Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Google Chrome < 37.0.2062.94 Multiple Vulnerabilities

Critical

Synopsis

The remote host is running an outdated web browser that may contain multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote host is a version prior to 37.0.2062.94 and is thus missing fixes for the following vulnerabilities:

- A critical group of bugs in V8, IPC, sync, and extensions that can lead to a sandbox escape and remote code execution (CVE-2014-3176, CVE-2014-3177)

- Use-after-free vulnerabilities in various browser components (CVE-2014-3168, CVE-2014-3169, CVE-2014-3171)

- Potential information disclosure due to uninitialized memory access (CVE-2014-3173, CVE-2014-3174)

- Undisclosed vulnerabilities within browser extensions related to debugging and permission dialog spoofing (CVE-2014-3170, CVE-2014-3172)

Other vulnerabilities have been fixed that were not disclosed by the vendor.

Solution

Update the Chrome browser to 37.0.2062.94 or later.