Google Chrome < 14.0.835.202 Multiple Vulnerabilities

High Log Correlation Engine Plugin ID 800905


The remote host contains a web browser that is vulnerable to multiple attack vectors.


Versions of Google Chrome earlier than 14.0.835.202 are affected by multiple vulnerabilities :

- A use-after-free issue exists in text line box handling. (Issue 93788)

- A stale font issue exists in SVG text handling. (Issue 95072)

- An inappropriate cross-origin access to the window prototype exists. (Issue 95671)

- Lifetime and threading issues exist in audio node handling. (Issue 96150)

- A use-after-free issue exists in the v8 bindings. (Issues 97451, 97520, 97615)

- A memory corruption issue exists in v8 hidden objects. (Issue 97784)

- A memory corruption issue exists in the shader translator. (Issue 98089)


Upgrade to Google Chrome 14.0.835.202 or later.

See Also

Plugin Details

Severity: High

ID: 800905

File Name: 800905.prm

Family: Web Clients

Published: 2011/10/04

Nessus ID: 56391

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2011/10/04

Vulnerability Publication Date: 2011/10/04

Reference Information

CVE: CVE-2011-2876, CVE-2011-2877, CVE-2011-2878, CVE-2011-2879, CVE-2011-2880, CVE-2011-2881, CVE-2011-3873

BID: 49938