Google Chrome < 2.0.172.31 WebKit Multiple Vulnerabilities

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is affected by multiple
vulnerabilities.

Description :

The version of Google Chrome installed on the remote host is earlier
than 2.0.172.31. It thus is reportedly affected by multiple issues :

- A memory corruption issue exists in the way the WebKit
handles recursion in certain DOM event handlers.
Successful exploitation of this issue could allow
arbitrary code execution within the Google Chrome
sandbox. (CVE-2009-1690)

- WebKit's handling of drag events is affected by an
information disclosure issue. (CVE-2009-1718)

See also :

http://www.nessus.org/u?8e2e95c8

Solution :

Upgrade to Google Chrome 2.0.172.31 or later.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 39356 (google_chrome_2_0_172_31.nasl)

Bugtraq ID: 35271
35272

CVE ID: CVE-2009-1690
CVE-2009-1718

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now