec 10(Linux)
2010-12-27 00:00:00
nessus
nessus
Google Chrome < 8.0.552.224 Multiple Vulnerabilities
2010-12-14 00:00:00
Debian DSA-2188-1 : webkit - several vulnerabilities
2011-03-11 00:00:00
FreeBSD : webkit-gtk2 -- Multiple vulnerabilities (06a12e26-142e-11e0-bea2-0015f2db7bde)
2011-01-03 00:00:00
debiancve
debiancve
CVE-2010-4574
2010-12-22 01:00:00
CVE-2010-4575
2010-12-22 01:00:00
CVE-2010-4577
2010-12-22 01:00:00
ubuntucve
ubuntucve
CVE-2010-4574
2010-12-22 00:00:00
CVE-2010-4577
2010-12-21 00:00:00
CVE-2010-4575
2010-12-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:21
prion
prion
Code injection
2010-12-22 01:00:00
Type confusion
2010-12-22 01:00:00
Deserialization of untrusted data
2010-12-22 01:00:00
cvelist
cvelist
CVE-2010-4574
2010-12-22 00:00:00
CVE-2010-4576
2010-12-22 00:00:00
CVE-2010-4577
2010-12-22 00:00:00
cve
cve
CVE-2010-4574
2010-12-22 01:00:03
CVE-2010-4576
2010-12-22 01:00:03
CVE-2010-4577
2010-12-22 01:00:03
debian
debian
[SECURITY] [DSA 2188-1] webkit security update
2011-03-10 12:16:11
exploitpack
exploitpack
Konqueror 4.7.3 - Memory Corruption
2012-11-01 00:00:00
securityvulns
securityvulns
Nth Dimension Security Advisory &#40;NDSA20121010&#41;
2012-11-02 00:00:00
packetstorm
packetstorm
Konqueror 4.7.3 Memory Corruption
2012-10-31 00:00:00
seebug
seebug
Konqueror 4.7.3 Memory Corruption
2014-07-01 00:00:00
freebsd
freebsd
webkit-gtk2 -- Multiple vulnerabilities
2010-12-28 00:00:00
webkit-gtk2 -- Multiple vurnabilities.
2011-02-08 00:00:00
exploitdb
exploitdb
Konqueror 4.7.3 - Memory Corruption
2012-11-01 00:00:00
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00
redhat
redhat
(RHSA-2011:0177) Moderate: webkitgtk security update
2011-01-25 00:00:00
oraclelinux
oraclelinux
webkitgtk security update
2011-02-10 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: webkitgtk-1.2.6-1.fc13
2011-01-07 20:01:55
[SECURITY] Fedora 13 Update: webkitgtk-1.2.7-1.fc13
2011-02-18 01:51:56

8.7 High

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.5%

JSON
Related for OPENVAS:136141256231069036
openvas21nessus13debiancve5ubuntucve5veracode1prion5cvelist5cve5debian1exploitpack1securityvulns1packetstorm1seebug1freebsd2exploitdb1gentoo1redhat1oraclelinux1fedora2