Detections
Analytics

Google Chrome < 4.9.385.33 Multiple Vulnerabilities

high Nessus Plugin ID 275884

Language:

Synopsis

A web browser installed on the remote Windows host is affected by multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote Windows host is prior to 4.9.385.33. It is, therefore, affected by multiple vulnerabilities as referenced in the 2016_03_stable-channel-update_24 advisory.

 - The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document. (CVE-2016-1650)

 - The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code. (CVE-2016-1646)

 - Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. (CVE-2016-1647)

 - Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code. (CVE-2016-1648)

 - The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages. (CVE-2016-1649)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 4.9.385.33 or later.

See Also

http://www.nessus.org/u?8901dec1

https://crbug.com/594574

https://crbug.com/590284

https://crbug.com/590455

https://crbug.com/595836

Plugin Details

Severity: High

ID: 275884

File Name: google_chrome_4_9_385_33.nasl

Version: 1.2

Type: local

Agent: windows

Family: Windows

Published: 11/20/2025

Updated: 11/24/2025

Configuration: Enable thorough checks (optional)

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2016-1650

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: installed_sw/Google Chrome

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/24/2016

Vulnerability Publication Date: 3/24/2016

CISA Known Exploited Vulnerability Due Dates: 6/22/2022

Reference Information

CVE: CVE-2016-1646, CVE-2016-1647, CVE-2016-1648, CVE-2016-1649, CVE-2016-1650

IAVB: 2016-B-0057-S