SECUI Corporation


	Korean

<< Back

VID	28835
Severity	40
Port	139,445
Protocol	TCP
Class	SMB
Detailed Description	A version of Google Chrome which is older than 11.0.696.57 has been installed on the host. Google Chrome is a web browser released by Google. Google Chrome versions prior to 11.0.696.57 are vulnerable to multiple vulnerabilities. - A stale pointer exists in floating object handling. (61502) - It may be possible to bypass the pop-up blocker via plug-ins. (70538) - There is a lack of thread safety in MIME handling. (71586) - A bad extension with 'tabs' permission can capture local files. (72523) - Multiple integer overflows exist in float rendering.(73526) - A same origin policy violation exists with blobs. (74653) - A use-after-free error exists with <ruby> tags and CSS. (75186) - A bad cast exists with floating select lists. (75347) - Corrupt node trees exist with mutation events. (75801) - Multiple stale pointers exist in layering code. (76001) - An out-of-bounds read exists in SVG. (76646) - It is possible to spoof the URL bar with navigation errors and interrupted loads. (76666, 77507, 78031) - A stale pointer exists in drop-down list handling. (76966) - A stale pointer exists in height calculations. (77130) - A use-after-free error exists in WebSockets. (77346) - Multiple dandling pointers exist in file dialogs. (77349) - Multiple dangling pointers exist in DOM id map. (77463) - It is possible to spoof the URL bar with redirect and manual reload. (77786) - A use-after-free issue exists in DOM id handling. (79199) - An out-of-bounds read exists when handling multipart-encoded PDFs. (79361) - Multiple stale pointers exist with PDF forms. (79364) * Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts. * References: http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+GoogleChromeReleases+%28Google+Chrome+Releases%29&utm_content=Google+Reader * Platforms Affected: Google Chrome versions prior to 11.0.696.57 Microsoft Windows Any version
Recommendation	Upgrade to the latest version Google Chrome (11.0.696.57 or later), available from the Google Web site at http://www.google.com/chrome/
Related URL	CVE-2011-1303,CVE-2011-1304,CVE-2011-1434,CVE-2011-1435,CVE-2011-1437,CVE-2011-1438,CVE-2011-1440,CVE-2011-1441,CVE-2011-1442 (CVE)
Related URL	47604 (SecurityFocus)
Related URL	(ISS)