Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:29470
HistoryJun 17, 2013 - 12:00 a.m.

[SECURITY] [DSA 2706-1] chromium-browser security update

2013-06-1700:00:00
vulners.com
29
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Debian Security Advisory DSA-2706-1 [email protected]
http://www.debian.org/security/ Giuseppe Iuculano
June 10, 2013 http://www.debian.org/security/faq

Package : chromium-browser
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-2855 CVE-2013-2856 CVE-2013-2857 CVE-2013-2858
CVE-2013-2859 CVE-2013-2860 CVE-2013-2861 CVE-2013-2862
CVE-2013-2863 CVE-2013-2865

Several vulnerabilities have been discovered in the chromium web
browser.

CVE-2013-2855

The Developer Tools API in Chromium before 27.0.1453.110 allows
remote attackers to cause a denial of service (memory corruption) or
possibly have unspecified other impact via unknown vectors.

CVE-2013-2856

Use-after-free vulnerability in Chromium before 27.0.1453.110
allows remote attackers to cause a denial of service or possibly
have unspecified other impact via vectors related to the handling of
input.

CVE-2013-2857

Use-after-free vulnerability in Chromium before 27.0.1453.110
allows remote attackers to cause a denial of service or possibly
have unspecified other impact via vectors related to the handling of
images.

CVE-2013-2858

Use-after-free vulnerability in the HTML5 Audio implementation in
Chromium before 27.0.1453.110 allows remote attackers to cause
a denial of service or possibly have unspecified other impact via
unknown vectors.

CVE-2013-2859

Chromium before 27.0.1453.110 allows remote attackers to bypass
the Same Origin Policy and trigger namespace pollution via
unspecified vectors.

CVE-2013-2860

Use-after-free vulnerability in Chromium before 27.0.1453.110
allows remote attackers to cause a denial of service or possibly
have unspecified other impact via vectors involving access to a
database API by a worker process.

CVE-2013-2861

Use-after-free vulnerability in the SVG implementation in Chromium
before 27.0.1453.110 allows remote attackers to cause a
denial of service or possibly have unspecified other impact via
unknown vectors.

CVE-2013-2862

Skia, as used in Chromium before 27.0.1453.110, does not
properly handle GPU acceleration, which allows remote attackers to
cause a denial of service (memory corruption) or possibly have
unspecified other impact via unknown vectors.

CVE-2013-2863

Chromium before 27.0.1453.110 does not properly handle SSL
sockets, which allows remote attackers to execute arbitrary code or
cause a denial of service (memory corruption) via unspecified
vectors.

CVE-2013-2865

Multiple unspecified vulnerabilities in Chromium before
27.0.1453.110 allow attackers to cause a denial of service or
possibly have other impact via unknown vectors.

For the stable distribution (wheezy), these problems have been fixed in
version 27.0.1453.110-1~deb7u1.

For the testing distribution (jessie), these problems have been fixed in
version 27.0.1453.110-1.

For the unstable distribution (sid), these problems have been fixed in
version 27.0.1453.110-1.

We recommend that you upgrade your chromium-browser packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlG2EQUACgkQNxpp46476aoVswCfTT3tgaA0Wpkmb/8x+jvc43GK
o3gAn3plraTpR6vKqtXrVTLN9m6irBL+
=PLYK
-----END PGP SIGNATURE-----

Related

openvas 10
nessus 6
osv 1
debian 2
freebsd 1
chrome 1
threatpost 1
mageia 1
securityvulns 1
prion 10
debiancve 10
ubuntucve 10
cve 10
gentoo 1
openvas
openvas
Debian Security Advisory DSA 2706-1 (chromium-browser - several vulnerabilities)
2013-06-10 00:00:00
Debian: Security Advisory (DSA-2706-1)
2013-06-09 00:00:00
Google Chrome Multiple Vulnerabilities-01 (Jun 2013) - Mac OS X
2013-06-11 00:00:00
nessus
nessus
Debian DSA-2706-1 : chromium-browser - several vulnerabilities
2013-06-11 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (4865d189-cd62-11e2-ae11-00262d5ed8ee)
2013-06-05 00:00:00
Google Chrome < 27.0.1453.110 Multiple Vulnerabilities
2013-06-05 00:00:00
osv
osv
chromium-browser - several
2013-06-10 00:00:00
debian
debian
[SECURITY] [DSA 2706-1] chromium-browser security update
2013-06-10 17:46:45
[SECURITY] [DSA 2706-1] chromium-browser security update
2013-06-10 17:46:45
freebsd
freebsd
chromium -- multiple vulnerabilities
2013-06-04 00:00:00
chrome
chrome
Stable Channel Update
2013-06-04 00:00:00
threatpost
threatpost
Google Fixes Security Vulnerabilities with Chrome Update
2013-06-05 13:30:47
mageia
mageia
Updated chromium-browser-stable packages fixes security vulnerabilities
2013-07-01 23:12:57
securityvulns
securityvulns
Chromium / Google Chrome multiple security vulnerabilities
2013-06-17 00:00:00
prion
prion
Memory corruption
2013-06-05 00:55:00
Design/Logic Flaw
2013-06-05 00:55:00
Design/Logic Flaw
2013-06-05 00:55:00
debiancve
debiancve
CVE-2013-2865
2013-06-05 00:55:00
CVE-2013-2863
2013-06-05 00:55:00
CVE-2013-2861
2013-06-05 00:55:00
ubuntucve
ubuntucve
CVE-2013-2859
2013-06-05 00:00:00
CVE-2013-2865
2013-06-05 00:00:00
CVE-2013-2863
2013-06-05 00:00:00
cve
cve
CVE-2013-2859
2013-06-05 00:55:00
CVE-2013-2865
2013-06-05 00:55:00
CVE-2013-2863
2013-06-05 00:55:00
gentoo
gentoo
Chromium, V8: Multiple vulnerabilities
2013-09-24 00:00:00
JSON
Related for SECURITYVULNS:DOC:29470
openvas10nessus6osv1debian2freebsd1chrome1threatpost1mageia1securityvulns1prion10debiancve10ubuntucve10cve10gentoo1