Google Chrome < 27.0.1453.93 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 6835

Synopsis

The remote host contains a web browser that is affected by multiple vulnerabilities

Description

Versions of Google Chrome prior to 27.0.1453.93 are affected by the following vulnerabilities :

- Use-after-free errors exist in SVG, media loader, Pepper resource handling, widget handling, speech handling, style resolution, media loader, and related to race condition with workers. (CVE-2013-2837, CVE-2013-2840, CVE-2013-2841, CVE-2013-2842, CVE-2013-2843, CVE-2013-2844, CVE-2013-2846, CVE-2013-2847)

- An out-of-bounds read error exists in v8. (CVE-2013-2838)

- A memory corruption vulnerability exists related to a bad casting in clipboard handling. (CVE-2013-2839)

- A memory safety issue exists related to Web Audio. (CVE-2013-2845)

- An information disclosure vulnerability exists related to XSS Auditor. (CVE-2013-2848)

- A cross-site scripting vulnerability exists related to drag and drop or copy and paste. (CVE-2013-2849)

Solution

Upgrade to Google Chrome 27.0.1453.93 or later.

See Also

http://www.nessus.org/u?ef8d3a90

Plugin Details

Severity: High

ID: 6835

File Name: 6835.prm

Family: Web Clients

Published: 2013/05/23

Modified: 2016/12/06

Dependencies: 1735, 8314

Nessus ID: 66556, 66676

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Patch Publication Date: 2013/05/21

Vulnerability Publication Date: 2013/05/21

Reference Information

CVE: CVE-2013-2836, CVE-2013-2837, CVE-2013-2838, CVE-2013-2839, CVE-2013-2840, CVE-2013-2841, CVE-2013-2842, CVE-2013-2843, CVE-2013-2844, CVE-2013-2845, CVE-2013-2846, CVE-2013-2847, CVE-2013-2848, CVE-2013-2849

BID: 60062, 60063, 60064, 60065, 60066, 60067, 60068, 60069, 60070, 60071, 60072, 60073, 60074, 60076

OSVDB: 92675, 92818, 93249, 93567, 93568, 93569, 93570, 93572, 93573, 93574, 93576, 93577, 93578, 93580, 93638, 93643, 93684, 93686, 93689, 93887, 93888, 93889, 93890, 93891, 93892, 93893, 93894, 93895, 93896, 93897, 93898, 93903, 93904, 93905, 93927, 93928, 93929, 93930, 93931, 93932, 93933, 93936, 93937, 93938, 93939, 93941, 93943, 93945, 93983, 93984, 93985, 93986, 93987, 93988, 93989, 93990, 93991, 93992, 93993, 93994, 93995, 93996, 93997, 93998, 93999, 94000, 94001, 94002, 94003, 94004, 94559