icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Google Chrome < 17.0.963.65 Multiple Vulnerabilities

High

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description

Versions of Google Chrome earlier than 17.0.963.65 are potentially affected by the following vulnerabilities :

- Use-after-free errors exist related to 'v8 element wrapper', SVG value handling, SVG document handling, SVG use handling, multi-column handling, quote handling, class attribute handling, table section handling, flexbox with floats and SVG animation elements. (CVE-2011-3031, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3038, CVE-2011-3039, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044)

- An error exists in the 'Skia' drawing library that can allow buffer overflows. (CVE-2011-3033)

- Casting errors exist related to line box handling and anonymous block splitting. (CVE-2011-3036, CVE-2011-3037)

- An out-of-bounds read error exists related to text handling. (CVE-2011-3040)

Solution

Upgrade to Google Chrome 17.0.963.65 or later.