| VID |
28812 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Google Chrome which is older than 5.0.375.99 has been installed on the host. Google Chrome is a web browser released by Google. Google Chrome versions prior to 5.0.375.99 are vulnerable to multiple vulnerabilities.
- An unspecified error allows an out-of-bounds read with WebGL. (42396)
- An unspecified error exists in the process of isolating sandboxed iframes. (42575, 42980)
- An unspecified memory corruption error exists in the handling invalid SVG images. (43488)
- An unspecified memory corruption error exists in the implementation of a bidirectional algorithm. (44424)
- An unspecified error in the processing of certain invalid images can lead to application crashes.(45164)
- An unspecified memory corruption error exists in the processing of PNG images and can lead to application crashes. (45983)
- An unspecified memory corruption error exists in the processing of CSS. (46360)
- An unspecified error exists in the handling of print dialogs. (46575)
- An unspecified error exists in the handling of modal dialogs and can lead to application crashes. (47056)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://googlechromereleases.blogspot.kr/2010/07/stable-channel-update.html
* Platforms Affected:
Google Chrome versions prior to 5.0.375.99
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Google Chrome (5.0.375.99 or later), available from the Google Web site at http://www.google.com/chrome/ |
| Related URL |
CVE-2010-2645,CVE-2010-2646,CVE-2010-2647,CVE-2010-2648,CVE-2010-2649,CVE-2010-2650,CVE-2010-2651,CVE-2010-2652 (CVE) |
| Related URL |
41334 (SecurityFocus) |
| Related URL |
(ISS) |
|
