Google Chrome < 184.108.40.206 Multiple Vulnerabilities
High Nessus Plugin ID 40778
SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is earlier than 220.127.116.11. Such versions are reportedly affected by multiple issues :
- The browser can connect to SSL-enabled sites whose certificates use weak hash algorithms, such as MD2 and MD4. An attacker may be able exploit this issue to forge certificates and spoof an invalid website as a valid HTTPS site. (Issue #18725)
- A stack consumption vulnerability in libxml2 library could be exploited to crash the Google Chrome tab process or execute arbitrary code with in Google Chrome sandbox.
- Multiple use-after-free vulnerabilities in libxml2 library could be exploited to crash the Google Chrome tab process or execute arbitrary code with in Google Chrome sandbox. (CVE-2009-2416)
SolutionUpgrade to Google Chrome 18.104.22.168 or later.