Google Chrome < 5.0.375.99 Multiple Vulnerabilities

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is affected by multiple
vulnerabilities.

Description :

The version of Google Chrome installed on the remote host is earlier
than 5.0.375.99. It therefore is reportedly affected by multiple
vulnerabilities :

- An unspecified error allows an out-of-bounds read with
WebGL. (Issue #42396)

- An unspecified error exists in the process of isolating
sandboxed iframes. (Issue #42575, #42980)

- An unspecified memory corruption error exists in the
handling invalid SVG images. (Issue #43488)

- An unspecified memory corruption error exists in the
implementation of a bidirectional algorithm.
(Issue #44424)

- An unspecified error in the processing of certain
invalid images can lead to application crashes.
(Issue #45164)

- An unspecified memory corruption error exists in the
processing of PNG images and can lead to application
crashes. (Issue #45983)

- An unspecified memory corruption error exists in the
processing of CSS. (Issue #46360)

- An unspecified error exists in the handling of print
dialogs. (Issue #46575)

- An unspecified error exists in the handling of modal
dialogs and can lead to application crashes.
(Issue #47056)

See also :

http://www.nessus.org/u?aeaddbb2

Solution :

Upgrade to Google Chrome 5.0.375.99 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 47595 (google_chrome_5_0_375_99.nasl)

Bugtraq ID: 41334
44215
44217

CVE ID: CVE-2010-2645
CVE-2010-2646
CVE-2010-2647
CVE-2010-2648
CVE-2010-2649
CVE-2010-2650
CVE-2010-2651
CVE-2010-2652

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now