Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Google Chrome < 15.0.874.120 Multiple Vulnerabilities

High

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description

Versions of Google Chrome earlier than 15.0.874.120 are affected by multiple vulnerabilities :

- A double-free error exists in the Theora decoder. (CVE-2011-3892)

- Out-of-bounds read errors exist in the MVK and Vorbis media handlers. (CVE-2011-3892)

- A memory corruption error exists in the VP8 decoding. (CVE-2011-3894)

- A heap overflow error exists in the Vorbis decoder. (CVE-2011-3895)

- A buffer overflow error exists in the shader variable mapping functionality. (CVE-2011-3896)

- A use-after-free error exists related to unspecified editing. (CVE-2011-3897)

- In JRE7, applets are allowed to run without the proper permissions. (CVE-2011-3898)

Solution

Upgrade to Google Chrome 15.0.874.120 or later.