SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is earlier than 20.0.1132.43 and is, therefore, affected by the following vulnerabilities :
- An error exists related to the loading of the 'metro' DLL. (CVE-2012-2764)
- An error exists related to the leaking of iframe fragment id. (CVE-2012-2815)
- An error exists that allows sandboxes to interfere with each other. (CVE-2012-2816)
- Multiple use-after-free errors exist related to table section handling, counter layout, SVG resource handling, SVG painting, first-letter handling and SVG reference handling. (CVE-2012-2817, CVE-2012-2818, CVE-2012-2823, CVE-2012-2824, CVE-2012-2829, CVE-2012-2831)
- An error exists related to texture handling that can cause application crashes. (CVE-2012-2819)
- Out-of-bounds read errors exist related to SVG filter handling and texture conversion. (CVE-2012-2820, CVE-2012-2826)
- An unspecified error exists related to autofill display actions. (CVE-2012-2821)
- Several 'OOB' read issues exist related to PDF processing. (CVE-2012-2822)
- A read error exists related to XSL handling.
- Several integer overflow issues exist related to PDF processing. (CVE-2012-2828)
- A pointer issue exists related to the setting of array values. (CVE-2012-2830)
- An uninitialized pointer issue exists related to the PDF image codec. (CVE-2012-2832)
- An integer overflow error exists related to the 'Matroska' container. (CVE-2012-2834)
SolutionUpgrade to Google Chrome 20.0.1132.43 or later.