SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is a version prior to 26.0.1410.43 and is, therefore, affected by the following vulnerabilities :
- Use-after-free errors exist related to 'Web Audio' and the extension bookmarks API. (CVE-2013-0916, CVE-2013-0920)
- An out-of-bounds read error exists related to the URL loader. (CVE-2013-0917)
- An unspecified error exists related to 'drag and drop' actions and the developer tools. (CVE-2013-0918)
- An unspecified error exists related to website process isolation. (CVE-2013-0921)
- An error exists related to HTTP basic authentication and brute-force attacks. (CVE-2013-0922)
- A memory safety issue exists related to the 'USB Apps' API. (CVE-2013-0923)
- A permissions error exists related to extensions API and file permissions. (CVE-2013-0924)
- URLs can be leaked to extensions even if the extension does not have the 'tabs' permission. (CVE-2013-0925)
- An error exists related to 'active tags' and the paste action that has unspecified impact. (CVE-2013-0926)
SolutionUpgrade to Google Chrome 26.0.1410.43 or later.