Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.801312
Category:General
Title:Google Chrome Multiple Vulnerabilities (win)
Summary:This host is installed with Google Chrome Web Browser and is prone to; multiple vulnerabilities.
Description:Summary:
This host is installed with Google Chrome Web Browser and is prone to
multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An error in handling 'SVG' document.

- Multiple race conditions in the 'sandbox' infrastructure.

- An error in 'sandbox' infrastructure which does not properly use pointers.

- An error in proceesing of 'HTTP' headers, processes HTTP headers before
invoking the SafeBrowsing feature.

- not having the expected behavior for attempts to delete Web SQL
Databases and clear the 'Strict Transport Security (STS)' state.

- An error in processing of 'HTTP Basic Authentication dialog'.

- Multiple integer overflows errors when processing 'WebKit JavaScript'
objects.

- not properly restricting cross-origin operations, which has unspecified
impact and remote attack vectors.

Vulnerability Impact:
Successful exploitation will let the attacker execute arbitrary code, bypass
security restrictions, sensitive information disclosure, and can cause other
attacks.

Affected Software/OS:
Google Chrome version prior to 4.1.249.1036 on Windows.

Solution:
Upgrade to the version 4.1.249.1036 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-1228
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13829
Common Vulnerability Exposure (CVE) ID: CVE-2010-1229
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14220
Common Vulnerability Exposure (CVE) ID: CVE-2010-1230
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14292
Common Vulnerability Exposure (CVE) ID: CVE-2010-1231
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14332
Common Vulnerability Exposure (CVE) ID: CVE-2010-1232
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14000
Common Vulnerability Exposure (CVE) ID: CVE-2010-1233
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14023
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.vupen.com/english/advisories/2011/0212
Common Vulnerability Exposure (CVE) ID: CVE-2010-1234
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14275
Common Vulnerability Exposure (CVE) ID: CVE-2010-1235
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14297
Common Vulnerability Exposure (CVE) ID: CVE-2010-1236
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14067
Common Vulnerability Exposure (CVE) ID: CVE-2010-1237
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14374
CopyrightCopyright (C) 2010 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.