diff options
| author | Rene Ladan <rene@FreeBSD.org> | 2012-04-05 20:59:08 +0000 |
|---|---|---|
| committer | Rene Ladan <rene@FreeBSD.org> | 2012-04-05 20:59:08 +0000 |
| commit | 451d29f12999b570e59c03a1c74f48a723db0a4c (patch) | |
| tree | 8fa252feee38ef80c88f996d47a5f1076c5de626 /security/vuxml/vuln.xml | |
| parent | f47e4ea7375b4b782609ac04fd9856a356e7ba9b (diff) | |
| download | ports-451d29f12999b570e59c03a1c74f48a723db0a4c.tar.gz ports-451d29f12999b570e59c03a1c74f48a723db0a4c.zip | |
Notes
Diffstat (limited to 'security/vuxml/vuln.xml')
| -rw-r--r-- | security/vuxml/vuln.xml | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index e309c4c83ddb..7c9ca9a62242 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -52,6 +52,66 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="057130e6-7f61-11e1-8a43-00262d5ed8ee"> + <topic>chromium -- multiple vulnerabilities</topic> + <affects> + <package> + <name>chromium</name> + <range><lt>18.0.1025.151</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Google Chrome Releases reports:</p> + <blockquote cite="http://googlechromereleases.blogspot.com/search/label/Stable%20updates"> + <p>[106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping. Credit to miaubiz.</p> + <p>[117583] Medium CVE-2011-3067: Cross-origin iframe replacement. + Credit to Sergey Glazunov.</p> + <p>[117698] High CVE-2011-3068: Use-after-free in run-in handling. + Credit to miaubiz.</p> + <p>[117728] High CVE-2011-3069: Use-after-free in line box handling. + Credit to miaubiz.</p> + <p>[118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit + to Google Chrome Security Team (SkyLined).</p> + <p>[118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. + Credit to pa_kt, reporting through HP TippingPoint ZDI + (ZDI-CAN-1528).</p> + <p>[118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up + window. Credit to Sergey Glazunov.</p> + <p>[118593] High CVE-2011-3073: Use-after-free in SVG resource + handling. Credit to Arthur Gerkis.</p> + <p>[119281] Medium CVE-2011-3074: Use-after-free in media handling. + Credit to Slawomir Blazek.</p> + <p>[119525] High CVE-2011-3075: Use-after-free applying style command. + Credit to miaubiz.</p> + <p>[120037] High CVE-2011-3076: Use-after-free in focus handling. + Credit to miaubiz.</p> + <p>[120189] Medium CVE-2011-3077: Read-after-free in script bindings. + Credit to Google Chrome Security Team (Inferno).</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2011-3066</cvename> + <cvename>CVE-2011-3067</cvename> + <cvename>CVE-2011-3068</cvename> + <cvename>CVE-2011-3069</cvename> + <cvename>CVE-2011-3070</cvename> + <cvename>CVE-2011-3071</cvename> + <cvename>CVE-2011-3072</cvename> + <cvename>CVE-2011-3073</cvename> + <cvename>CVE-2011-3074</cvename> + <cvename>CVE-2011-3075</cvename> + <cvename>CVE-2011-3076</cvename> + <cvename>CVE-2011-3077</cvename> + <url>http://googlechromereleases.blogspot.com/search/label/Stable%20updates</url> + </references> + <dates> + <discovery>2012-04-05</discovery> + <entry>2012-04-05</entry> + </dates> + </vuln> + <vuln vid="7289214f-7c55-11e1-ab3b-000bcdf0a03b"> <topic>libpurple -- Remote DoS via an MSN OIM message that lacks UTF-8 encoding</topic> <affects> |