Summary
The host is installed with Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow attackers to cause a denial of service.
Impact Level: Application
Solution
Upgrade to the Google Chrome 17.0.963.56 or later, For updates refer to http://www.google.com/chrome
Insight
The flaws are due to
- An integer overflow in libpng, PDF codecs.
- Bad cast in column handling.
- Out-of-bounds read in h.264 parsing.
- Use-after-free with drag and drop.
- Use-after-free in subframe loading.
- An error within Native Client validator implementation.
- Heap buffer overflow while handling MVK file.
- Use-after-free error while handling database.
- Heap overflow in path rendering.
Affected
Google Chrome version prior to 17.0.963.56 on Linux
References
Severity
Classification
-
CVE CVE-2011-3015, CVE-2011-3016, CVE-2011-3017, CVE-2011-3018, CVE-2011-3019, CVE-2011-3020, CVE-2011-3021, CVE-2011-3023, CVE-2011-3024, CVE-2011-3025, CVE-2011-3026, CVE-2011-3027 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Windows)
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Sep13 (Mac OS X)
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)