Google Chrome < 22.0.1229.79 Multiple Vulnerabilities

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is affected by multiple
vulnerabilities.

Description :

The version of Google Chrome installed on the remote host is earlier
than 22.0.1229.79 and is, therefore, affected by the following
vulnerabilities :

- Out-of-bounds write errors exist related to Skia and
the PDF viewer. (CVE-2012-2874, CVE-2012-2883,
CVE-2012-2895)

- Various, unspecified errors exist related to the PDF
viewer. (CVE-2012-2875)

- A buffer overflow error exists related to 'SSE2'
optimizations. (CVE-2012-2876)

- An unspecified error exists related to extensions and
modal dialogs that can allow application crashes.
(CVE-2012-2877)

- Use-after-free errors exist related to plugin handling,
'onclick' handling, 'SVG' text references and the PDF
viewer. (CVE-2012-2878, CVE-2012-2887, CVE-2012-2888,
CVE-2012-2890)

- An error exists related to 'DOM' topology corruption.
(CVE-2012-2879)

- Race conditions exist in the plugin paint buffer.
(CVE-2012-2880)

- 'DOM' tree corruption can occur with plugins.
(CVE-2012-2881)

- A pointer error exists related to 'OGG' container
handling. (CVE-2012-2882)

- An out-of-bounds read error exists related to Skia.
(CVE-2012-2884)

- The possibility of a double-free error exists related to
application exit. (CVE-2012-2885)

- Universal cross-site scripting issues exist related
to the v8 JavaScript engine bindings and frame
handling. (CVE-2012-2886, CVE-2012-2889)

- Address information can be leaked via inter process
communication (IPC). (CVE-2012-2891)

- A bypass error exists related to pop-up block.
(CVE-2012-2892)

- A double-free error exists related to 'XSL' transforms.
(CVE-2012-2893)

- An error exists related to graphics context handling.
(CVE-2012-2894)

- An unspecified memory corruption issue exists in the
Windows 7 kernel, as used by Google Chrome.
(CVE-2012-2897)

Successful exploitation of any of these issues could lead to an
application crash or even allow arbitrary code execution, subject to the
user's privileges.

See also :

http://www.nessus.org/u?fe7996d2

Solution :

Upgrade to Google Chrome 22.0.1229.79 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true