Google Chrome < 0.2.149.29 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 4681

Synopsis

The remote host contains a web browser that is affected by multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote host is earlier than 0.2.149.29. Such versions are reportedly are affected by several issues :

- A buffer overflow involving long filenames that display in the 'Save As...' dialog could lead to arbitrary code execution (Issue number 1414).
- A buffer overflow in handling of link targets displayed in the status area when a user hovers over a link could lead to arbitrary code execution (Fix number 1797).
- An out-of-bounds memory read when parsing URLs ending in ': %' could cause the application itself to crash (Issue number 122).
- The default Downloads directory is set to Desktop, which could lead to malicious cluttering of the desktop with unwanted downloads and even execution of arbitrary programs (Fix number 17933).

Solution

Upgrade to version 0.2.149.29 or higher.

See Also

http://code.google.com/p/chromium/issues/detail?id=122

http://code.google.com/p/chromium/issues/detail?id=1414

http://googlechromereleases.blogspot.com/2008/09/beta-release-0214929.html

Plugin Details

Severity: Medium

ID: 4681

Family: Web Clients

Published: 2008/09/16

Modified: 2016/11/23

Dependencies: 4645

Nessus ID: 34197

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 5.6

Temporal Score: 5.2

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Reference Information

CVE: CVE-2008-6994, CVE-2008-6995, CVE-2008-6997, CVE-2008-6998

BID: 30983, 31029, 31038, 31071