Google Chrome < 54.0.2840.99 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 9790
SynopsisThe remote host is utilizing a web browser that is affected by multiple attack vectors.
DescriptionThe version of Google Chrome installed on the remote host is prior to 54.0.2840.99, and is affected by multiple vulnerabilities :
- An integer overflow condition exists in the 'mov_read_keys()' function in 'libavformat/mov.c' that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, crashing a process linked against the library or potentially allowing the execution of arbitrary code. (CVE-2016-5199)
- An out-of-bounds read flaw exists that is triggered when handling 'Math.sign'. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-5200)
- A flaw exists in the 'expose()' function in 'extensions/renderer/resources/utils.js'. This may allow a context-dependent attacker to disclose sensitive internal class information. (CVE-2016-5201)
- A flaw exist in the 'DialRegistry::PruneExpiredDevices()' function in 'chrome/browser/extensions/api/dial/dial_registry.cc'. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-5202)
SolutionUpdate the Chrome browser to 54.0.2840.99 or later.