Multiple vulnerabilities in Techland Chrome
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2011-3892 CVE-2011-3893 CVE-2011-3894 CVE-2011-3895 CVE-2011-3896 CVE-2011-3897 CVE-2011-3898 |
| CWE-ID | CWE-415 CWE-125 CWE-119 CWE-122 CWE-120 CWE-416 CWE-269 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Google Chrome Client/Desktop applications / Web browsers |
| Vendor |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Double Free
EUVDB-ID: #VU44530
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3892
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 15.0.874.0 - 15.0.874.119
CPE2.3- cpe:2.3:a:google:google_chrome:15.0.874.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=100465
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
http://secunia.com/advisories/46933
http://secunia.com/advisories/49089
http://www.debian.org/security/2012/dsa-2471
http://www.mandriva.com/security/advisories?name=MDVSA-2012:075
http://www.mandriva.com/security/advisories?name=MDVSA-2012:076
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14484
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU44531
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3893
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 15.0.874.0 - 15.0.874.119
CPE2.3- cpe:2.3:a:google:google_chrome:15.0.874.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=100492
http://code.google.com/p/chromium/issues/detail?id=100543
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
http://secunia.com/advisories/46933
http://secunia.com/advisories/49089
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14267
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU44532
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3894
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 15.0.874.0 - 15.0.874.119
CPE2.3- cpe:2.3:a:google:google_chrome:15.0.874.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=101172
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
http://secunia.com/advisories/46933
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14166
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Heap-based buffer overflow
EUVDB-ID: #VU44533
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3895
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120. A remote attacker can use a crafted stream. to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate to version 15.0.874.120.
Vulnerable software versionsGoogle Chrome: 15.0.874.0 - 15.0.874.119
CPE2.3- cpe:2.3:a:google:google_chrome:15.0.874.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=101458
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
http://secunia.com/advisories/46933
http://secunia.com/advisories/49089
http://www.debian.org/security/2012/dsa-2471
http://www.mandriva.com/security/advisories?name=MDVSA-2012:074
http://www.mandriva.com/security/advisories?name=MDVSA-2012:075
http://www.mandriva.com/security/advisories?name=MDVSA-2012:076
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13551
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU44534
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3896
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 15.0.874.0 - 15.0.874.119
CPE2.3- cpe:2.3:a:google:google_chrome:15.0.874.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=101624
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
http://secunia.com/advisories/46933
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14423
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use-after-free
EUVDB-ID: #VU44535
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3897
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing vectors related to editing. A user-assisted remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate to version 15.0.874.120.
Vulnerable software versionsGoogle Chrome: 15.0.874.0 - 15.0.874.119
CPE2.3- cpe:2.3:a:google:google_chrome:15.0.874.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=102242
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
http://secunia.com/advisories/46933
http://secunia.com/advisories/48274
http://secunia.com/advisories/48288
http://secunia.com/advisories/48377
http://www.securitytracker.com/id?1026774
http://exchange.xforce.ibmcloud.com/vulnerabilities/73806
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14250
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper Privilege Management
EUVDB-ID: #VU44536
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3898
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 15.0.874.0 - 15.0.874.119
CPE2.3- cpe:2.3:a:google:google_chrome:15.0.874.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:15.0.874.2:*:*:*:*:*:*:*
http://code.google.com/p/chromium/issues/detail?id=102461
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
http://secunia.com/advisories/46933
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14266
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
