Google Chrome < 18.0.1025.151 Multiple Vulnerabilities

High Nessus Plugin ID 58644


The remote host contains a web browser that is affected by multiple vulnerabilities.


The version of Google Chrome installed on the remote host is earlier than 18.0.1025.151 and is, therefore, affected by the following vulnerabilities :

- An out-of-bounds read issue exists related to 'Skia' clipping. (CVE-2011-3066)

- An error exists related to cross-origin iframe replacement. (CVE-2011-3067)

- Use-after-free errors exist related to 'run-in' handling, line box editing, v8 JavaScript engine bindings, 'HTMLMediaElement', SVG resource handling, media handling, style command application, and focus handling. (CVE-2011-3068, CVE-2011-3069, CVE-2011-3070, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076)

- A cross-origin violation error exists related to pop-up windows. (CVE-2011-3072)

- A read-after-free error exists related to script binding. (CVE-2011-3077)

- The bundled Adobe Flash Player is vulnerable to several memory corruption issues that can lead to arbitrary code execution. (CVE-2012-0724, CVE-2012-0725)


Upgrade to Google Chrome 18.0.1025.151 or later.

See Also

Plugin Details

Severity: High

ID: 58644

File Name: google_chrome_18_0_1025_151.nasl

Version: $Revision: 1.9 $

Type: local

Agent: windows

Family: Windows

Published: 2012/04/09

Modified: 2016/05/16

Dependencies: 34196

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: SMB/Google_Chrome/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/04/05

Vulnerability Publication Date: 2012/04/05

Reference Information

CVE: CVE-2011-3066, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3070, CVE-2011-3071, CVE-2011-3072, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3077, CVE-2012-0724, CVE-2012-0725

BID: 52913, 57027

OSVDB: 81036, 81037, 81038, 81039, 81040, 81041, 81042, 81043, 81044, 81045, 81046, 81047, 81244, 81245