Google Chrome < 30.0.1599.66 Multiple Vulnerabilities (Mac OS X)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.

Synopsis :

The remote Mac OS X host contains a web browser that is affected by
multiple vulnerabilities.

Description :

The version of Google Chrome installed on the remote host is a version
prior to 30.0.1599.66. It is, therefore, affected by multiple
vulnerabilities :

- A race condition exists related to 'Web Audio'.

- Out-of-bounds read errors exist related to
the 'Window.prototype' object, 'Web Audio', and URL
parsing. (CVE-2013-2907, CVE-2013-2917, CVE-2013-2920)

- Several errors exist related to the address bar that
could allow spoofing attacks. (CVE-2013-2908,
CVE-2013-2915, CVE-2013-2916)

- Use-after-free errors exist related to 'inline-block'
rendering, 'Web Audio', XSLT, PPAPI, XML document
parsing, Windows color chooser dialog, DOM, the
resource loader, the 'template' element and ICU.
(CVE-2013-2909, CVE-2013-2910, CVE-2013-2911,
CVE-2013-2912, CVE-2013-2913, CVE-2013-2914,
CVE-2013-2918, CVE-2013-2921, CVE-2013-2922,

- A memory corruption error exists in the V8
JavaScript engine. (CVE-2013-2919)

- Various, unspecified errors exist. (CVE-2013-2923)

See also :

Solution :

Upgrade to Google Chrome 30.0.1599.66 or later.

Risk factor :

Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now