Detections
Analytics

Google Chrome < 8.0.552.237 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 5742

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description

Versions of Google Chrome earlier than 8.0.552.237 are potentially affected by multiple vulnerabilities :

 - A browser crash exists in extensions notification handling. (58053)

 - Bad pointer handling exists in node iteration. (65764)

 - Multiple crashes exist when printing multi-page PDFs. (66334)

 - A stale pointer exists with CSS + canvas. (66560)

 - A stale pointer exists with CSS + cursors. (66748)

 - A use after free error exists in PDF handling. (67100)

 - A stack corruption error exists after PDF out-of-memory conditions. (67208)

 - A bad memory access issue exists when handling mismatched video frame sizes. (67303)

 -A stale pointer exists with SVG use elements. (67363)

 - An uninitialized pointer exists in the browser which is triggered by rogue extensions. (67393)

 - Multiple buffer overflows exists in the Vorbis decoder. (68115)

 - A buffer overflow exists in PDF shading. (68170)

 - A bad cast exists in anchor handling. (68178)

 - A bad cast exists in video handling. (68181)

 - A stale rendering node exists after DOM node removal. (68439)

 - A stale pointer exists in speech handling. (68666)

Solution

Upgrade to Google Chrome 8.0.552.237 or later.

See Also

http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html

Plugin Details

Severity: High

ID: 5742

Family: Web Clients

Published: 12/14/2010

Updated: 3/6/2019

Nessus ID: 51511

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Patch Publication Date: 12/13/2010

Vulnerability Publication Date: 12/13/2010

Reference Information

CVE: CVE-2011-0470

BID: 45788