SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is a version prior to 31.0.1650.48. It is, therefore, affected by multiple vulnerabilities :
- Various, unspecified errors exist. (CVE-2013-2931)
- Use-after-free errors exist related to speech input elements, media elements, 'id' attribute strings, DOM ranges, and libjingle. (CVE-2013-6621, CVE-2013-6622, CVE-2013-6624, CVE-2013-6625, CVE-2013-6631)
- Out-of-bounds read errors exist in SVG and HTTP parsing. (CVE-2013-6623, CVE-2013-6627)
- An address bar URI-spoofing vulnerability exists that is related to interstitial warnings. (CVE-2013-6626)
- A certificate validation security bypass issue exists during TLS renegotiation. (CVE-2013-6628)
- A memory corruption error exists in the libjpeg and libjpeg-turbo libraries when memory is uninitialized when decoding images with missing SOS data.
- A memory corruption error exists in the 'jdmarker.c' source file in the libjpeg-turbo library when processing Huffman tables. (CVE-2013-6630)
SolutionUpgrade to Google Chrome 31.0.1650.48 or later.