This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
The remote host contains a web browser that is affected by multiple
The version of Google Chrome installed on the remote host is earlier
than 15.0.874.102. It therefore is potentially affected by the
following vulnerabilities :
- Several URL bar spoofing errors exist related to
history handling and drag-and-drop of URLs.
- Whitespace is stripped from the end of download
- A cross-site scripting issue exists related to the
'appcache' internals page. (CVE-2011-3877)
- A race condition exists related to working process
- An error exists related to redirection to 'chrome
scheme' URIs. (CVE-2011-3879)
- Unspecified special characters may be used as
delimiters in HTTP headers. (CVE-2011-3880)
- Several cross-origin policy violation issues exist.
- Several use-after-free errors exist related to media
buffer handling, counter handling, stale styles,
plugins and editing, and video source handling.
(CVE-2011-3882, CVE-2011-3883, CVE-2011-3885,
- Timing issues exist related to DOM traversal.
- An out-of-bounds write error exists in the V8
- A heap overflow issue exists related to Web Audio.
See also :
Upgrade to Google Chrome 15.0.874.102 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true
Nessus Plugin ID: 56650 ()
Bugtraq ID: 50360
CVE ID: CVE-2011-2845
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now