Google Chrome < 49.0.2623.87 Multiple RCE
High Nessus Plugin ID 89787
SynopsisThe remote Mac OS X host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote Mac OS X host is prior to 49.0.2623.87. It is, therefore, affected by multiple vulnerabilities :
- A type confusion error exists in the Blink rendering engine that allows a remote attacker, via a malicious website, to execute arbitrary code. (CVE-2016-1643)
- A use-after-free error exists in the Blink rendering engine that allows a remote attacker, via a malicious website, to deference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1644)
- An out-of-bounds write error exists in PDFium, the PDF rendering library, that allows a remote attacker to manipulate the system memory, resulting the execution of arbitrary code. (CVE-2016-1645)
SolutionUpgrade to Google Chrome version 49.0.2623.87 or later.