Detections
Analytics

Google Chrome < 9.0.597.107 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 5807

Synopsis

The remote host contains a web browser that is vulnerable to multiple attack vectors.

Description

Versions of Google Chrome earlier than 9.0.597.107 are potentially affected by multiple vulnerabilities :

 - An unspecified error exists in the URL bar operations which can allow spoofing attacks. (54262)

 - An unspecified error exists in the processing of JavaScript dialogs. (63732)

 - An unspecified error exists in the processing of CSS nodes which can leave stale pointers in memory. (68263)

 - An unspecified error exists in the processing of key frame rules which can leave stale pointers in memory. (68741)

 - An unspecified error exists in the processing of form controls which can lead to application crashes. (70078)

 - An unspecified error exists in the rendering of SVG animations and other SVG content which can leave stale pointers in memory. (70244, 71296)

 - An unspecified error exists in the processing of tables which can leave stale nodes behind. (71114)

 - An unspecified error exists in the processing of tables which can leave stale pointers in memory. (71115)

 - An unspecified error exists in the processing of XHTML which can leave stale nodes behind. (71386)

 - An unspecified error exists in the processing of textarea elements which can lead to application crashes. (71388)

 - An unspecified error exists in the processing of device orientation which can leave stale pointers in memory. (71595)

 - An unspecified error exists in WebGL which allows out-of-bounds memory accesses. (71717, 71960)

 - An integer overflow exists in the processing of textarea elements which can lead to application crashes. (71855)

 - A use-after-free error exists in the processing of blocked plugins. (72437)

 - An unspecified error exists int he processing of layouts which can leave stale pointers in memory. (73235)

Solution

Upgrade to Google Chrome 9.0.597.107 or later.

See Also

http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html

Plugin Details

Severity: High

ID: 5807

Family: Web Clients

Published: 3/7/2011

Updated: 3/6/2019

Nessus ID: 52501

Risk Information

VPR

Risk Factor: Low

Score: 3.5

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Patch Publication Date: 2/28/2011

Vulnerability Publication Date: 2/28/2011

Reference Information

CVE: CVE-2011-1107

BID: 46614