This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
The remote host contains a web browser that is affected by multiple
The version of Google Chrome installed on the remote host is a version
prior to 37.0.2062.120. It is, therefore, affected by the following
- A use-after-free error exists related to rendering that
allows a remote attacker to execute arbitrary code.
- Unspecified errors exist having unspecified impact.
Note that the following issues exist due to the version of Adobe Flash
bundled with the application :
- Unspecified memory corruption issues exist that allow
arbitrary code execution. (CVE-2014-0547, CVE-2014-0549,
CVE-2014-0550, CVE-2014-0551, CVE-2014-0552,
- An unspecified error exists that allows cross-origin
policy violations. (CVE-2014-0548)
- A use-after-free error exists that allows arbitrary
code execution. (CVE-2014-0553)
- An unspecified error exists that allows an unspecified
security bypass. (CVE-2014-0554)
- Unspecified errors exist that allow memory leaks leading
to easier defeat of memory address randomization.
- Heap-based buffer overflow errors exist that allow
arbitrary code execution. (CVE-2014-0556, CVE-2014-0559)
See also :
Upgrade to Google Chrome 37.0.2062.120 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true
Nessus Plugin ID: 77581 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now