Google Chrome < 18.104.22.168 Multiple Vulnerabilities
High Nessus Plugin ID 40778
SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is earlier than 22.214.171.124. Such versions are reportedly affected by multiple issues :
- The browser can connect to SSL-enabled sites whose certificates use weak hash algorithms, such as MD2 and MD4. An attacker may be able exploit this issue to forge certificates and spoof an invalid website as a valid HTTPS site. (Issue #18725)
- A stack consumption vulnerability in libxml2 library could be exploited to crash the Google Chrome tab process or execute arbitrary code with in Google Chrome sandbox.
- Multiple use-after-free vulnerabilities in libxml2 library could be exploited to crash the Google Chrome tab process or execute arbitrary code with in Google Chrome sandbox. (CVE-2009-2416)
SolutionUpgrade to Google Chrome 126.96.36.199 or later.