Google Chrome < 34.0.1847.137 Multiple Vulnerabilities
High Nessus Plugin ID 74008
SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is a version prior to 34.0.1847.137. It is, therefore, affected by the following vulnerabilities :
- A use-after-free error exists in the included Flash version that could lead to arbitrary code execution.
- An unspecified error exists in the included Flash version that could allow a bypass of the same origin policy. (CVE-2014-0516)
- Several security bypass errors exist in the included Flash version. (CVE-2014-0517, CVE-2014-0518, CVE-2014-0519, CVE-2014-0520)
- Use-after-free errors exist related to 'WebSockets' and 'editing'. (CVE-2014-1740, CVE-2014-1742)
- An integer overflow error exists related to DOM ranges. (CVE-2014-1741)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Google Chrome 34.0.1847.137 or later.