Detections
Analytics
Google Chrome < 4.1.249.1036 Multiple Vulnerabilities
high Log Correlation Engine Plugin ID 800911
Synopsis
The remote host is using a web client that is vulnerable to multiple attack vectors.Description
The version of Google Chrome installed on the remote host is earlier than 4.1.249.1036. Such versions are potentially affected by multiple vulnerabilities :- Multiple race conditions and pointer errors in the sandbox infrastructure. (28804, 31880)
- An error relating to persisted metadata such as web Databases and STS. (20801, 33445)
- HTTP headers are processed before the SafeBrowsing check. (33572)
- A memory error with malformed SVG. (34978)
- Multiple integer overflows in WebKit JavaScript objects. (35724)
- The HTTP basic auth dialog truncates URLs. (36772)
- It is possible to bypass the download warning dialog. (37007)
- An unspecified cross-origin bypass vulnerability. (37383)
- A memory error relating to empty SVG elements. Note that this only affects Chrome Beta version. (37061)
Solution
Upgrade to Google Chrome 4.1.249.1036See Also
googlechromereleases.blogspot.com/2010/03/stable-channel-update.html
Plugin Details
Severity: High
ID: 800911
Family: Web Clients
Published: 3/18/2010
Nessus ID: 45086
Vulnerability Information
Patch Publication Date: 3/17/2010
Vulnerability Publication Date: 3/17/2010
Reference Information
BID: 38829