Google Chrome < 25.0.1364.152 Multiple Vulnerabilities

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.

Synopsis :

The remote host contains a web browser that is affected by multiple

Description :

The version of Google Chrome installed on the remote host is a
version prior to 25.0.1364.152. It is, therefore, affected by the
following vulnerabilities :

- Use-after-free errors exist related to the frame
loader, browser navigation handling and SVG
animation. (CVE-2013-0902, CVE-2013-0903, CVE-2013-0905)

- Memory corruption errors exist related to 'Web Audio'
and 'Indexed DB'. (CVE-2013-0904, CVE-2013-0906)

- A race condition exists related to media thread
handling. (CVE-2013-0907)

- An unspecified error exists related to extension
process bindings. (CVE-2013-0908)

- The 'XSS Auditor' could leak referrer information.

- An unspecified error exists related to loading
strictness and 'Mediate renderer -> browser plug-in'.

- A path traversal error exists related to database
handling. (CVE-2013-0911)

See also :

Solution :

Upgrade to Google Chrome 25.0.1364.152 or later.

Risk factor :

Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now