| VID |
28948 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Google Chrome installed on the remote Windows host is prior to 120.0.6099.62. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023_12_stable-channel-update-for-desktop advisory.
- Use after free in Media Stream. (CVE-2023-6508)
- Use after free in Side Panel Search. (CVE-2023-6509)
- Use after free in Media Capture. (CVE-2023-6510)
- Inappropriate implementation in Autofill. (CVE-2023-6511)
- Inappropriate implementation in Web Browser UI. (CVE-2023-6512)
* References:
https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html
https://crbug.com/1497984
https://crbug.com/1494565
https://crbug.com/1480152
https://crbug.com/1478613
https://crbug.com/1457702
* Platforms Affected:
Google Chrome versions prior to 120.0.6099.62
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Google Chrome (120.0.6099.62 or later), available from the Google Web site at http://www.google.com/chrome/ |
| Related URL |
CVE-2023-6508,CVE-2023-6509,CVE-2023-6510,CVE-2023-6511,CVE-2023-6512 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
