Detections
Analytics

Google Chrome < 44.0.2403.89 Multiple Vulnerabilities

critical Nessus Plugin ID 84922

Language:

Synopsis

A web browser installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote macOS host is prior to 44.0.2403.89. It is, therefore, affected by multiple vulnerabilities as referenced in the 2015_07_stable-channel-update_21 advisory.

 - The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site. (CVE-2015-1290)

 - Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an abort action before a certain write operation.
 (CVE-2015-1276)

 - PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted PDF document that triggers a large memory allocation.
 (CVE-2015-1271)

 - Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document. (CVE-2015-1273)

 - Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous Always open files of this type choice, related to download_commands.cc and download_prefs.cc. (CVE-2015-1274)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 44.0.2403.89 or later.

See Also

http://www.nessus.org/u?3e9b7c05

https://crbug.com/419383

https://crbug.com/444573

https://crbug.com/446032

https://crbug.com/451456

https://crbug.com/459215

https://crbug.com/461858

https://crbug.com/462843

https://crbug.com/472614

https://crbug.com/479162

https://crbug.com/479743

https://crbug.com/482380

https://crbug.com/483981

https://crbug.com/486947

https://crbug.com/487155

https://crbug.com/487928

https://crbug.com/492052

https://crbug.com/493243

https://crbug.com/498982

https://crbug.com/504011

https://crbug.com/505374

Plugin Details

Severity: Critical

ID: 84922

File Name: macosx_google_chrome_44_0_2403_89.nasl

Version: 1.10

Type: local

Agent: macosx

Published: 7/22/2015

Updated: 11/20/2025

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2015-1290

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2015-1276

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: installed_sw/Google Chrome

Exploit Ease: No known exploits are available

Patch Publication Date: 7/21/2015

Vulnerability Publication Date: 2/6/2015

Reference Information

CVE: CVE-2015-1270, CVE-2015-1271, CVE-2015-1272, CVE-2015-1273, CVE-2015-1274, CVE-2015-1275, CVE-2015-1276, CVE-2015-1277, CVE-2015-1278, CVE-2015-1279, CVE-2015-1280, CVE-2015-1281, CVE-2015-1282, CVE-2015-1283, CVE-2015-1284, CVE-2015-1285, CVE-2015-1286, CVE-2015-1287, CVE-2015-1288, CVE-2015-1289, CVE-2015-1290

BID: 75973