| VID |
28943 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Google Chrome installed on the remote Windows host is prior to 113.0.5672.126. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023_05_stable-channel-update-for-desktop_16 advisory.
- Use after free in Navigation. (CVE-2023-2721)
- Use after free in Autofill UI. (CVE-2023-2722)
- Use after free in DevTools. (CVE-2023-2723)
- Type Confusion in V8. (CVE-2023-2724)
- Use after free in Guest View. (CVE-2023-2725)
- Inappropriate implementation in WebApp Installs. (CVE-2023-2726)
* References:
https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html
https://crbug.com/1444360
https://crbug.com/1400905
https://crbug.com/1435166
https://crbug.com/1433211
https://crbug.com/1442516
https://crbug.com/1442018
* Platforms Affected:
Google Chrome versions prior to 113.0.5672.126
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Google Chrome (113.0.5672.126 or later), available from the Google Web site at http://www.google.com/chrome/ |
| Related URL |
CVE-2023-2721,CVE-2023-2722,CVE-2023-2723,CVE-2023-2724,CVE-2023-2725,CVE-2023-2726 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
