{ "schema_version": "1.7.0", "id": "MGASA-2013-0194", "published": "2013-07-01T19:12:57Z", "modified": "2013-07-01T19:12:53Z", "summary": "Updated chromium-browser-stable packages fixes security vulnerabilities", "details": "Use-after-free vulnerability in the SVG implementation allows remote\nattackers to cause a denial of service or possibly have unspecified other\nimpact via unknown vectors (CVE-2013-2837).\n\nGoogle V8, as used in Chromium before 27.0.1453.93, allows remote attackers\nto cause a denial of service (out-of-bounds read) via unspecified vectors\n(CVE-2013-2838).\n\nChromium before 27.0.1453.93 does not properly perform a cast of an\nunspecified variable during handling of clipboard data, which allows remote\nattackers to cause a denial of service or possibly have other impact via\nunknown vectors (CVE-2013-2839).\n\nUse-after-free vulnerability in the media loader in Chromium before\n27.0.1453.93 allows remote attackers to cause a denial of service or possibly\nhave unspecified other impact via unknown vectors (CVE-2013-2840).\n\nUse-after-free vulnerability in Chromium before 27.0.1453.93 allows remote\nattackers to cause a denial of service or possibly have unspecified other\nimpact via vectors related to the handling of Pepper resources\n(CVE-2013-2841).\n\nUse-after-free vulnerability in Chromium before 27.0.1453.93 allows remote\nattackers to cause a denial of service or possibly have unspecified other\nimpact via vectors related to the handling of widgets (CVE-2013-2842).\n\nUse-after-free vulnerability in Chromium before 27.0.1453.93 allows remote\nattackers to cause a denial of service or possibly have unspecified other\nimpact via vectors related to the handling of speech data (CVE-2013-2843).\n\nUse-after-free vulnerability in the Cascading Style Sheets (CSS)\nimplementation in Chromium before 27.0.1453.93 allows remote attackers to\ncause a denial of service or possibly have unspecified other impact via\nvectors related to style resolution (CVE-2013-2844).\n\nThe Web Audio implementation in Google Chrome before 27.0.1453.93 allows\nremote attackers to cause a denial of service (memory corruption) or possibly\nhave unspecified other impact via unknown vectors (CVE-2013-2845).\n\nUse-after-free vulnerability in the media loader in Google Chrome before\n27.0.1453.93 allows remote attackers to cause a denial of service or possibly\nhave unspecified other impact via unknown vectors (CVE-2013-2846).\n\nRace condition in the workers implementation in Google Chrome before\n27.0.1453.93 allows remote attackers to cause a denial of service\n(use-after-free and application crash) or possibly have unspecified other\nimpact via unknown vectors (CVE-2013-2847).\n\nThe XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote\nattackers to obtain sensitive information via unspecified vectors\n(CVE-2013-2848).\n\nMultiple cross-site scripting (XSS) vulnerabilities in Google Chrome before\n27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web\nscript or HTML via vectors involving a (1) drag-and-drop or\n(2) copy-and-paste operation (CVE-2013-2849).\n\nThe Developer Tools API in Chromium before 27.0.1453.110 allows remote\nattackers to cause a denial of service (memory corruption) or possibly have\nunspecified other impact via unknown vectors (CVE-2013-2855).\n\nUse-after-free vulnerability in Chromium before 27.0.1453.110 allows remote\nattackers to cause a denial of service or possibly have unspecified other\nimpact via vectors related to the handling of input (CVE-2013-2856).\n\nUse-after-free vulnerability in Chromium before 27.0.1453.110 allows remote\nattackers to cause a denial of service or possibly have unspecified other\nimpact via vectors related to the handling of images (CVE-2013-2857).\n\nUse-after-free vulnerability in the HTML5 Audio implementation in Chromium\nbefore 27.0.1453.110 allows remote attackers to cause a denial of service or\npossibly have unspecified other impact via unknown vectors (CVE-2013-2858).\n\nChromium before 27.0.1453.110 allows remote attackers to bypass the Same\nOrigin Policy and trigger namespace pollution via unspecified vectors\n(CVE-2013-2859).\n\nUse-after-free vulnerability in Chromium before 27.0.1453.110 allows remote\nattackers to cause a denial of service or possibly have unspecified other\nimpact via vectors involving access to a database API by a worker process\n(CVE-2013-2860).\n\nUse-after-free vulnerability in the SVG implementation in Chromium before\n27.0.1453.110 allows remote attackers to cause a denial of service or\npossibly have unspecified other impact via unknown vectors (CVE-2013-2861).\n\nSkia, as used in Chromium before 27.0.1453.110, does not properly handle GPU\nacceleration, which allows remote attackers to cause a denial of service\n(memory corruption) or possibly have unspecified other impact via unknown\nvectors (CVE-2013-2862).\n\nChromium before 27.0.1453.110 does not properly handle SSL sockets, which\nallows remote attackers to execute arbitrary code or cause a denial of\nservice (memory corruption) via unspecified vectors (CVE-2013-2863).\n\nMultiple unspecified vulnerabilities in Chromium before 27.0.1453.110 allow\nattackers to cause a denial of service or possibly have other impact via\nunknown vectors (CVE-2013-2865).\n", "upstream": [ "CVE-2013-2837", "CVE-2013-2838", "CVE-2013-2839", "CVE-2013-2840", "CVE-2013-2841", "CVE-2013-2842", "CVE-2013-2843", "CVE-2013-2844", "CVE-2013-2845", "CVE-2013-2846", "CVE-2013-2847", "CVE-2013-2848", "CVE-2013-2849", "CVE-2013-2855", "CVE-2013-2856", "CVE-2013-2857", "CVE-2013-2858", "CVE-2013-2859", "CVE-2013-2860", "CVE-2013-2861", "CVE-2013-2862", "CVE-2013-2863", "CVE-2013-2865" ], "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2013-0194.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=10353" }, { "type": "WEB", "url": "http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html" }, { "type": "WEB", "url": "http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html" }, { "type": "WEB", "url": "http://googlechromereleases.blogspot.com/2013/06/stable-channel-update_17.html" }, { "type": "WEB", "url": "http://www.debian.org/security/2013/dsa-2695" }, { "type": "WEB", "url": "http://www.debian.org/security/2013/dsa-2706" } ], "affected": [ { "package": { "ecosystem": "Mageia:2", "name": "chromium-browser-stable", "purl": "pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-2" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "28.0.1500.45-1.mga2" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:3", "name": "chromium-browser-stable", "purl": "pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-3" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "28.0.1500.45-1.mga3" } ] } ], "ecosystem_specific": { "section": "core" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }