Google Chrome < 52.0.2743.116 Multiple Vulnerabilities

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A web browser installed on the remote Windows host is affected by
multiple vulnerabilities.

Description :

The version of Google Chrome installed on the remote Windows host is
prior to 52.0.2743.116. It is, therefore, affected by multiple
vulnerabilities :

- An overflow condition exists in PDFium due to improper
validation of user-supplied input. An unauthenticated,
remote attacker can exploit this to cause a heap-based
buffer overflow, resulting in a denial of service
condition or the execution of arbitrary code.
(CVE-2016-5139)

- An overflow condition exists in OpenJPEG due to improper
validation of user-supplied input. An unauthenticated,
remote attacker can exploit this to cause a heap-based
buffer overflow, resulting in a denial of service
condition or the execution of arbitrary code.
(CVE-2016-5140)

- A flaw exists that is triggered when nested message
loops access documents without generating a
notification. An attacker can exploit this to spoof the
address bar. (CVE-2016-5141)

- A use-after-free error exists that allows an attacker to
dereference already freed memory, resulting in the
execution of arbitrary code. (CVE-2016-5142)

- A flaw exists in the sanitizeRemoteFrontendUrl()
function in devtools.js due to a failure to properly
sanitize input parameters. An attacker can exploit this
to have an unspecified impact. (CVE-2016-5143)

- A flaw exists in the loadScriptsPromise() function in
Runtime.js due to a failure to properly sanitize input
parameters. An attacker can exploit this to have an
unspecified impact. (CVE-2016-5144)

- A flaw exists due to improper handling of specially
crafted images. An attacker can exploit this to bypass
the same-origin policy. (CVE-2016-5145)

- Multiple unspecified high and medium severity
vulnerabilities exist, including an overflow condition
in WebRTC due to improper validation user-supplied input
when handling RTP packets. An attacker can exploit this
to cause a denial of service condition or the execution
of arbitrary code. (CVE-2016-5146)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://www.nessus.org/u?81b23127

Solution :

Upgrade to Google Chrome version 52.0.2743.116 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now