Detections
Analytics
Google Chrome < 45.0.2454.101 Multiple Vulnerabilities
high Nessus Network Monitor Plugin ID 9015
Synopsis
The remote host is utilizing a web browser that is affected by multiple vulnerabilities.Description
The version of Google Chrome installed on the remote host is prior to 45.0.2454.101 and is affected by multiple vulnerabilities :- An unspecified DOM same origin policy bypass exists. This may allow a context-dependent attacker to bypass the same-origin policy. No further details have been provided by the vendor. (CVE-2015-1303)
- Google Chrome's V8 version contains a flaw that is triggered when handling 'Object.observe' calls on access-checked objects. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2015-1304)
Solution
Update the Chrome browser to 45.0.2454.101 or later.See Also
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update_24.html
Plugin Details
Severity: High
ID: 9015
Family: Web Clients
Published: 12/4/2015
Updated: 3/6/2019
Nessus ID: 86209
Risk Information
VPR
Risk Factor: Medium
Score: 5.8
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 6.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:google:chrome
Patch Publication Date: 9/24/2015
Vulnerability Publication Date: 9/24/2015
Reference Information
CVE: CVE-2015-1303
BID: 76844