Google Chrome < 17.0.963.65 Multiple Vulnerabilities

High Nessus Plugin ID 58206


The remote host contains a web browser that is affected by multiple vulnerabilities.


The version of Google Chrome installed on the remote host is earlier than 17.0.963.65 and is, therefore, affected by the following vulnerabilities:

- Use-after-free errors exist related to 'v8 element wrapper', SVG value handling, SVG document handling, SVG use handling, multi-column handling, quote handling, class attribute handling, table section handling, flexbox with floats and SVG animation elements. (CVE-2011-3031, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3038, CVE-2011-3039, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044)

- An error exists in the 'Skia' drawing library that can allow buffer overflows. (CVE-2011-3033)

- Casting errors exist related to line box handling and anonymous block splitting. (CVE-2011-3036, CVE-2011-3037)

- An out-of-bounds read error exists related to text handling. (CVE-2011-3040)


Upgrade to Google Chrome 17.0.963.65 or later.

See Also

Plugin Details

Severity: High

ID: 58206

File Name: google_chrome_17_0_963_65.nasl

Version: 1.9

Type: local

Agent: windows

Family: Windows

Published: 2012/03/05

Updated: 2018/11/15

Dependencies: 34196

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: SMB/Google_Chrome/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2012/03/04

Vulnerability Publication Date: 2012/03/04

Reference Information

CVE: CVE-2011-3031, CVE-2011-3032, CVE-2011-3033, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044

BID: 52271