Google Chrome < 20.0.1132.43 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 6508

Synopsis

The remote host contains a web browser that is affected by multiple vulnerabilities.

Description

Versions of Google Chrome earlier than 20.0.1132.43 are potentially affected by the following vulnerabilities :

- An unspecified error allows access to iFrame fragment ID information, (CVE-2012-2815)

- An unspecified issue is triggered when sandboxed processes interfere with one another. (CVE-2012-2816)

- A user-after free issue exists in handling table sections which may allow for execution of arbitrary code. (CVE-2012-02817)

- An unspecified use-after-free flaw exists in the counter layout which may allow for execution of arbitrary code. (CVE-2012-2818)

- A flaw exists in the WebGL subsystem when the texSubImage2d implementation does not properly handle uploads to floating-point textures, which may allow a remote denial of service. (CVE-2012-2919)

- An out-of-bounds read error occurs during the handling of SVG filters, which may allow a remote denial of service. (CVE-2012-2820)

- A flaw exists in the autofill display. No further details have been provided. (CVE-2012-2821)

- An out-of-bounds read error occurs during the handling of PDF files, which may allow multiple unspecified remote denial of service attacks. (CVE-2012-2822)

- An user-after-free flaw exists during the handling of SVG resources, which may allow for execution of arbitrary code. (CVE-2012-2823, CVE-2012-2831)

- An user-after-free flaw exists in SVG painting. No further details have been provided. (CVE-2012-2824)

- An out-of-bounds read error occurs during texture conversion which may allow a remote denial of service. (CVE-2012-2826)

- An use-after-free flaw in the Mac GUI. No further details have been provided. (CVE-2012-2827)

- A flaw exists in improper sanitizing of user-supplied inputting resulting in multiple unspecified integer overflows with a specially crafted PDF file. (CVE-2012-2828)

- An user-after-free flaw is triggered during handling of first letters. No further details have been provided. (CVE-2012-2829)

- A flaw is triggered when an unspecified NULL pointer dereference occurs in array setting handling. (CVE-2012-2830)

- A flaw is triggered when a NULL pointer dereference occurs in a PDF image codec. (CVE-2012-2832)

- An overflow condition occurs when the PDF JS API fails to properly sanitize user-supplied input resulting in a buffer overflow. (CVE-2012-2833)

- An overflow condition occurs in the Matroska container which fails to properly sanitize user-supplied input resulting in an integer overflow. (CVE-2012-2834)

- A flaw exists in the way it loads dynamic-link-libraries (DLL). (CVE-2012-2764)

- A flaw is triggered when an unspecified wild read occurs during the handling of XSL. (CVE-2012-2825)

- This issue is only present on 64-bit Linux platforms. The libxml is prone to multiple unspecified overflow conditions. (CVE-2012-2807)

Solution

Upgrade to Google Chrome 20.0.1132.43 or later.

See Also

http://www.nessus.org/u?50aa8d41,http://www.nessus.org/u?c9fd4072

Plugin Details

Severity: High

ID: 6508

Family: Web Clients

Published: 7/5/2012

Updated: 3/6/2019

Nessus ID: 59735

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Patch Publication Date: 6/26/2012

Vulnerability Publication Date: 6/26/2012

Reference Information

CVE: CVE-2012-2815

BID: 54203