|
|
Forum Thread: Yet another apparently false insecurity
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.
This thread was submitted in the following forum:
Problems and Questions Regarding 3rd Party Programs
| silvatek
| Yet another apparently false insecurity
|
|
|
by silvatek on 11th Dec, 2008 21:33
|
Posts: 4
User Since: 31st Aug, 2008
Secunia System Score: N/A
Location: UK |
Secunia PSI is telling me that I need to update Google Gears fopm 0.3.24.3 to 0.5.4.2, but the Google Gears web page is happy with the version I'm on and shows no signs of any upgraded version! |
|
|
| BigDave_39
| RE: Yet another apparently false insecurity
|
|
|
by BigDave_39 on 11th Dec, 2008 21:53
|
Posts: 175
User Since: 26th Nov, 2008
Secunia System Score: N/A
Location: Washington, DC, US |
I think you have the explanation here:
http://secunia.com/advisories/33062/
--
Big Dave |
|
|
| mpersico
| RE: Yet another apparently false insecurity
|
|
|
by mpersico on 12th Dec, 2008 05:33
|
Posts: 2
User Since: 16th Aug, 2008
Secunia System Score: N/A
Location: N/A |
I currently have 0.5.4.2 installed, as determined by IE, FF and Chrome when accessing gears.google.com.
Secunia PSI 1.0.0.1 reports detecting 0.5.4.0.
Anything that can be done here? |
|
|
| mpersico
| RE: Yet another apparently false insecurity
|
|
|
by mpersico on 12th Dec, 2008 05:41
|
Posts: 2
User Since: 16th Aug, 2008
Secunia System Score: N/A
Location: N/A |
Never mind. Updating Chrome fixed the google gears issue.
Chrome latest version is 1.0.154.36 |
|
|
| silvatek
| RE: Yet another apparently false insecurity
|
|
|
by silvatek on 13th Dec, 2008 11:39, last edited on 13th Dec, 2008 11:39
|
Posts: 4
User Since: 31st Aug, 2008
Secunia System Score: N/A
Location: UK |
I don't understand.
The link to the Secunia page regarding this vulnerability says:
Solution:
Update to version 0.5.4.2 or later.
http://gears.google.com/
So I follow the Google Gears link and it tells me
Gears is installed
Current version:
0.3.24.3;official;opt;win32;firefox
and there is no indication that this is in any way out of date or any option to upgrade. I'm using Firefox 3.0.4, by the way. |
|
|
| silvatek
| RE: Yet another apparently false insecurity
|
|
|
by silvatek on 19th Dec, 2008 14:49
|
Posts: 4
User Since: 31st Aug, 2008
Secunia System Score: N/A
Location: UK |
So I "reinstalled" Google Gears and it upgraded me. Would be nice if Google mentioned this on their web page! problem solved. |
|
|
| Barc777
| RE: Yet another apparently false insecurity
|
|
|
by Barc777 on 4th Jan, 2009 20:16
|
Posts: 1
User Since: 4th Jan, 2009
Secunia System Score: N/A
Location: N/A |
I'd really like to know what's going on.
Yes, PSI told me that I have an insecurity for Gears. It says I have v. 0.5.3.0.
Google says I have "version: 0.5.8.0;official;opt;win32;npapi" when I'm in Chrome, 0.5.4.2 when in Firefox, and 0.5.4.2 in IE.
Programs and Features in the Vista Control Panel says I have v. 0.5.402.
Although I hate to, I'm inclined to tell PSI to ignore it. |
|
|
| vicwintergreen
| RE: Yet another apparently false insecurity
|
|
|
by vicwintergreen on 6th Mar, 2009 14:04
|
Posts: 10
User Since: 6th Mar, 2009
Secunia System Score: N/A
Location: N/A |
According to Secunia I have Google Gears 0.4.24.0. My Chrome is up to date and Google Gears tells me I have "Current version:
0.5.4.2;official;opt;win32;ie" installed. Any help on this one?
|
|
|
| Underlien
| RE: Yet another apparently false insecurity
|
|
|
by Underlien on 6th Mar, 2009 14:12
|
Posts: 94
User Since: 4th Dec, 2008
Secunia System Score: N/A
Location: DK |
Hi
Try to look at the Path found in the PSI for the insecure program. That might help you solve your problem (if not you can share it with us and then we might be able to help)
Underlien
--
LG S900 Laptop
3GB RAM - Intel Dual Core 1.80 GHz
Ubuntu Linux 9.04
Virtual Machines running Windows Vista and Windows XP |
|
|
| vicwintergreen
| RE: Yet another apparently false insecurity
|
|
|
by vicwintergreen on 6th Mar, 2009 14:27
|
Posts: 10
User Since: 6th Mar, 2009
Secunia System Score: N/A
Location: N/A |
Deep breath
Its in
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\Plugins\Gears\gears .dll
Can't right click and copy in Secunia
Damn |
|
|
| vicwintergreen
| RE: Yet another apparently false insecurity
|
|
|
by vicwintergreen on 6th Mar, 2009 14:37
|
Posts: 10
User Since: 6th Mar, 2009
Secunia System Score: N/A
Location: N/A |
I have found several versions of of gears.dll
All apart from the path listed above appear to be the lataest version. Can I just copy the updated dll to the path listed? |
|
|
| Underlien
| RE: Yet another apparently false insecurity
|
|
|
by Underlien on 6th Mar, 2009 14:38
|
Posts: 94
User Since: 4th Dec, 2008
Secunia System Score: N/A
Location: DK |
Next time just mark the text you want to copy and use "Ctrl+c" :)
Underlien
--
LG S900 Laptop
3GB RAM - Intel Dual Core 1.80 GHz
Ubuntu Linux 9.04
Virtual Machines running Windows Vista and Windows XP |
|
|
| vicwintergreen
| RE: Yet another apparently false insecurity
|
|
|
by vicwintergreen on 6th Mar, 2009 15:30
|
Posts: 10
User Since: 6th Mar, 2009
Secunia System Score: N/A
Location: N/A |
c:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\Plugins\gears\gears .dll
Oh yes - I really should learn about keyboard shortcuts outside of Ctrl S |
|
|
| MichaelDeM
| RE: Yet another apparently false insecurity
|
|
|
by MichaelDeM on 5th Apr, 2009 21:10
|
Posts: 1
User Since: 1st Apr, 2009
Secunia System Score: N/A
Location: N/A |
The Gears web site showed me as being up to date yet Secunia reported the older version insecurity. I opened the folder => c:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.1\gears.dll
I noticed that the old version folder was present at this location and the updated version was in it's own folder. Deleting the above folder eliminated the insecurity.
Cheers. |
|
|
|
