Detections
Analytics

Google Chrome < 26.0.1410.43 Multiple Vulnerabilities

high Log Correlation Engine Plugin ID 800112

Synopsis

The remote host contains a web browser that is affected by multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote host is a version prior to 26.0.1410.43 and is, therefore, affected by the following vulnerabilities :\n\n- Use-after-free errors exist related to 'Web Audio' and the extension bookmarks API. (CVE-2013-0916, CVE-2013-0920)\n- An out-of-bounds read error exists related to the URL loader. (CVE-2013-0917)\n- An unspecified error exists related to 'drag and drop' actions and the developer tools. (CVE-2013-0918)\n- An unspecified error exists related to website process isolation. (CVE-2013-0921)\n- An error exists related to HTTP basic authentication and brute force attacks. (CVE-2013-0922)\n- A memory safety issue exists related to the 'USB Apps' API. (CVE-2013-0923)\n- A permissions error exists related to extensions API and file permissions. (CVE-2013-0924)\n- URLs can be leaked to extensions even if the extension does not have the 'tabs' permission. (CVE-2013-0925)\n- An error exists related to 'active tags' and the paste action that has unspecified impact. (CVE-2013-0926)

See Also

http://www.nessus.org/u?11700993

Plugin Details

Severity: High

ID: 800112

Family: Web Clients

Nessus ID: 65691

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Reference Information

CVE: CVE-2013-0916, CVE-2013-0917, CVE-2013-0918, CVE-2013-0920, CVE-2013-0921, CVE-2013-0922, CVE-2013-0923, CVE-2013-0924, CVE-2013-0925, CVE-2013-0926

BID: 58712