Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Google Chrome Multiple Vulnerabilities-02 Feb2014 (Windows)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The host is installed with Google Chrome and is prone to multiple vulnerabilities.
Insight
Insight
Multiple flaws are due to, - An unspecified error in 'sandbox/win/src/named_pipe_dispatcher.cc' related to relative paths in Windows sandbox named pipe policy. - A use-after-free error related to web contents can be exploited to cause memory corruption. - An unspecified error exists in 'SVGAnimateElement::calculateAnimatedValue' function related to type casting in SVG. - A use-after-free error related to layout can be exploited to cause memory corruption. - An error in XSS auditor 'XSSAuditor::init' function can be exploited to disclose certain information. - Another error in XSS auditor can be exploited to disclose certain information. - Another use-after-free error related to layout can be exploited to cause memory corruption - An unspecified error exists in 'SSLClientSocketNSS::Core::OwnAuthCertHandler' function related to certificates validation in TLS handshake. - An error in drag and drop can be exploited to disclose unspecified information. - Some unspecified errors exist. No further information is currently available.
Affected Software
Affected Software
Google Chrome version prior to 33.0.1750.117 on Windows
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Upgrade to version 33.0.1750.117 or later.