Google Chrome < 17.0.963.46 Multiple Vulnerabilities

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.

Synopsis :

The remote host contains a web browser that is affected by multiple

Description :

The version of Google Chrome installed on the remote host is earlier
than 17.0.963.46 and is, therefore, affected by the following

- Clipboard monitoring after a paste action is possible.

- Application crashes are possible with excessive
database usage, killing an 'IndexDB' transaction,
signature checks and processing unusual certificates.
(CVE-2011-3954, CVE-2011-3955, CVE-2011-3965,

- Sandboxed origins are not handled properly inside
extensions. (CVE-2011-3956)

- Use-after-free errors exist related to PDF garbage
collection, stylesheet error handling, CSS handling,
SVG layout and 'mousemove' event handling.
(CVE-2011-3957, CVE-2011-3966, CVE-2011-3968,
CVE-2011-3969, CVE-2011-3971)

- An error exists related to bad casting and column
spans. (CVE-2011-3958)

- A buffer overflow exists related to locale handing.

- Out-of-bounds read errors exist related to audio
decoding, path clipping, PDF fax imaging, 'libxslt',
and the shader translator. (CVE-2011-3960,
CVE-2011-3962, CVE-2011-3963, CVE-2011-3970,

- A race condition exists after a utility process
crashes. (CVE-2011-3961)

- An unspecified error exists related to the URL bar
after drag and drop operations. (CVE-2011-3964)

See also :

Solution :

Upgrade to Google Chrome 17.0.963.46 or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true