Google Chrome < Multiple Vulnerabilities

This script is Copyright (C) 2009-2017 Tenable Network Security, Inc.

Synopsis :

The remote host contains a web browser that is affected by multiple

Description :

The version of Google Chrome installed on the remote host is earlier
than Such versions are reportedly affected by multiple
issues :

- Google Chrome's inbuilt RSS/ATOM reader renders
untrusted JavaScript in an RSS/ATOM feed. Provided a
victim connects to a RSS/ATOM feed link controlled by
an attacker or a trusted website allows injecting
arbitrary JavaScript content into the site's RSS or
ATOM feed, it may be possible for an attacker to
execute arbitrary JavaScript within the victim's browser.
(Issue #21238)

- It may be possible to bypass the same origin policy via the
getSVGDocument() function. (Issue #21338)

See also :

Solution :

Upgrade to Google Chrome or later.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 41000 (google_chrome_3_0_195_21.nasl)

Bugtraq ID: 36416

CVE ID: CVE-2009-3263

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now