Google Chrome < 65.0.3325.146 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 700355
SynopsisThe remote host is utilizing a web browser that is affected by multiple attack vectors.
DescriptionThe version of Google Chrome installed on the remote host is prior to 65.0.3325.146, and is affected by multiple vulnerabilities :
- A flaw exists in the 'xmlParseChunk()' function in 'parser.c' that is triggered when handling encoding errors. This may allow a context-dependent attacker to have an unspecified impact.
- An out-of-bounds read flaw exists in the 'xmlParseNCNameComplex()' function in 'parser.c' that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.
- A flaw exists in the 'ft_bitmap_assure_buffer()' function in 'base/ftbitmap.c' related to use of uninitialized memory. This may allow a context-dependent attacker to have an unspecified impact.
SolutionUpgrade to Chrome version 65.0.3325.146 or later.