Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Google Chrome < 17.0.963.56 Multiple Vulnerabilities

High

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description



Versions of Google Chrome earlier than 17.0.963.56 are potentially affected by the following vulnerabilities :

- Integer overflow errors exist related to PDF codecs and libpng. (CVE-2011-3015, CVE-2011-3026)

- A read-after-free error exists related to 'counter nodes'. (CVE-2011-3016)

- Use-after-free errors exist related to database handling, subframe loading, and ddrag-and-drop functionality. (CVE-2011-3017, CVE-2011-3021, CVE-2011-3023)

- Heap-overflow errors exist related to path rendering and 'MKV' handling. (CVE-2011-3018, CVE-2011-3019)

- Unspecified errors exist related to the native client validator and HTTP use with translation scripts. (CVE-2011-3020, CVE-2011-3022)

- Empty x509 certificates can cause browser crashes. (CVE-2011-3024)

- An out-of-bounds read error exists related to h.264 parsing. (CVE-2011-3025)

- A bad variable cast exists related to column handling. (CVE-2011-3027)

Solution

Upgrade to Google Chrome 17.0.963.56 or later.