Detections
Analytics

Google Chrome < 5.0.375.125 Multiple Vulnerabilities

high Log Correlation Engine Plugin ID 800906

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description

Versions of Google Chrome earlier than 5.0.375.125 are potentially affected by multiple vulnerabilities :

 - It is possible for memory contents to be disclosed in layout code. (Bug 42735)

 - An unspecified issue with large canvases. (Bug 43813)

 - A memory corruption issue in rendering code. (Bug 47866)

 - A memory corruption issue in SVG handling. (Bug 48284)

 - It is possible for hostnames to be truncated. (Bug 48597)

Solution

Upgrade to Google Chrome 5.0.375.125 or later.

See Also

googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html

Plugin Details

Severity: High

ID: 800906

Family: Web Clients

Published: 7/27/2010

Nessus ID: 47859

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

Patch Publication Date: 7/26/2010

Vulnerability Publication Date: 7/26/2010

Reference Information

CVE: CVE-2010-2897, CVE-2010-2898, CVE-2010-2899, CVE-2010-2900, CVE-2010-2901, CVE-2010-2902, CVE-2010-2903

BID: 41976