Google Chrome < 15.0.874.120 Multiple Vulnerabilities
High Log Correlation Engine Plugin ID 800938
SynopsisThe remote host contains a web browser that is vulnerable to multiple attack vectors.
DescriptionVersions of Google Chrome earlier than 15.0.874.120 are affected by multiple vulnerabilities :
- A double-free error exists in the Theora decoder. (CVE-2011-3892)
- Out-of-bounds read errors exist in the MVK and Vorbis media handlers. (CVE-2011-3892)
- A memory corruption error exists in the VP8 decoding. (CVE-2011-3894)
- A heap overflow error exists in the Vorbis decoder. (CVE-2011-3895)
- A buffer overflow error exists in the shader variable mapping functionality. (CVE-2011-3896)
- A use-after-free error exists related to unspecified editing. (CVE-2011-3897)
- In JRE7, applets are allowed to run without the proper permissions. (CVE-2011-3898)
SolutionUpgrade to Google Chrome 15.0.874.120 or later.