Detections
Analytics
Google Chrome < 4.1.249.1059 Multiple Vulnerabilities
medium Nessus Network Monitor Plugin ID 5516
Synopsis
The remote host is using a web client that is vulnerable to multiple attack vectors.Description
The version of Google Chrome installed on the remote host is earlier than 4.1.249.1059. Such versions are reportedly affected by multiple vulnerabilities :- An error related to type confusion with forms. (39443)
- An HTTP request error leading to a possible cross-site request forgery. (39698)
- A local file reference through developer tools. (40136)
- A cross-site scripting issue in chrome: //net-internals. (40137)
- A cross-site scripting issue in chrome: //downloads. (40138)
- Pages might load with the privileges of the new tab page. (40575)
- A memory corruption vulnerability in the V8 bindings. (40635)
Solution
Upgrade to Google Chrome 4.1.249.1059 or later.See Also
http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html
Plugin Details
Severity: Medium
ID: 5516
Family: Web Clients
Published: 4/23/2010
Updated: 3/6/2019
Nessus ID: 45610
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.6
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:google:chrome
Patch Publication Date: 4/20/2010
Vulnerability Publication Date: 4/20/2010
Reference Information
CVE: CVE-2010-1500
BID: 39603