Google Chrome < 35.0.1916.114 Multiple Vulnerabilities
Medium Nessus Plugin ID 74122
SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is a version prior to 35.0.1916.114. It is, therefore, affected by the following vulnerabilities :
- Use-after-free errors exist related to 'styles' and 'SVG' handling. (CVE-2014-1743, CVE-2014-1745)
- An integer overflow error exists related to audio handling. (CVE-2014-1744)
- An out-of-bounds read error exists related to media filters. (CVE-2014-1746)
- A user-input validation error exists related to handling local MHTML files. (CVE-2014-1747)
- An unspecified error exists related to the scrollbar that could allow UI spoofing. (CVE-2014-1748)
- Various unspecified errors. (CVE-2014-1749)
- An error exists related to the 'Blick' 'SpeechInput' feature that could allow click-jacking and information disclosure. (CVE-2014-3803)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Google Chrome 35.0.1916.114 or later.