Google Chrome < 17.0.963.83 Multiple Vulnerabilities

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.

Synopsis :

The remote host contains a web browser that is affected by multiple

Description :

The version of Google Chrome installed on the remote host is earlier
than 17.0.963.83 and is, therefore, affected by the following
vulnerabilities :

- An unspecified integer issue exists in libpng.

- An error exists related to the extension web request
API that could allow denial of service attacks.
Note this issue was corrected in a previous, unspecified
release. (CVE-2011-3049)

- Use-after-free errors exist related to 'first-letter'
handling, CSS cross-fade handling and block splitting.
(CVE-2011-3050, CVE-2011-3051, CVE-2011-3053)

- A memory corruption error exists related to WebGL
canvas handling. (CVE-2011-3052)

- An error exists related to webui privilege isolation.

- Installation of unpacked extensions does not use the
application's native user interface for prompts.

- A cross-origin violation is possible with 'magic iframe'.

- The v8 JavaScript engine could allow invalid reads to
take place. (CVE-2011-3057)

See also :

Solution :

Upgrade to Google Chrome 17.0.963.83 or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now