Google Chrome < 10.0.648.127 Multiple Vulnerabilities
Medium Nessus Plugin ID 52589
SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is earlier than 10.0.648.127. Such versions are reportedly affected by multiple vulnerabilities :
- It may be possible to navigate or close the top location in a sandboxed frame. (Issue #42574, #42765)
- A cross-origin error message leak exists. (Issue #69187)
- A memory corruption issue exists with counter nodes.
- An unspecified issue exists with stale nodes in box layout. (Issue #70027)
- A cross-origin error message leak exists with workers.
- A use-after-free error exists with DOM URL handling.
- A same origin policy bypass exists in v8. (Issue #70877)
- It may be possible to bypass the pop-up blocker.
(Issue #70885, #71167)
- A use-after-free error exists in document script lifetime handling. (Issue #71763)
- An out-of-bounds write issue exists in the OGG container. (Issue #71788)
- A stale pointer exists in table painting. (Issue #72028)
- A corrupt out-of-bounds structure may be used in video code. (Issue #73026)
- It may be possible to crash the application with the DataView object. (Issue #73066)
- A bad cast exists in text rendering. (Issue #73134)
- A stale pointer exists in the WebKit context code.
- It may be possible for heap addresses to leak in XSLT.
- A stale pointer exists with SVG cursors. (Issue #73746)
- It is possible for the DOM tree to be corrupted with attribute handling. (Issue #74030)
- An unspecified corruption exists via re-entrancy of RegExp code. (Issue #74662)
- An invalid memory access exists in v8. (Issue #74675)
SolutionUpgrade to Google Chrome 10.0.648.127 or later.