Google Chrome < 14.0.835.202 Multiple Vulnerabilities

high Log Correlation Engine Plugin ID 800905

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description

Versions of Google Chrome earlier than 14.0.835.202 are affected by multiple vulnerabilities :

- A use-after-free issue exists in text line box handling. (Issue 93788)

- A stale font issue exists in SVG text handling. (Issue 95072)

- An inappropriate cross-origin access to the window prototype exists. (Issue 95671)

- Lifetime and threading issues exist in audio node handling. (Issue 96150)

- A use-after-free issue exists in the v8 bindings. (Issues 97451, 97520, 97615)

- A memory corruption issue exists in v8 hidden objects. (Issue 97784)

- A memory corruption issue exists in the shader translator. (Issue 98089)

Solution

Upgrade to Google Chrome 14.0.835.202 or later.

See Also

googlechromereleases.blogspot.com/2011/10/stable-channel-update.html

Plugin Details

Severity: High

ID: 800905

Family: Web Clients

Published: 10/4/2011

Nessus ID: 56391

Vulnerability Information

Patch Publication Date: 10/4/2011

Vulnerability Publication Date: 10/4/2011

Reference Information

CVE: CVE-2011-2876, CVE-2011-2877, CVE-2011-2878, CVE-2011-2879, CVE-2011-2880, CVE-2011-2881, CVE-2011-3873

BID: 49938