Google Chrome < 40.0.2214.91 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 8889

Synopsis

The remote host is utilizing a web browser that is outdated and thus unpatched for multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote host is a version prior to 40.0.2214.91 and is thus missing fixes for the following vulnerabilities :

- A memory corruption vulnerability exists due to an error in Fonts. (CVE-2014-7938)
- Multiple memory corruption vulnerabilities exist due to an error in ICU. (CVE-2014-7923, CVE-2014-7926)
- Multiple memory corruption vulnerabilities exist due to an error in V8. (CVE-2014-7927, CVE-2014-7928, CVE-2014-7931)
- A same-origin policy bypass vulnerability exists due to an error in v8. (CVE-2014-7939)
- A security vulnerability occurs due to an uninitialized value in Fonts. (CVE-2014-7942)
- A security vulnerability occurs due to an uninitialized value in ICU. (CVE-2014-7940)
- A security bypass vulnerability occurs due to caching error in AppCache. (CVE-2014-7948)
- Multiple use-after-free vulnerabilities exist due to an error in DOM. (CVE-2014-7929, CVE-2014-7930, CVE-2014-7932, CVE-2014-7934)
- Multiple use-after-free vulnerabilities exist due to an error in FFmpeg. (CVE-2014-7933, CVE-2014-7937)
- A use-after-free vulnerability exists due to an error in IndexedDB. (CVE-2014-7924)
- A use-after-free vulnerability exists due to an error in Speech. (CVE-2014-7935)
- A use-after-free vulnerability exists due to an error in Views. (CVE-2014-7936)
- A use-after-free vulnerability exists due to an error in WebAudio. (CVE-2014-7925)
- Multiple out-of-bounds read vulnerabilities exist due to an error in PDFium. (CVE-2014-7944, CVE-2014-7945)
- An out-of-bounds read vulnerability exists due to an error in Fonts. (CVE-2014-7946)
- An out-of-bounds read vulnerability exists due to an error in PDFium. (CVE-2014-7947)
- An out-of-bounds read vulnerability exists due to an error in Skia. (CVE-2014-7943)
- An out-of-bounds read vulnerability exists due to an error in UI. (CVE-2014-7941)
- A flaw in the ScopedClipboard destructor in 'remoting/host/clipboard_win.cc' that is triggered as the CloseClipboard() API is not called with an anonymous access token. This may allow a context-dependent attacker to to bypass sandbox restrictions via an impersonation of the access token used by a system process. (CVE-2015-1205)
- Multiple unspecified vulnerabilities affecting Google V8 allow remote attackers to cause a denial of service or other unknown impacts. (CVE-2015-1346)
- Multiple off-by-one errors in 'fpdfapi/fpdf_font/font_int.h' in PDFium. This could allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted PDF document, related to an 'intra-object-overflow' issue. (CVE-2015-1359)
- A flaw in Skia due to improperly handling data during text drawing could allow a remote attacker to cause a denial of service or other unspecified impact. This affects 'gpu/GrBitmapTextContext.cpp' and 'gpu/GrDistanceFieldTextContext.cpp'. (CVE-2015-1360)

Solution

Update the Chrome browser to 40.0.2214.91, or later.

See Also

http://googlechromereleases.blogspot.com/2015/01/stable-update.html

Plugin Details

Severity: High

ID: 8889

Family: Web Clients

Published: 2/11/2015

Updated: 3/6/2019

Nessus ID: 80950

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Patch Publication Date: 1/22/2015

Vulnerability Publication Date: 1/22/2015

Reference Information

CVE: CVE-2014-7923

BID: 72288