|
|
Log in / Subscribe / Register

chromium: multiple vulnerabilities

Package(s):chromium CVE #(s):CVE-2011-3058 CVE-2011-3059 CVE-2011-3060 CVE-2011-3061 CVE-2011-3062 CVE-2011-3063 CVE-2011-3064 CVE-2011-3065
Created:April 2, 2012 Updated:October 26, 2012
Description: From the CVE entries:

Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. (CVE-2011-3058)

Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. (CVE-2011-3059)

Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. (CVE-2011-3060)

Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate. (CVE-2011-3061)

Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file. (CVE-2011-3062)

Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors. (CVE-2011-3063)

Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping. (CVE-2011-3064)

Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. (CVE-2011-3065)

Alerts:
openSUSE openSUSE-SU-2014:1100-1 Firefox 2014-09-09
Gentoo 201301-01 firefox 2013-01-07
Mageia MGASA-2012-0324 webkit 2012-11-06
Ubuntu USN-1617-1 webkit 2012-10-25
Ubuntu USN-1430-3 thunderbird 2012-05-04
SUSE SUSE-SU-2012:0580-1 Mozilla Firefox 2012-05-02
SUSE SUSE-SU-2012:0688-1 MozillaFirefox 2012-06-02
Ubuntu USN-1430-2 ubufox 2012-04-27
Ubuntu USN-1430-1 firefox 2012-04-27
openSUSE openSUSE-SU-2012:0567-1 firefox, thunderbird, seamonkey, xulrunner 2012-04-27
Mandriva MDVSA-2012:066 mozilla 2012-04-27
Oracle ELSA-2012-0516 thunderbird 2012-04-25
Oracle ELSA-2012-0515 firefox 2012-04-25
Oracle ELSA-2012-0515 firefox 2012-04-25
Scientific Linux SL-fire-20120425 firefox 2012-04-25
Scientific Linux SL-thun-20120425 thunderbird 2012-04-25
CentOS CESA-2012:0516 thunderbird 2012-04-25
CentOS CESA-2012:0516 thunderbird 2012-04-24
CentOS CESA-2012:0515 firefox 2012-04-25
CentOS CESA-2012:0515 firefox 2012-04-25
Red Hat RHSA-2012:0516-01 thunderbird 2012-04-24
Red Hat RHSA-2012:0515-01 firefox 2012-04-24
openSUSE openSUSE-SU-2012:0492-1 chromium 2012-04-12
Gentoo 201203-24 chromium 2012-03-30
Ubuntu USN-1430-4 apparmor 2012-06-12
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds