SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is earlier than 17.0.963.56 and is, therefore, affected by the following vulnerabilities:
- Integer overflow errors exist related to PDF codecs and libpng. (CVE-2011-3015, CVE-2011-3026)
- A read-after-free error exists related to 'counter nodes'. (CVE-2011-3016)
- Use-after-free errors exist related to database handling, subframe loading, and drag-and-drop functionality. (CVE-2011-3017, CVE-2011-3021, CVE-2011-3023)
- Heap-overflow errors exist related to path rendering and 'MKV' handling. (CVE-2011-3018, CVE-2011-3019)
- Unspecified errors exist related to the native client validator and HTTP use with translation scripts.
- Empty x509 certificates can cause browser crashes.
- An out-of-bounds read error exists related to h.264 parsing. (CVE-2011-3025)
- A bad variable cast exists related to column handling.
SolutionUpgrade to Google Chrome 17.0.963.56 or later.