icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Google Chrome < 15.0.874.120 Multiple Vulnerabilities

High

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description

Versions of Google Chrome earlier than 15.0.874.120 are affected by multiple vulnerabilities :

- A double-free error exists in the Theora decoder. (CVE-2011-3892)

- Out-of-bounds read errors exist in the MVK and Vorbis media handlers. (CVE-2011-3892)

- A memory corruption error exists in the VP8 decoding. (CVE-2011-3894)

- A heap overflow error exists in the Vorbis decoder. (CVE-2011-3895)

- A buffer overflow error exists in the shader variable mapping functionality. (CVE-2011-3896)

- A use-after-free error exists related to unspecified editing. (CVE-2011-3897)

- In JRE7, applets are allowed to run without the proper permissions. (CVE-2011-3898)

Solution

Upgrade to Google Chrome 15.0.874.120 or later.