Detections
Analytics

Google Chrome < 40.0.2214.111 Multiple Vulnerabilities

critical Nessus Plugin ID 81207

Language:

Synopsis

A web browser installed on the remote Windows host is affected by multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote Windows host is prior to 40.0.2214.111. It is, therefore, affected by multiple vulnerabilities as referenced in the 2015_02_stable-channel-update advisory.

 - The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem:
 URI. (CVE-2015-1211)

 - Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors. (CVE-2015-1212)

 - Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper handling of a shadow-root anchor. (CVE-2015-1209)

 - The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
 (CVE-2015-1210)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 40.0.2214.111 or later.

See Also

http://crbug.com/

http://www.nessus.org/u?dfd1de2a

https://crbug.com/447906

Plugin Details

Severity: Critical

ID: 81207

File Name: google_chrome_40_0_2214_111.nasl

Version: 1.22

Type: local

Agent: windows

Family: Windows

Published: 2/6/2015

Updated: 11/24/2025

Configuration: Enable thorough checks (optional)

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2015-1212

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2015-1211

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: installed_sw/Google Chrome

Exploit Ease: No known exploits are available

Patch Publication Date: 2/5/2015

Vulnerability Publication Date: 2/2/2015

CISA Known Exploited Vulnerability Due Dates: 5/4/2022

Reference Information

CVE: CVE-2015-1209, CVE-2015-1210, CVE-2015-1211, CVE-2015-1212

BID: 72429, 72497, 72514, 72698