Google Chrome < 6.0.472.53 Multiple Vulnerabilities

High Nessus Plugin ID 49089


The remote host contains a web browser that is affected by multiple vulnerabilities.


The version of Google Chrome installed on the remote host is earlier than 6.0.472.53. It therefore is reportedly affected by multiple vulnerabilities :

- It is possible to bypass the pop-up blocker with a blank frame target . (Issue #34414)

- It is possible to visually spoof the URL bar with homographic sequences. (Issue #37201)

- Restrictions on setting clipboard content are not strict enough. (Issue #41654)

- A stale pointer exists with SVG filters. (Issue #45659)

- It may be possible to enumerate installed extensions.
(Issue #45876)

- An unspecified vulnerability in WebSockets could lead to a browser NULL crash. (Issue #46750, #51846)

- A use-after-free error exists in the Notifications presenter. (Issue #50386)

- An unspecified memory corruption issue exists in Notification permissions. (Issue #50839)

- Multiple unspecified integer errors exist in WebSockets.
(Issue #51360, #51739)

- A memory corruption issue exists with counter nodes.
(Issue #51653)

- Chrome may store an excessive amount of autocomplete entries. (Issue #51727)

- A stale pointer exists in focus handling. (Issue #52443)

- A Sandbox parameter deserialization error exists.
(Issue #52682)

- An unspecified cross-origin image theft issue exists.
(Issue #53001)


Upgrade to Google Chrome 6.0.472.53 or later.

See Also

Plugin Details

Severity: High

ID: 49089

File Name: google_chrome_6_0_472_53.nasl

Version: $Revision: 1.16 $

Type: local

Agent: windows

Family: Windows

Published: 2010/09/02

Modified: 2016/05/16

Dependencies: 34196

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: SMB/Google_Chrome/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/09/02

Vulnerability Publication Date: 2010/09/02

Reference Information

CVE: CVE-2010-3246, CVE-2010-3247, CVE-2010-3248, CVE-2010-3249, CVE-2010-3250, CVE-2010-3251, CVE-2010-3252, CVE-2010-3253, CVE-2010-3254, CVE-2010-3255, CVE-2010-3256, CVE-2010-3257, CVE-2010-3258, CVE-2010-3259

BID: 42952, 44204, 44206, 44216

OSVDB: 65314, 67854, 67855, 67857, 67858, 67859, 67860, 67861, 67862, 67863, 67864, 67865, 67866, 67867