diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b6d8cfaf92f5..fb0e89f9dfc9 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -51,6 +51,62 @@ Note: Please add new entries to the beginning of this file. --> + + chromium -- multiple vulnerabilities + + + chromium + 25.0.1364.152 + + + + +

Google Chrome Releases reports:

+
+

[176882] High CVE-2013-0902: Use-after-free in frame loader. + Credit to Chamal de Silva.

+

[176252] High CVE-2013-0903: Use-after-free in browser navigation + handling. Credit to "chromium.khalil".

+

[172926] [172331] High CVE-2013-0904: Memory corruption in Web + Audio. Credit to Atte Kettunen of OUSPG.

+

[168982] High CVE-2013-0905: Use-after-free with SVG animations. + Credit to Atte Kettunen of OUSPG.

+

[174895] High CVE-2013-0906: Memory corruption in Indexed DB. + Credit to Google Chrome Security Team (Juri Aedla).

+

[174150] Medium CVE-2013-0907: Race condition in media thread + handling. Credit to Andrew Scherkus of the Chromium development + community.

+

[174059] Medium CVE-2013-0908: Incorrect handling of bindings for + extension processes.

+

[173906] Low CVE-2013-0909: Referer leakage with XSS Auditor. + Credit to Egor Homakov.

+

[172573] Medium CVE-2013-0910: Mediate renderer -> browser + plug-in loads more strictly. Credit to Google Chrome Security Team + (Chris Evans).

+

[172264] High CVE-2013-0911: Possible path traversal in database + handling. Credit to Google Chrome Security Team (Juri Aedla).

+
+ + + + CVE-2013-0902 + CVE-2013-0903 + CVE-2013-0904 + CVE-2013-0905 + CVE-2013-0906 + CVE-2013-0907 + CVE-2013-0908 + CVE-2013-0909 + CVE-2013-0910 + CVE-2013-0911 + http://googlechromereleases.blogspot.nl/search/Stable%20Updates + + + 2013-03-04 + 2013-03-06 + + + stunnel -- Remote Code Execution