Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
BID:51911
Info
Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
| Bugtraq ID: | 51911 |
| Class: | Unknown |
| CVE: |
CVE-2011-3953 CVE-2011-3954 CVE-2011-3955 CVE-2011-3956 CVE-2011-3957 CVE-2011-3958 CVE-2011-3959 CVE-2011-3960 CVE-2011-3961 CVE-2011-3962 CVE-2011-3963 CVE-2011-3964 CVE-2011-3965 CVE-2011-3966 CVE-2011-3967 CVE-2011-3968 CVE-2011-3969 CVE-2011-3970 CVE-2011-3971 CVE-2011-3972 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 08 2012 12:00AM |
| Updated: | Apr 13 2015 10:14PM |
| Credit: | <br>Daniel Cheng of the Chromium development community, Collin Payne, David Grogan of the Chromium development community, Devdatta Akhawe, UC Berkeley, Aki Helin of OUSPG, miaubi |
| Vulnerable: |
Xerox FreeFlow Print Server (FFPS) 93.E0.21C Xerox FreeFlow Print Server (FFPS) 93.C4.93 Xerox FreeFlow Print Server (FFPS) 90.D3.06 Xerox FreeFlow Print Server (FFPS) 82.D1.44 Xerox FreeFlow Print Server (FFPS) 81.D0.73 Xerox FreeFlow Print Server (FFPS) 73.D2.33 Xerox FreeFlow Print Server (FFPS) 73.C5.11 VMWare ESX 4.1 Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 SuSE SUSE Linux Enterprise Software Development Kit 11 SP3 SuSE SUSE Linux Enterprise Software Development Kit 11 SP2 SuSE SUSE Linux Enterprise Server 11 SP3 for VMware SuSE SUSE Linux Enterprise Server 11 SP3 SuSE SUSE Linux Enterprise Server 11 SP2 for VMware SuSE SUSE Linux Enterprise Server 11 SP2 SuSE SUSE Linux Enterprise Server 10 SP4 LTSS SuSE SUSE Linux Enterprise Server 10 SP3 LTSS SuSE Suse Linux Enterprise Desktop 11 SP3 SuSE Suse Linux Enterprise Desktop 11 SP2 Redhat Enterprise Linux Workstation Optional 6 Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server Optional 6 Redhat Enterprise Linux Server 6 Redhat Enterprise Linux HPC Node Optional 6 Redhat Enterprise Linux HPC Node 6 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop Optional 6 Redhat Enterprise Linux Desktop 6 Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux 5 Server Oracle Solaris 10 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 Google Chrome 16.0.912 75 Google Chrome 15.0.874 102 Google Chrome 9.0.597.94 Google Chrome 9.0.597.84 Google Chrome 9.0.597.107 Google Chrome 8.0.552.344 Google Chrome 8.0.552.310 Google Chrome 8.0.552.309 Google Chrome 8.0.552.308 Google Chrome 8.0.552.307 Google Chrome 8.0.552.306 Google Chrome 8.0.552.305 Google Chrome 8.0.552.304 Google Chrome 8.0.552.303 Google Chrome 8.0.552.302 Google Chrome 8.0.552.301 Google Chrome 8.0.552.300 Google Chrome 8.0.552.237 Google Chrome 8.0.552.226 Google Chrome 8.0.552.225 Google Chrome 8.0.552.224 Google Chrome 8.0.552.223 Google Chrome 8.0.552.222 Google Chrome 8.0.552.221 Google Chrome 8.0.552.220 Google Chrome 8.0.552.219 Google Chrome 8.0.552.218 Google Chrome 8.0.552.217 Google Chrome 8.0.552.216 Google Chrome 8.0.552.215 Google Chrome 8.0.552.214 Google Chrome 8.0.552.213 Google Chrome 8.0.552.212 Google Chrome 8.0.552.211 Google Chrome 8.0.552.210 Google Chrome 8.0.552.21 Google Chrome 8.0.552.209 Google Chrome 8.0.552.208 Google Chrome 8.0.552.207 Google Chrome 8.0.552.206 Google Chrome 8.0.552.205 Google Chrome 8.0.552.204 Google Chrome 8.0.552.203 Google Chrome 8.0.552.202 Google Chrome 8.0.552.201 Google Chrome 8.0.552.200 Google Chrome 8.0.552.20 Google Chrome 8.0.552.2 Google Chrome 8.0.552.19 Google Chrome 8.0.552.18 Google Chrome 8.0.552.17 Google Chrome 8.0.552.16 Google Chrome 8.0.552.15 Google Chrome 8.0.552.14 Google Chrome 8.0.552.13 Google Chrome 8.0.552.12 Google Chrome 8.0.552.11 Google Chrome 8.0.552.105 Google Chrome 8.0.552.104 Google Chrome 8.0.552.103 Google Chrome 8.0.552.102 Google Chrome 8.0.552.101 Google Chrome 8.0.552.100 Google Chrome 8.0.552.10 Google Chrome 8.0.552.1 Google Chrome 8.0.552.0 Google Chrome 8.0.551.1 Google Chrome 8.0.551.0 Google Chrome 8.0.550.0 Google Chrome 8.0.549.0 Google Chrome 16.0.912.77 Google Chrome 16.0.912.75 Google Chrome 16.0.912.63 Google Chrome 16 Google Chrome 15.0.874.121 Google Chrome 15.0.874.120 Google Chrome 14.0.835.202 Google Chrome 14.0.835.186 Google Chrome 14.0.835.163 Google Chrome 14 Google Chrome 13.0.782.215 Google Chrome 13.0.782.112 Google Chrome 13.0.782.107 Google Chrome 13 Google Chrome 12.0.742.91 Google Chrome 12.0.742.112 Google Chrome 12.0.742.100 Google Chrome 12 Google Chrome 11.0.696.77 Google Chrome 11.0.696.71 Google Chrome 11.0.696.68 Google Chrome 11.0.696.65 Google Chrome 11.0.696.57 Google Chrome 11.0.696.43 Google Chrome 11.0.672.2 Google Chrome 11 Google Chrome 10.0.648.205 Google Chrome 10.0.648.205 Google Chrome 10.0.648.204 Google Chrome 10.0.648.133 Google Chrome 10.0.648.128 Google Chrome 10.0.648.127 Google Chrome 10.0.648.127 Google Chrome 10 Gentoo Linux Avaya Voice Portal 5.1.3 Avaya Voice Portal 5.1.2 Avaya Voice Portal 5.1.1 Avaya Voice Portal 5.1 SP3 Avaya Voice Portal 5.1 SP1 Avaya Voice Portal 5.1 Avaya Voice Portal 5.0 SP2 Avaya Voice Portal 5.0 SP1 Avaya Voice Portal 5.0 Avaya one-X Client Enablement Service 6.1 Avaya IQ 5.2 Avaya IQ 5.1.1 Avaya IQ 5.1 Avaya IQ 5 Avaya IP Office Server Edition 8.1 Avaya IP Office Server Edition 8.0 Avaya Communication Server 1000M Signaling Server 7.5 Avaya Communication Server 1000M Signaling Server 7.0 Avaya Communication Server 1000M 7.5 Avaya Communication Server 1000M 7.0 Avaya Communication Server 1000M 6.0 Avaya Communication Server 1000E Signaling Server 7.5 Avaya Communication Server 1000E Signaling Server 7.0 Avaya Communication Server 1000E Signaling Server 6.0 Avaya Communication Server 1000E 7.5 Avaya Communication Server 1000E 7.0 Avaya Communication Server 1000E 6.0 Avaya Aura System Platform 6.2.1 Avaya Aura System Platform 6.0.2 Avaya Aura System Platform 6.0.1 Avaya Aura System Platform 6.2 SP1 Avaya Aura System Platform 6.2 Avaya Aura System Platform 6.0.3.9.3 Avaya Aura System Platform 6.0.3.0.3 Avaya Aura System Platform 6.0 SP3 Avaya Aura System Platform 6.0 SP2 Avaya Aura System Platform 6.0 Avaya Aura System Platform 1.0 Avaya Aura System Manager 6.2.3 Avaya Aura System Manager 6.2 Avaya Aura System Manager 6.1.5 Avaya Aura System Manager 6.1.3 Avaya Aura System Manager 6.1.2 Avaya Aura System Manager 6.1.1 Avaya Aura System Manager 6.1 SP2 Avaya Aura System Manager 6.1 Sp1 Avaya Aura System Manager 6.1 Avaya Aura System Manager 6.0 SP1 Avaya Aura System Manager 6.0 Avaya Aura System Manager 5.2 Avaya Aura Session Manager 6.2.1 Avaya Aura Session Manager 6.1.5 Avaya Aura Session Manager 6.1.3 Avaya Aura Session Manager 6.1.2 Avaya Aura Session Manager 6.1.1 Avaya Aura Session Manager 6.0.1 Avaya Aura Session Manager 6.2.2 Avaya Aura Session Manager 6.2 Avaya Aura Session Manager 6.1 SP2 Avaya Aura Session Manager 6.1 Sp1 Avaya Aura Session Manager 6.1 Avaya Aura Session Manager 6.0 SP1 Avaya Aura Session Manager 6.0 Avaya Aura Session Manager 5.2.1 Avaya Aura Session Manager 5.2 SP2 Avaya Aura Session Manager 5.2 SP1 Avaya Aura Session Manager 5.2 Avaya Aura Session Manager 1.1.1 Avaya Aura Session Manager 1.1 Avaya Aura Session Manager 1.0 Avaya Aura Presence Services 6.1.2 Avaya Aura Presence Services 6.1.1 Avaya Aura Presence Services 6.1 SP2 Avaya Aura Presence Services 6.1 SP1 Avaya Aura Presence Services 6.1 Avaya Aura Presence Services 6.0 Avaya Aura Messaging 6.1.1 Avaya Aura Messaging 6.1 Avaya Aura Messaging 6.0.1 Avaya Aura Messaging 6.0 Avaya Aura Experience Portal 6.0.1 Avaya Aura Experience Portal 6.0 Avaya Aura Communication Manager Utility Services 6.2 Avaya Aura Communication Manager Utility Services 6.1 Avaya Aura Communication Manager Utility Services 6.0 Avaya Aura Application Enablement Services 5.2.1 Avaya Aura Application Enablement Services 6.2 Avaya Aura Application Enablement Services 6.1.2 Avaya Aura Application Enablement Services 6.1.1 Avaya Aura Application Enablement Services 6.1 Avaya Aura Application Enablement Services 5.2.4 Avaya Aura Application Enablement Services 5.2.3 Avaya Aura Application Enablement Services 5.2.2 Avaya Aura Application Enablement Services 5.2 Apple Safari 5.0.6 Apple Safari 5.1.7 for Windows Apple Safari 5.1.7 Apple Safari 5.1.5 for Windows Apple Safari 5.1.4 for Windows Apple Safari 5.1.4 Apple Safari 5.1.1 for Windows Apple Safari 5.1.1 Apple Safari 5.1 for Windows Apple Safari 5.1 Apple Safari 5.0.6 for windows Apple Safari 5.0.5 for Windows Apple Safari 5.0.5 Apple Safari 5.0.4 for Windows Apple Safari 5.0.4 Apple Safari 5.0.3 for Windows Apple Safari 5.0.3 Apple Safari 5.0.2 for Windows Apple Safari 5.0.2 Apple Safari 5.0.1 for Windows Apple Safari 5.0.1 Apple Safari 5.0 for Windows Apple Safari 5.0 Apple iTunes 10.6.3 Apple iTunes 10.6.1.7 Apple iTunes 10.6 Apple iTunes 10.5 Apple iTunes 10.4.0.80 Apple iTunes 10.2.2 Apple iTunes 10.2 Apple iTunes 10.1 Apple iOS 5.1.1 Apple iOS 5.1 Apple iOS 5.0.1 Apple iOS 5 Apple iOS 4.3.5 Apple iOS 4.3 Apple iOS 4.2 Apple iOS 4.1 Apple iOS 4 Apple iOS 3.2 Apple iOS 3.1 Apple iOS 3.0 Apple iOS 2.1 Apple iOS 2.0 |
| Not Vulnerable: |
Google Chrome 17.0.963.46 Apple Safari 6.0 for Windows Apple Safari 6.0 Apple iTunes 10.7 Apple iOS 6 |
Discussion
Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
Google Chrome is prone to multiple vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible.
Versions prior to Chrome 17.0.963.46 are vulnerable.
Google Chrome is prone to multiple vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible.
Versions prior to Chrome 17.0.963.46 are vulnerable.
Exploit / POC
Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Apple Safari 5.1.5 for Windows
Apple Safari 5.1.7
Apple Safari 5.0.1
Apple Safari 5.1
Apple iTunes 10.6.1.7
Apple Safari 5.0.3 for Windows
MandrakeSoft Enterprise Server 5
Apple Safari 5.0.3
Mandriva Linux Mandrake 2011
Solution:
Updates are available. Please see the references for more information.
Apple Safari 5.1.5 for Windows
-
Apple APPLE-SA-2012-07-25-1-SafariSetup.exe
http://www.apple.com/safari/download/
Apple Safari 5.1.7
-
Apple APPLE-SA-2012-07-25-1-Safari_Setup.exe
http://www.apple.com/safari/download/
Apple Safari 5.0.1
-
Apple APPLE-SA-2012-07-25-1-Safari_Setup.exe
http://www.apple.com/safari/download/
Apple Safari 5.1
-
Apple APPLE-SA-2012-07-25-1-Safari_Setup.exe
http://www.apple.com/safari/download/
Apple iTunes 10.6.1.7
-
Apple APPLE-SA-2012-09-12-1-iTunes64Setup.exe
For 64-bit Windows XP / Vista / Windows 7
http://www.apple.com/itunes/download/ -
Apple APPLE-SA-2012-09-12-1-iTunesSetup.exe
For Windows XP / Vista / Windows 7
http://www.apple.com/itunes/download/
Apple Safari 5.0.3 for Windows
-
Apple APPLE-SA-2012-07-25-1-SafariSetup.exe
http://www.apple.com/safari/download/
MandrakeSoft Enterprise Server 5
-
Mandriva libxslt-devel-1.1.24-3.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libxslt-proc-1.1.24-3.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libxslt1-1.1.24-3.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva python-libxslt-1.1.24-3.1mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/
Apple Safari 5.0.3
-
Apple APPLE-SA-2012-07-25-1-Safari_Setup.exe
http://www.apple.com/safari/download/
Mandriva Linux Mandrake 2011
-
Mandriva libxslt-devel-1.1.26-4.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libxslt1-1.1.26-4.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva python-libxslt-1.1.26-4.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva xsltproc-1.1.26-4.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/
References
Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
References:
References:
- Google Chrome Homepage (Google)
- APPLE-SA-2012-09-12-1 iTunes 10.7 (Apple)
- ASA-2012-479: libxslt security update (RHSA-2012-1265) (Avaya)
- Chrome 17 Stable Channel Update (Google)
- CVE-2011-3970 Denial of Service (DoS) vulnerability in libxslt (Oracle)
- VMware vSphere security updates for the authentication service and third party l (VMware)
- Xerox Security Bulletin XRX14-002 (Xerox)