Vulners
Lucene search
FreeBSD Ports: chromium
🗓️ 04 Dec 2012 00:00:00Reported by Copyright (c) 2012 E-Soft Inc. http://www.securityspace.comType 
openvas🔗 plugins.openvas.org👁 30 Views
| Reporter | Title | Published | Views | Family All 197 |
|---|---|---|---|---|
 | chromium -- multiple vulnerabilities | 26 Nov 201200:00 | – | freebsd |
 | Google Chrome < 23.0.1271.91 Multiple Vulnerabilities | 29 Nov 201200:00 | – | nessus |
| Google Chrome < 23.0.1271.91 Multiple Vulnerabilities | 29 Nov 201200:00 | – | nessus |
| iTunes for Windows < 11.1.4 Multiple Vulnerabilities | 30 Jan 201300:00 | – | nessus |
| Amazon Linux AMI : libxml2 (ALAS-2012-143) | 4 Sep 201300:00 | – | nessus |
| Apple TV < 6.0 Multiple Vulnerabilities | 1 Oct 201300:00 | – | nessus |
| Apple iOS < 7 Multiple Vulnerabilities | 19 Sep 201300:00 | – | nessus |
| CentOS 5 / 6 : libxml2 (CESA-2012:1512) | 30 Nov 201200:00 | – | nessus |
| CentOS 6 : mingw32-libxml2 (CESA-2013:0217) | 1 Feb 201300:00 | – | nessus |
| Debian DSA-2580-1 : libxml2 - buffer overflow | 3 Dec 201200:00 | – | nessus |
10
#
#VID 4d64fc61-3878-11e2-a4eb-00262d5ed8ee
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from VID 4d64fc61-3878-11e2-a4eb-00262d5ed8ee
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "The following package is affected: chromium
CVE-2012-5130
Skia, as used in Google Chrome before 23.0.1271.91, allows remote
attackers to cause a denial of service (out-of-bounds read) via
unspecified vectors.
CVE-2012-5132
Google Chrome before 23.0.1271.91 allows remote attackers to cause a
denial of service (application crash) via a response with chunked
transfer coding.
CVE-2012-5133
Use-after-free vulnerability in Google Chrome before 23.0.1271.91
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to SVG filters.
CVE-2012-5134
Heap-based buffer underflow in the xmlParseAttValueComplex function in
parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before
23.0.1271.91, allows remote attackers to cause a denial of service or
possibly execute arbitrary code via crafted entities in an XML
document.
CVE-2012-5135
Use-after-free vulnerability in Google Chrome before 23.0.1271.91
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to printing.
CVE-2012-5136
Google Chrome before 23.0.1271.91 does not properly perform a cast of
an unspecified variable during handling of the INPUT element, which
allows remote attackers to cause a denial of service or possibly have
unknown other impact via a crafted HTML document.";
tag_solution = "Update your system with the appropriate patches or
software upgrades.
http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
http://www.vuxml.org/freebsd/4d64fc61-3878-11e2-a4eb-00262d5ed8ee.html";
tag_summary = "The remote host is missing an update to the system
as announced in the referenced advisory.";
if(description)
{
script_id(72632);
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_cve_id("CVE-2012-5130", "CVE-2012-5132", "CVE-2012-5133", "CVE-2012-5134", "CVE-2012-5135", "CVE-2012-5136");
script_version("$Revision: 5977 $");
script_tag(name:"last_modification", value:"$Date: 2017-04-19 11:02:22 +0200 (Wed, 19 Apr 2017) $");
script_tag(name:"creation_date", value:"2012-12-04 11:43:52 -0500 (Tue, 04 Dec 2012)");
script_name("FreeBSD Ports: chromium");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsdrel", "login/SSH/success");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-bsd.inc");
vuln = 0;
txt = "";
bver = portver(pkg:"chromium");
if(!isnull(bver) && revcomp(a:bver, b:"23.0.1271.91")<0) {
txt += "Package chromium version " + bver + " is installed which is known to be vulnerable.\n";
vuln = 1;
}
if(vuln) {
security_message(data:string(txt ));
} else if (__pkg_match) {
exit(99);
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
19 Apr 2017 00:00Current
0.1Low risk
Vulners AI Score0.1
EPSS0.02065