Google Chrome < 54.0.2840.99 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 9790

Synopsis

The remote host is utilizing a web browser that is affected by multiple attack vectors.

Description

The version of Google Chrome installed on the remote host is prior to 54.0.2840.99, and is affected by multiple vulnerabilities :

- An integer overflow condition exists in the 'mov_read_keys()' function in 'libavformat/mov.c' that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, crashing a process linked against the library or potentially allowing the execution of arbitrary code. (CVE-2016-5199)
- An out-of-bounds read flaw exists that is triggered when handling 'Math.sign'. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-5200)
- A flaw exists in the 'expose()' function in 'extensions/renderer/resources/utils.js'. This may allow a context-dependent attacker to disclose sensitive internal class information. (CVE-2016-5201)
- A flaw exist in the 'DialRegistry::PruneExpiredDevices()' function in 'chrome/browser/extensions/api/dial/dial_registry.cc'. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-5202)

Solution

Update the Chrome browser to 54.0.2840.99 or later.

Plugin Details

Severity: High

ID: 9790

Family: Web Clients

Published: 11/18/2016

Updated: 3/6/2019

Nessus ID: 94676

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Patch Publication Date: 11/9/2016

Vulnerability Publication Date: 10/21/2016

Reference Information

CVE: CVE-2016-5199

Detections

Analytics