Google Chrome < 40.0.2214.91 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 8889
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote host is utilizing a web browser that is outdated and thus unpatched for multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote host is a version prior to 40.0.2214.91 and is thus missing fixes for the following vulnerabilities :

- A memory corruption vulnerability exists due to an error in Fonts. (CVE-2014-7938)
- Multiple memory corruption vulnerabilities exist due to an error in ICU. (CVE-2014-7923, CVE-2014-7926)
- Multiple memory corruption vulnerabilities exist due to an error in V8. (CVE-2014-7927, CVE-2014-7928, CVE-2014-7931)
- A same-origin policy bypass vulnerability exists due to an error in v8. (CVE-2014-7939)
- A security vulnerability occurs due to an uninitialized value in Fonts. (CVE-2014-7942)
- A security vulnerability occurs due to an uninitialized value in ICU. (CVE-2014-7940)
- A security bypass vulnerability occurs due to caching error in AppCache. (CVE-2014-7948)
- Multiple use-after-free vulnerabilities exist due to an error in DOM. (CVE-2014-7929, CVE-2014-7930, CVE-2014-7932, CVE-2014-7934)
- Multiple use-after-free vulnerabilities exist due to an error in FFmpeg. (CVE-2014-7933, CVE-2014-7937)
- A use-after-free vulnerability exists due to an error in IndexedDB. (CVE-2014-7924)
- A use-after-free vulnerability exists due to an error in Speech. (CVE-2014-7935)
- A use-after-free vulnerability exists due to an error in Views. (CVE-2014-7936)
- A use-after-free vulnerability exists due to an error in WebAudio. (CVE-2014-7925)
- Multiple out-of-bounds read vulnerabilities exist due to an error in PDFium. (CVE-2014-7944, CVE-2014-7945)
- An out-of-bounds read vulnerability exists due to an error in Fonts. (CVE-2014-7946)
- An out-of-bounds read vulnerability exists due to an error in PDFium. (CVE-2014-7947)
- An out-of-bounds read vulnerability exists due to an error in Skia. (CVE-2014-7943)
- An out-of-bounds read vulnerability exists due to an error in UI. (CVE-2014-7941)
- A flaw in the ScopedClipboard destructor in 'remoting/host/clipboard_win.cc' that is triggered as the CloseClipboard() API is not called with an anonymous access token. This may allow a context-dependent attacker to to bypass sandbox restrictions via an impersonation of the access token used by a system process. (CVE-2015-1205)
- Multiple unspecified vulnerabilities affecting Google V8 allow remote attackers to cause a denial of service or other unknown impacts. (CVE-2015-1346)
- Multiple off-by-one errors in 'fpdfapi/fpdf_font/font_int.h' in PDFium. This could allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted PDF document, related to an 'intra-object-overflow' issue. (CVE-2015-1359)
- A flaw in Skia due to improperly handling data during text drawing could allow a remote attacker to cause a denial of service or other unspecified impact. This affects 'gpu/GrBitmapTextContext.cpp' and 'gpu/GrDistanceFieldTextContext.cpp'. (CVE-2015-1360)

Solution

Update the Chrome browser to 40.0.2214.91, or later.

See Also

http://googlechromereleases.blogspot.com/2015/01/stable-update.html

Plugin Details

Severity: High

ID: 8889

Family: Web Clients

Published: 2/11/2015

Updated: 3/6/2019

Nessus ID: 80950

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Patch Publication Date: 1/22/2015

Vulnerability Publication Date: 1/22/2015

Reference Information

CVE: CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7935, CVE-2014-7936, CVE-2014-7937, CVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941, CVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945, CVE-2014-7946, CVE-2014-7947, CVE-2014-7948, CVE-2015-1346, CVE-2015-1205, CVE-2015-1360, CVE-2015-1359

BID: 72288, 72858, 73076, 73077

IAVB: 2015-B-0038