This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote host contains a web browser that is affected by multiple
The version of Google Chrome installed on the remote host is earlier
than 22.0.1229.79 and is, therefore, affected by the following
- Out-of-bounds write errors exist related to Skia and
the PDF viewer. (CVE-2012-2874, CVE-2012-2883,
- Various, unspecified errors exist related to the PDF
- A buffer overflow error exists related to 'SSE2'
- An unspecified error exists related to extensions and
modal dialogs that can allow application crashes.
- Use-after-free errors exist related to plugin handling,
'onclick' handling, 'SVG' text references and the PDF
viewer. (CVE-2012-2878, CVE-2012-2887, CVE-2012-2888,
- An error exists related to 'DOM' topology corruption.
- Race conditions exist in the plugin paint buffer.
- 'DOM' tree corruption can occur with plugins.
- A pointer error exists related to 'OGG' container
- An out-of-bounds read error exists related to Skia.
- The possibility of a double-free error exists related to
application exit. (CVE-2012-2885)
- Universal cross-site scripting issues exist related
handling. (CVE-2012-2886, CVE-2012-2889)
- Address information can be leaked via inter process
communication (IPC). (CVE-2012-2891)
- A bypass error exists related to pop-up block.
- A double-free error exists related to 'XSL' transforms.
- An error exists related to graphics context handling.
- An unspecified memory corruption issue exists in the
Windows 7 kernel, as used by Google Chrome.
Successful exploitation of any of these issues could lead to an
application crash or even allow arbitrary code execution, subject to the
See also :
Upgrade to Google Chrome 22.0.1229.79 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true
Nessus Plugin ID: 62313 ()
CVE ID: CVE-2012-2874
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now