Google Chrome < 126.96.36.199 Multiple Vulnerabilities
Medium Nessus Plugin ID 35558
SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is earlier than 188.8.131.52. Such versions are reportedly affected by several issues :
- Cross-site scripting vulnerabilities in the Adobe Reader Plugin itself could be leveraged using a PDF document to run scripts on arbitrary sites via Google Chrome.
(CVE-2007-0048 and CVE-2007-0045)
- A cross-domain security-bypass vulnerability that could allow an attacker to bypass the same-origin policy and gain access to potentially sensitive information.
- A remote attacker may be able to gain access to the 'Set-Cookie' and 'Set-Cookie2' response headers via XMLHttpRequest calls. (CVE-2009-0411)
SolutionUpgrade to Google Chrome version 184.108.40.206 or later.