Google Chrome < 12.0.742.112 Multiple Vulnerabilities

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is affected by multiple
vulnerabilities.

Description :

The version of Google Chrome installed on the remote host is earlier
than 12.0.742.112. As such, it is affected by the following
vulnerabilities :

- An out-of-bounds read in NPAPI string handling exists.
(Issue #77493)

- A use-after-free issue exists in SVG font handling.
(Issue #84355)

- A memory corruption issue exists in CSS parsing.
(Issue #85003)

- Multiple lifetime and re-entrancy issues exist in the
HTML parser. (Issue #85102)

- A bad bounds check exists in v8. (Issue #85177)

- A use-after-free issue exists with the SVG use element.
(Issue #85211)

- A use-after-free issue exists in text selection.
(Issue #85418)

See also :

http://www.nessus.org/u?0153f07f

Solution :

Upgrade to Google Chrome 12.0.742.112 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 55460 ()

Bugtraq ID: 48479

CVE ID: CVE-2011-2345
CVE-2011-2346
CVE-2011-2347
CVE-2011-2348
CVE-2011-2349
CVE-2011-2350
CVE-2011-2351

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now