Google Chrome < 17.0.963.46 Multiple Vulnerabilities
High Nessus Plugin ID 57876
SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is earlier than 17.0.963.46 and is, therefore, affected by the following vulnerabilities:
- Clipboard monitoring after a paste action is possible.
- Application crashes are possible with excessive database usage, killing an 'IndexDB' transaction, signature checks and processing unusual certificates.
(CVE-2011-3954, CVE-2011-3955, CVE-2011-3965, CVE-2011-3967)
- Sandboxed origins are not handled properly inside extensions. (CVE-2011-3956)
- Use-after-free errors exist related to PDF garbage collection, stylesheet error handling, CSS handling, SVG layout and 'mousemove' event handling.
(CVE-2011-3957, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971)
- An error exists related to bad casting and column spans. (CVE-2011-3958)
- A buffer overflow exists related to locale handing.
- Out-of-bounds read errors exist related to audio decoding, path clipping, PDF fax imaging, 'libxslt', and the shader translator. (CVE-2011-3960, CVE-2011-3962, CVE-2011-3963, CVE-2011-3970, CVE-2011-3972)
- A race condition exists after a utility process crashes. (CVE-2011-3961)
- An unspecified error exists related to the URL bar after drag and drop operations. (CVE-2011-3964)
SolutionUpgrade to Google Chrome 17.0.963.46 or later.