This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Mac OS X host contains a web browser that is affected by
The version of Google Chrome installed on the remote Mac OS X host is
a version prior to 35.0.1916.114. It is, therefore, affected by the
following vulnerabilities :
- Use-after-free errors exist related to 'styles' and
'SVG' handling. (CVE-2014-1743, CVE-2014-1745)
- An integer overflow error exists related to audio
- An out-of-bounds read error exists related to media
- A user-input validation error exists related to
handling local MHTML files. (CVE-2014-1747)
- An unspecified error exists related to the scrollbar
that could allow UI spoofing. (CVE-2014-1748)
- Various unspecified errors. (CVE-2014-1749)
- An integer underflow error exists related to the V8
- An error exists related to the 'Blink' 'SpeechInput'
feature that could allow click-jacking and information
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Google Chrome 35.0.1916.114 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false