| VID |
28827 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Google Chrome which is older than 8.0.552.237 has been installed on the host. Google Chrome is a web browser released by Google. Google Chrome versions prior to 8.0.552.237 are vulnerable to multiple vulnerabilities.
- A browser crash exists in extensions notification handling. (58053)
- Bad pointer handling exists in node iteration. (65764)
- Multiple crashes exist when printing multi-page PDFs.(66334)
- A stale pointer exists with CSS + canvas. (66560)
- A stale pointer exists with CSS + cursors. (66748)
- A use-after-free error exists in PDF handling. (67100)
- A stack corruption error exists after PDF out-of-memory conditions. (67208)
- A bad memory access issue exists when handling mismatched video frame sizes. (67303)
- A stale pointer exists with SVG use element. (67363)
- An uninitialized pointer exists in the browser which is triggered by rogue extensions. (67393)
- Multiple buffer overflows exist in the Vorbis decoder.(68115)
- A buffer overflow exists in PDF shading. (68170)
- A bad cast exists in anchor handling. (68178)
- A bad cast exists in video handling. (68181)
- A stale rendering node exists after DOM node removal.(68439)
- A stale pointer exists in speech handling. (68666)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html
* Platforms Affected:
Google Chrome versions prior to 8.0.552.237
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Google Chrome (8.0.552.237 or later), available from the Google Web site at http://www.google.com/chrome/ |
| Related URL |
CVE-2011-0470,CVE-2011-0471,CVE-2011-0472,CVE-2011-0473,CVE-2011-0474,CVE-2011-0475,CVE-2011-0476,CVE-2011-0477,CVE-2011-0478 (CVE) |
| Related URL |
45788 (SecurityFocus) |
| Related URL |
(ISS) |
|
