Google Chrome < 59.0.3071.104 Multiple Vulnerabilities
High Nessus Plugin ID 100991
SynopsisA web browser installed on the remote Windows host is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote Windows host is prior to 59.0.3071.104. It is, therefore, affected by the following vulnerabilities :
- A security bypass vulnerability exists in the IndexedDB component that allows an unauthenticated, remote attacker to bypass the sandbox. (CVE-2017-5087)
- An out-of-bounds read error exists in the V8 component that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-5088)
- An unspecified flaw exists in the Omnibox address bar component that allows an unauthenticated, remote attacker to spoof domains. (CVE-2017-5089)
- Multiple unspecified vulnerabilities exist that allow an unauthenticated, remote attacker to have a high severity impact. (VulnDB 159208, 159209)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Google Chrome version 59.0.3071.104 or later.