Google Chrome < 19.0.1084.46 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 6487
Synopsis
The remote host contains a web browser that is affected by multiple vulnerabilities.
Description
Versions of Google Chrome earlier than 19.0.1084.46 are potentially affected by the following vulnerabilities :
- Video content with FTP can cause crashes. (CVE-2011-3083)
- Internal links are not loaded in their own process. (CVE-2011-3084)
- Lenghty auto-filled values can corrupt the user interface. (CVE-2011-3085)
- User-after free errors exist related to style elements, table handling, indexed DBs, GTK 'omnibox' handling, and corrupt font enconding names related to PDF handling. (CVE-2011-3086, CVE-2011-3089, CVE-2011-3091, CVE-2011-3096, CVE-2011-3099)
- An error exists related to windows navigation. (CVE-2011-3087)
- Out-of-bounds read errors exist to hairline drawing, glyph handling, Tibetan, OGG containers, PDF sampled functions and drawing dash paths. (CVE-2011-3088, CVE-2011-3093, CVE-2011-3094, CVE-2011-3095, CVE-2011-3097, CVE-2011-3100)
- A race condition related to workers exists. (CVE-2011-3090)
- An invalid write exists in the v8 regex processing. (CVE-2011-3092)
- An error exists related to Windows Media Player plugin and the search path. (CVE-2011-3098)
- An off-by-one out-of-bounds write error exists in libxml. (CVE-2011-3098)
Solution
Upgrade to Google Chrome 19.0.1084.46 or later.