Detections
Analytics
Google Chrome < 17.0.963.65 Multiple Vulnerabilities
high Log Correlation Engine Plugin ID 800899
Synopsis
The remote host contains a web browser that is vulnerable to multiple attack vectors.Description
Versions of Google Chrome earlier than 17.0.963.65 are potentially affected by the following vulnerabilities :- Use-after-free errors exist related to 'v8 element wrapper', SVG value handling, SVG document handling, SVG use handling, multi-column handling, quote handling, class attribute handling, table section handling, flexbox with floats and SVG animation elements. (CVE-2011-3031, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3038, CVE-2011-3039, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044)
- An error exists in the 'Skia' drawing library that can allow buffer overflows. (CVE-2011-3033)
- Casting errors exist related to line box handling and anonymous block splitting. (CVE-2011-3036, CVE-2011-3037)
- An out-of-bounds read error exists related to text handling. (CVE-2011-3040)
Solution
Upgrade to Google Chrome 17.0.963.65 or later.See Also
googlechromereleases.blogspot.in/2012/03/chrome-stable-update.html
Plugin Details
Severity: High
ID: 800899
Family: Web Clients
Published: 3/5/2012
Nessus ID: 58206
Vulnerability Information
Patch Publication Date: 3/4/2012
Vulnerability Publication Date: 3/4/2012
Reference Information
CVE: CVE-2011-3031, CVE-2011-3032, CVE-2011-3033, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044
BID: 52271