Google Chrome < 14.0.835.163 Multiple Vulnerabilities

high Nessus プラグイン ID 56230
New! プラグインの深刻度には CVSS v3 が適用されるようになりました。

プラグインの深刻度は、デフォルトで CVSS v3 を使って計算されるように更新されました。プラグインに CVSS v3 スコアがない場合には、CVSS v2 を使って深刻度が計算されます。深刻度の表示設定は、[設定]のドロップダウンで切り替えができます。

概要

The remote host contains a web browser that is affected by multiple vulnerabilities.

説明

The version of Google Chrome installed on the remote host is earlier than 14.0.835.163 and is affected by multiple vulnerabilities:

- A race condition exists related to the certificate cache. (Issue #49377)

- The Windows Media Player plugin allows click-free access to the system Flash. (Issue #51464)

- MIME types are not treated authoritatively at plugin load time. (Issue #75070)

- An unspecified error allows V8 script object wrappers to crash. (Issue #76771)

- The included PDF functionality contains a garbage collection error. (Issue #78639)

- Out-of-bounds read issues exist related to media buffers, mp3 files, box handling, Khmer characters, video handling, Tibetan characters, and triangle arrays. (Issues #82438, #85041, #89991, #90134, #90173, #95563, #95625)

- An unspecified error allows data displayed in the URL to be spoofed. (Issue #83031)

- Use-after-free errors exist related to unload event handling, the document loader, plugin handling, ruby, table style handling, and the focus controller.
(Issues #89219, #89330, #91197, #92651, #94800, #93420, #93587)

- The URL bar can be spoofed in an unspecified manner related to the forward button. (Issue #89564)

- An NULL pointer error exists related to WebSockets.
(Issue #89795)

- An off-by-one error exists related to the V8 JavaScript engine. (Issue #91120)

- A stale node error exists related to CSS stylesheet handling. (Issue #92959)

- A cross-origin bypass error exists related to the V8 JavaScript engine. (Issue #93416)

- A double-free error exists related to XPath handling in libxml. (Issue #93472)

- Incorrect permissions are assigned to non-gallery pages. (Issue #93497)

- An improper string read occurs in the included PDF functionality. (Issue #93596)

- An unspecified error allows unintended access to objects built in to the V8 JavaScript engine.
(Issue #93906)

- Self-signed certificates are not pinned properly.
(Issue #95917)

- A variable-type confusion issue exists in the V8 JavaScript engine related to object sealing.
(Issue #95920)

ソリューション

Upgrade to Google Chrome 14.0.835.163 or later.

関連情報

http://www.nessus.org/u?642ea0af

プラグインの詳細

深刻度: High

ID: 56230

ファイル名: google_chrome_14_0_835_163.nasl

バージョン: 1.15

タイプ: local

エージェント: windows

ファミリー: Windows

公開日: 2011/9/19

更新日: 2018/11/15

依存関係: google_chrome_installed.nasl

リスク情報

VPR

リスクファクター: High

スコア: 8.9

CVSS v2

リスクファクター: High

Base Score: 9.3

Temporal Score: 8.1

ベクトル: AV:N/AC:M/Au:N/C:C/I:C/A:C

現状ベクトル: E:H/RL:OF/RC:C

脆弱性情報

CPE: cpe:/a:google:chrome

必要な KB アイテム: SMB/Google_Chrome/Installed

エクスプロイトが利用可能: true

エクスプロイトの容易さ: Exploits are available

パッチ公開日: 2011/9/16

脆弱性公開日: 2011/9/16

参照情報

CVE: CVE-2011-2830, CVE-2011-2834, CVE-2011-2835, CVE-2011-2836, CVE-2011-2838, CVE-2011-2839, CVE-2011-2840, CVE-2011-2841, CVE-2011-2843, CVE-2011-2844, CVE-2011-2846, CVE-2011-2847, CVE-2011-2848, CVE-2011-2849, CVE-2011-2850, CVE-2011-2851, CVE-2011-2852, CVE-2011-2853, CVE-2011-2854, CVE-2011-2855, CVE-2011-2856, CVE-2011-2857, CVE-2011-2858, CVE-2011-2859, CVE-2011-2860, CVE-2011-2861, CVE-2011-2862, CVE-2011-2864, CVE-2011-2874, CVE-2011-2875, CVE-2011-3234

BID: 49658, 49933

EDB-ID: 17929