How to Buy
This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Mac OS X host contains a web browser that is affected by
The version of Google Chrome installed on the remote Mac OS X host is
a version prior to 36.0.1985.143. It is, therefore, affected by the
following vulnerabilities :
- A use-after-free error exists in the Web Sockets
implementation in Blink which allows remote attackers
to cause a denial of service.
- An information disclosure vulnerability exists due to
the Public Key Pinning (PKP) implementation not
correctly considering the properties of SPDY
connections. This error allows remote attackers to
obtain sensitive information by leveraging the use of
multiple domain names. (CVE-2014-3166)
- Multiple unspecified vulnerabilities allow attackers to
cause a denial of service.
See also :
Upgrade to Google Chrome 36.0.1985.143 or later.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : false
Family: MacOS X Local Security Checks
Nessus Plugin ID: 77185 ()
Bugtraq ID: 692016920269203
CVE ID: CVE-2014-3165CVE-2014-3166CVE-2014-3167
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.