Google Chrome < 10.0.648.127 Multiple Vulnerabilities

Medium Nessus Plugin ID 52589


The remote host contains a web browser that is affected by multiple vulnerabilities.


The version of Google Chrome installed on the remote host is earlier than 10.0.648.127. Such versions are reportedly affected by multiple vulnerabilities :

- It may be possible to navigate or close the top location in a sandboxed frame. (Issue #42574, #42765)

- A cross-origin error message leak exists. (Issue #69187)

- A memory corruption issue exists with counter nodes.
(Issue #69628)

- An unspecified issue exists with stale nodes in box layout. (Issue #70027)

- A cross-origin error message leak exists with workers.
(Issue #70336)

- A use-after-free error exists with DOM URL handling.
(Issue #70442)

- A same origin policy bypass exists in v8. (Issue #70877)

- It may be possible to bypass the pop-up blocker.
(Issue #70885, #71167)

- A use-after-free error exists in document script lifetime handling. (Issue #71763)

- An out-of-bounds write issue exists in the OGG container. (Issue #71788)

- A stale pointer exists in table painting. (Issue #72028)

- A corrupt out-of-bounds structure may be used in video code. (Issue #73026)

- It may be possible to crash the application with the DataView object. (Issue #73066)

- A bad cast exists in text rendering. (Issue #73134)

- A stale pointer exists in the WebKit context code.
(Issue #73196)

- It may be possible for heap addresses to leak in XSLT.
(Issue #73716)

- A stale pointer exists with SVG cursors. (Issue #73746)

- It is possible for the DOM tree to be corrupted with attribute handling. (Issue #74030)

- An unspecified corruption exists via re-entrancy of RegExp code. (Issue #74662)

- An invalid memory access exists in v8. (Issue #74675)


Upgrade to Google Chrome 10.0.648.127 or later.

See Also

Plugin Details

Severity: Medium

ID: 52589

File Name: google_chrome_10_0_648_127.nasl

Version: $Revision: 1.23 $

Type: local

Agent: windows

Family: Windows

Published: 2011/03/09

Modified: 2014/10/03

Dependencies: 34196

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: SMB/Google_Chrome/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2011/03/08

Vulnerability Publication Date: 2011/03/08

Reference Information

CVE: CVE-2011-1185, CVE-2011-1187, CVE-2011-1188, CVE-2011-1189, CVE-2011-1190, CVE-2011-1191, CVE-2011-1193, CVE-2011-1194, CVE-2011-1195, CVE-2011-1196, CVE-2011-1197, CVE-2011-1198, CVE-2011-1199, CVE-2011-1200, CVE-2011-1201, CVE-2011-1202, CVE-2011-1203, CVE-2011-1204, CVE-2011-1285, CVE-2011-1286

BID: 46785, 47668, 50062

OSVDB: 72094, 72472, 72475, 72476, 72477, 72478, 72479, 72481, 72482, 72483, 72484, 72485, 72486, 72487, 72488, 72489, 72490, 72491, 72492, 72493, 72494, 81526

Secunia: 43683