CVE-2012-5376

The Inter-process Communication IPC implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112...

CVE-2012-5376

The Inter-process Communication IPC implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112...

Google Chrome < 22.0.1229.79 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 22.0.1229.79 and is, therefore, affected by the following vulnerabilities : - Out-of-bounds write errors exist related to Skia and the PDF viewer. CVE-2012-2874, CVE-2012-2883, CVE-2012-2895 - Various, unspecified errors...

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. VID 94c0ac4f-9388-11e1-b242-00262d5ed8ee OpenVAS Vulnerability Test $ Description: Auto generated from VID 94c0ac4f-9388-11e1-b242-00262d5ed8ee Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

CVE-2011-3079

The Inter-process Communication IPC implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors...

CVE-2011-3079

The Inter-process Communication IPC implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors...

CVE-2011-3080

Race condition in the Inter-process Communication IPC implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors...

CVE-2011-3080

Race condition in the Inter-process Communication IPC implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors...

CVE-2011-3079

The Inter-process Communication IPC implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors...

CVE-2011-3079

The Inter-process Communication IPC implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors...

CVE-2011-3079

CVE-2011-3079 concerns an IPC message validation weakness in Chrome’s IPC implementation (also used by Firefox prior to 38.0) that could allow sandbox escape due to insufficient authentication/validation in the listener process. Connected advisories indicate an earlier fix added authentication be...

Google Chrome < 18.0.1025.168 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 18.0.1025.168 and is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to floating element handling and the xml parser. CVE-2011-3078, CVE-2012-1521, CVE-2011-3081 - A validation...

Juniper Junos MGD-CLI Arbitrary Command Execution (PSN-2011-11-418)

According to its self-reported version number, the version of Junos running on the remote device has a command execution vulnerability. A flaw in the logical model governing inter-process communications between the management daemon MGD and the command-line interpreter CLI could result in arbitra...

Privilege escalation

Csrsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...

Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2620712)

This host is missing an important security update according to Microsoft Bulletin MS11-097. OpenVAS Vulnerability Test $Id: secpodms11-097.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2620712 Authors: Rachana Shetty Copyright:...

CVE-2011-3408

Csrsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...

Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2567680)

This host is missing a critical security update according to Microsoft Bulletin MS11-063. OpenVAS Vulnerability Test $Id: secpodms11-063.nasl 8724 2018-02-08 15:02:56Z cfischer $ Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability 2567680 Authors: Antu Sanadi...

RedHat Update for kernel RHSA-2011:0004-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2011:0004-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

FreeBSD Security Advisory (FreeBSD-SA-09:13.pipe.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:13.pipe.asc ADV FreeBSD-SA-09:13.pipe.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-09:13.pipe.asc Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Code injection

AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applications...