Google Chrome < 14.0.835.163 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 6024
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote host contains a web browser that is vulnerable to multiple attack vectors.


Versions of Google Chrome earlier than 14.0.835.163 are affected by multiple vulnerabilities :

- A race condition exists related to the certificate cache. (Issue 49377)

- The Windows Media Player plugin allows click-free access to the system Flash. (Issue 51464)
- PIC / pie compiler lags are not used. (Linux only)(Issue 57908)
- MIME types are not treated authoritatively at plugin load time. (Issue 75070)
- An unspecified error allows V8 script object wrappers to crash. (Issue 76771)
- The included PDF functionality contains a garbage collection error. (Issue 78639)
- The Mac installer insecurely handles lock files. (Mac only)(Issue 80680) - Out-of-bounds read issues exist related to media buffers, mp3 files, box handling, Khmer characters, video handling, Tibetan characters, and triangle arrays. (Issues 82438, 85041, 89991, 90134, 90173, 95563, 95625)
- An unspecified error allows data displayed in the URL to be spoofed. (Issue 83031)
- Use-after-free error exist related to unload event handling, the document loader, plugin handling, ruby table style handling, and the focus controller. (Issues 89219, 89330, 91197, 92651, 94800, 93420, 93587)
- The URL bar can be spoofed in an unspecified manner related to the forward button. (Issue 89564)
- A NULL pointer error exists related to WebSockets. Issue 89795)
An off-by-one error exists related to the V8 JavaScript engine. (Issue 91120)
- A stale node error exists related to CSS stylesheet handling. (Issue 92959)
- A cross-origin bypass error exists related to the V8 JavaScript engine. (Issue 93416)
- A double-free error exists related to XPath handling in libxml. (Issue 93472)
- Incorrect permissions are assigned to non-gallery pages. (Issue 93497)
- An improper string read occurs in the included PDF functionality. (Issue 93596)
- An unspecified error allows unintended access to objects build in to the V8 JavaScript engine. (Issue 93906)
- Self-signed certificates are not pinned properly. (Issue 95917)
- A variable-type confusion issue exists in the V8 JavaScript engine related to object sealing. (Issue 95920)


Upgrade to Google Chrome 14.0.835.163 or later.

See Also

Plugin Details

Severity: High

ID: 6024

Family: Web Clients

Published: 9/21/2011

Updated: 3/6/2019

Nessus ID: 56230

Risk Information


Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Patch Publication Date: 9/20/2011

Vulnerability Publication Date: 9/20/2011

Reference Information

CVE: CVE-2011-2834, CVE-2011-2841, CVE-2011-2839, CVE-2011-2835, CVE-2011-2836, CVE-2011-2837, CVE-2011-2838, CVE-2011-2840, CVE-2011-2842, CVE-2011-2843, CVE-2011-2844, CVE-2011-2846, CVE-2011-2847, CVE-2011-2848, CVE-2011-2849, CVE-2011-2850, CVE-2011-2851, CVE-2011-2852, CVE-2011-2853, CVE-2011-2854, CVE-2011-2855, CVE-2011-2856, CVE-2011-2857, CVE-2011-2858, CVE-2011-2859, CVE-2011-2860, CVE-2011-2861, CVE-2011-2862, CVE-2011-2864, CVE-2011-2874, CVE-2011-2875, CVE-2011-3234

BID: 49658, 49933

IAVA: 2012-A-0153, 2012-A-0073