Google Chrome < 17.0.963.78 Multiple Vulnerabilities

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is affected by multiple
vulnerabilities.

Description :

The version of Google Chrome installed on the remote host is earlier
than 17.0.963.78 and is, therefore, affected by the following
vulnerabilities:

- The application does not properly handle history
navigation.

- An unspecified universal cross-site scripting issue
exists.

By exploiting these vulnerabilities in combination, an attacker could
bypass Chrome's sandbox and execute arbitrary code on the target
machine as demonstrated in March 2012 at Google's Pwnium
competition.

See also :

http://www.nessus.org/u?4f9acfbc

Solution :

Upgrade to Google Chrome 17.0.963.78 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.3
(CVSS2#E:ND/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 58328 ()

Bugtraq ID: 52357
52369

CVE ID: CVE-2011-3046

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now