Google Chrome < 8.0.552.237 Multiple Vulnerabilities

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is affected by multiple
vulnerabilities.

Description :

The version of Google Chrome installed on the remote host is earlier
than 8.0.552.237. Such versions are reportedly affected by multiple
vulnerabilities :

- A browser crash exists in extensions notification
handling. (Issue #58053)

- Bad pointer handling exists in node iteration.
(Issue #65764)

- Multiple crashes exist when printing multi-page PDFs.
(Issue #66334)

- A stale pointer exists with CSS + canvas. (Issue #66560)

- A stale pointer exists with CSS + cursors.
(Issue #66748)

- A use-after-free error exists in PDF handling.
(Issue #67100)

- A stack corruption error exists after PDF out-of-memory
conditions. (Issue #67208)

- A bad memory access issue exists when handling
mismatched video frame sizes. (Issue #67303)

- A stale pointer exists with SVG use element.
(Issue #67363)

- An uninitialized pointer exists in the browser which is
triggered by rogue extensions. (Issue #67393)

- Multiple buffer overflows exist in the Vorbis decoder.
(Issue #68115)

- A buffer overflow exists in PDF shading. (Issue #68170)

- A bad cast exists in anchor handling. (Issue #68178)

- A bad cast exists in video handling. (Issue #68181)

- A stale rendering node exists after DOM node removal.
(Issue #68439)

- A stale pointer exists in speech handling.
(Issue #68666)

See also :

http://www.nessus.org/u?b44c4173

Solution :

Upgrade to Google Chrome 8.0.552.237 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now