Google Chrome < 27.0.1453.93 Multiple Vulnerabilities

high Log Correlation Engine Plugin ID 800944

Synopsis

The remote host contains a web browser that is affected by multiple vulnerabilities

Description

Versions of Google Chrome prior to 27.0.1453.93 are affected by the following vulnerabilities :

- Use-after-free errors exist in SVG, media loader, Pepper resource handling, widget handling, speech handling, style resolution, media loader, and related to race condition with workers. (CVE-2013-2837, CVE-2013-2840, CVE-2013-2841, CVE-2013-2842, CVE-2013-2843, CVE-2013-2844, CVE-2013-2846, CVE-2013-2847)

- An out-of-bounds read error exists in v8. (CVE-2013-2838)

- A memory corruption vulnerability exists related to a bad casting in clipboard handling. (CVE-2013-2839)

- A memory safety issue exists related to Web Audio. (CVE-2013-2845)

- An information disclosure vulnerability exists related to XSS Auditor. (CVE-2013-2848)

- A cross-site scripting vulnerability exists related to drag and drop or copy and paste. (CVE-2013-2849)

Solution

Upgrade to Google Chrome 27.0.1453.93 or later.

See Also

http://www.nessus.org/u?ef8d3a90

Plugin Details

Severity: High

ID: 800944

Family: Web Clients

Published: 5/23/2013

Nessus ID: 66556

Vulnerability Information

Patch Publication Date: 5/21/2013

Vulnerability Publication Date: 5/21/2013

Reference Information

CVE: CVE-2013-2836, CVE-2013-2837, CVE-2013-2838, CVE-2013-2839, CVE-2013-2840, CVE-2013-2841, CVE-2013-2842, CVE-2013-2843, CVE-2013-2844, CVE-2013-2845, CVE-2013-2846, CVE-2013-2847, CVE-2013-2848, CVE-2013-2849

BID: 60062, 60063, 60064, 60065, 60066, 60067, 60068, 60069, 60070, 60071, 60072, 60073, 60074, 60076