Google Chrome < 37.0.2062.94 Multiple Vulnerabilities
Critical Nessus Network Monitor Plugin ID 8359
SynopsisThe remote host is running an outdated web browser that may contain multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is a version prior to 37.0.2062.94 and is thus missing fixes for the following vulnerabilities:
- A critical group of bugs in V8, IPC, sync, and extensions that can lead to a sandbox escape and remote code execution (CVE-2014-3176, CVE-2014-3177)
- Use-after-free vulnerabilities in various browser components (CVE-2014-3168, CVE-2014-3169, CVE-2014-3171)
- Potential information disclosure due to uninitialized memory access (CVE-2014-3173, CVE-2014-3174)
- Undisclosed vulnerabilities within browser extensions related to debugging and permission dialog spoofing (CVE-2014-3170, CVE-2014-3172)
Other vulnerabilities have been fixed that were not disclosed by the vendor.
SolutionUpdate the Chrome browser to 37.0.2062.94 or later.