Detections
Analytics

Google Chrome < 20.0.1132.43 Multiple Vulnerabilities

high Log Correlation Engine Plugin ID 800967

Synopsis

The remote host contains a web browser that is affected by multiple vulnerabilities.

Description

Versions of Google Chrome earlier than 20.0.1132.43 are potentially affected by the following vulnerabilities :

 - An unspecified error allows access to iFrame fragment ID information, (CVE-2012-2815)

 - An unspecified issue is triggered when sandboxed processes interfere with one another. (CVE-2012-2816)

 - A user-after free issue exists in handling table sections which may allow for execution of arbitrary code. (CVE-2012-02817)

 - An unspecified use-after-free flaw exists in the counter layout which may allow for execution of arbitrary code. (CVE-2012-2818)

 - A flaw exists in the WebGL subsystem when the texSubImage2d implementation does not properly handle uploads to floating-point textures, which may allow a remote denial of service. (CVE-2012-2919)

 - An out-of-bounds read error occurs during the handling of SVG filters, which may allow a remote denial of service. (CVE-2012-2820)

 - A flaw exists in the autofill display. No further details have been provided. (CVE-2012-2821)

 - An out-of-bounds read error occurs during the handling of PDF files, which may allow multiple unspecified remote denial of service attacks. (CVE-2012-2822)

 - An user-after-free flaw exists during the handling of SVG resources, which may allow for execution of arbitrary code. (CVE-2012-2823, CVE-2012-2831)

 - An user-after-free flaw exists in SVG painting. No further details have been provided. (CVE-2012-2824)

 - An out-of-bounds read error occurs during texture conversion which may allow a remote denial of service. (CVE-2012-2826)

 - An use-after-free flaw in the Mac GUI. No further details have been provided. (CVE-2012-2827)

 - A flaw exists in improper sanitizing of user-supplied inputting resulting in multiple unspecified integer overflows with a specially crafted PDF file. (CVE-2012-2828)

 - An user-after-free flaw is triggered during handling of first letters. No further details have been provided. (CVE-2012-2829)

 - A flaw is triggered when an unspecified NULL pointer dereference occurs in array setting handling. (CVE-2012-2830)

 - A flaw is triggered when a NULL pointer dereference occurs in a PDF image codec. (CVE-2012-2832)

 - An overflow condition occurs when the PDF JS API fails to properly sanitize user-supplied input resulting in a buffer overflow. (CVE-2012-2833)

 - An overflow condition occurs in the Matroska container which fails to properly sanitize user-supplied input resulting in an integer overflow. (CVE-2012-2834)

 - A flaw exists in the way it loads dynamic-link-libraries (DLL). (CVE-2012-2764)

 - A flaw is triggered when an unspecified wild read occurs during the handling of XSL. (CVE-2012-2825)

 - This issue is only present on 64-bit Linux platforms. The libxml is prone to multiple unspecified overflow conditions. (CVE-2012-2807)

Solution

Upgrade to Google Chrome 20.0.1132.43 or later.

See Also

http://www.nessus.org/u?50aa8d41

http://www.nessus.org/u?c9fd4072

Plugin Details

Severity: High

ID: 800967

Family: Web Clients

Published: 7/5/2012

Nessus ID: 59735

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Patch Publication Date: 6/26/2012

Vulnerability Publication Date: 6/26/2012

Reference Information

CVE: CVE-2012-2764, CVE-2012-2807, CVE-2012-2815, CVE-2012-2816, CVE-2012-2817, CVE-2012-2818, CVE-2012-2819, CVE-2012-2820, CVE-2012-2821, CVE-2012-2822, CVE-2012-2823, CVE-2012-2824, CVE-2012-2825, CVE-2012-2826, CVE-2012-2827, CVE-2012-2828, CVE-2012-2829, CVE-2012-2830, CVE-2012-2831, CVE-2012-2832, CVE-2012-2833, CVE-2012-2834

BID: 54203