Google Chrome < 51.0.2704.79 Multiple Vulnerabilities

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A web browser installed on the remote Windows host is affected by
multiple vulnerabilities.

Description :

The version of Google Chrome installed on the remote Windows host is
prior to 51.0.2704.79. It is, therefore, affected by multiple
vulnerabilities :

- A cross-origin bypass issue exists in Extension
bindings. No other details are available.
(CVE-2016-1696)

- A cross-origin bypass issue exists in Blink. No other
details are available. (CVE-2016-1697)

- An information disclosure vulnerability exists in
Extension bindings. No other details are available.
(CVE-2016-1698)

- A flaw exists in DevTools due to a failure to sanitize
a parameter. No other details are available.
(CVE-2016-1699)

- A use-after-free error exists in Extensions. No other
details are available. (CVE-2016-1700)

- A use-after-free error exists in Autofill. No other
details are available. (CVE-2016-1701)

- An out-of-bounds read error exists in Skia. No other
details are available. (CVE-2016-1702)

- Multiple unspecified issues exists that were found
by internal auditing, fuzzing, etc. No other details
are available. (CVE-2016-1703)

See also :

http://www.nessus.org/u?1853ec44

Solution :

Upgrade to Google Chrome version 51.0.2704.79 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now