Google Chrome < 0.3.154.9 Address Spoofing

medium Nessus Network Monitor Plugin ID 4748

Synopsis

The remote host contains a web browser that is affected by an address spoofing vulnerability.

Description

The version of Google Chrome installed on the remote host is earlier than 0.3.154.9. Such versions are reportedly are affected by an address spoofing vulnerability in pop-ups. An attacker can leverage this issue to manipulate a window's address bar to show a different address than the actual origin of the content.

Solution

Upgrade to version 0.3.154.9 or higher.

See Also

http://googlechromereleases.blogspot.com/2008/10/beta-release-031549.html,http://www.securityfocus.com/archive/1/498232/30/0/threaded

Plugin Details

Severity: Medium

ID: 4748

Family: Web Clients

Published: 11/12/2008

Updated: 3/6/2019

Nessus ID: 34742

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:google:chrome

Reference Information

BID: 32258