icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Google Chrome < 17.0.963.56 Multiple Vulnerabilities

High

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description



Versions of Google Chrome earlier than 17.0.963.56 are potentially affected by the following vulnerabilities :

- Integer overflow errors exist related to PDF codecs and libpng. (CVE-2011-3015, CVE-2011-3026)

- A read-after-free error exists related to 'counter nodes'. (CVE-2011-3016)

- Use-after-free errors exist related to database handling, subframe loading, and ddrag-and-drop functionality. (CVE-2011-3017, CVE-2011-3021, CVE-2011-3023)

- Heap-overflow errors exist related to path rendering and 'MKV' handling. (CVE-2011-3018, CVE-2011-3019)

- Unspecified errors exist related to the native client validator and HTTP use with translation scripts. (CVE-2011-3020, CVE-2011-3022)

- Empty x509 certificates can cause browser crashes. (CVE-2011-3024)

- An out-of-bounds read error exists related to h.264 parsing. (CVE-2011-3025)

- A bad variable cast exists related to column handling. (CVE-2011-3027)

Solution

Upgrade to Google Chrome 17.0.963.56 or later.