Google Chrome < 29.0.1547.57 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 6998

Synopsis

The remote host contains a web browser that is affected by multiple vulnerabilities

Description

The remote host has Google Chrome browser installed. Versions of Google Chrome prior to 29.0.1547.57 are affected by the following vulnerabilities :

- Various unspecified errors exist. No further details have been provided. (CVE-2013-2887)

- An input-validation error exists related to incomplete paths and file handling. (CVE-2013-2900)

- An integer overflow error exists related to 'ANGLE'.(CVE-2013-2901)

- Use-after-free errors exist related to 'XSLT', the 'media' element and document parsing. (CVE-2013-2902, CVE-2013-2903, CVE-2013-2904)

- An error exists related to shared memory files that could lead to the disclosure of sensitive information.(CVE-2013-2905)

Solution

Upgrade to Google Chrome 29.0.1547.57 or later.

See Also

http://www.nessus.org/u?51dcd991

Plugin Details

Severity: High

ID: 6998

Family: Web Clients

Published: 2013/08/22

Modified: 2016/12/06

Dependencies: 1735, 8314

Nessus ID: 69423

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Patch Publication Date: 2013/08/20

Vulnerability Publication Date: 2013/08/20

Reference Information

CVE: CVE-2013-2887, CVE-2013-2900, CVE-2013-2901, CVE-2013-2902, CVE-2013-2903, CVE-2013-2904, CVE-2013-2905

BID: 61885, 61886, 61887, 61888, 61889, 61890, 61891