Google Chrome < 5.0.375.70 Multiple Vulnerabilities
high Nessus Network Monitor Plugin ID 5567
New! Plugin Severity Now Using CVSS v3
The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Synopsis
The remote host contains a web browser that is vulnerable to multiple attack vectors.Description
Versions of Google Chrome earlier than 5.0.375.70 are potentially affected by multiple vulnerabilities :- A cross-origin keystroke redirection vulnerability. (Bug 15766)
- A cross-origin bypass in DOM methods. (Bug 39985)
- A memory error exists in table layout. (Bug 42723)
- It is possible to escape the sandbox in Linux. (Bug 43304)
- A stale pointer exists in bitmap. (Bug 43307) - A memory corruption vulnerability exists in DOM mode normalization. (Bug 43315)
- A memory corruption vulnerability exists in text transforms. (Bug 43487)
- A cross-site scripting vulnerability exists in the innerHTML property of textarea. (Bug 43902)
- A memory corruption vulnerability exists in font handling. (Bug 44740)
- Geolocation events fire after document deletion. (Bug 44868)
- A memory corruption vulnerability exists in the rendering of list markers. (44955)
Solution
Upgrade to Google Chrome 5.0.375.70 or later.See Also
Plugin Details
Severity: High
ID: 5567
Family: Web Clients
Published: 6/8/2010
Updated: 3/6/2019
Nessus ID: 46850
Risk Information
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 6.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Temporal Vector: CVSS2#E:U/RL:OF/RC:C
Vulnerability Information
CPE: cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Patch Publication Date: 6/8/2010
Vulnerability Publication Date: 6/8/2010
Reference Information
CVE: CVE-2010-1772, CVE-2010-1773, CVE-2010-2295, CVE-2010-2301, CVE-2010-2296, CVE-2010-2297, CVE-2010-2298, CVE-2010-2299, CVE-2010-2300, CVE-2010-2302