Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Google Chrome Multiple Vulnerabilities - 02 - May15 (Linux)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The host is installed with Google Chrome and is prone to multiple vulnerabilities.
Insight
Insight
Multiple flaws are due to: - Multiple unspecified vulnerabilities in Google V8. - Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem. - common/partial_circular_buffer.cc script in Google Chrome does not properly handle wraps. - Vulnerability in core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome. - Vulnerability in core/dom/Document.cpp in Blink, as used in Google Chrome which allows the inheritance of the designMode attribute. - Use-after-free vulnerability in content/renderer/media/webaudio_capturer_source.cc script in the WebAudio implementation. - Use-after-free vulnerability in the SVG implementation in Blink. - platform/graphics/filters/FEColorMatrix.cpp script in the SVG implementation in Blink. - Google Chrome relies on libvpx code that was not built with an appropriate size-limit value. - PDFium, as used in Google Chrome, does not properly initialize memory. - Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc script in the WebRTC implementation. - Cross-site scripting (XSS) vulnerability in Google Chrome. - The Spellcheck API implementation in Google Chrome before does not use an HTTPS session for downloading a Hunspell dictionary. - platform/fonts/shaping/HarfBuzzShaper.cpp script in Blink, does not initialize a certain width field.
Affected Software
Affected Software
Google Chrome version prior to 43.0.2357.65 on Linux.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Upgrade to Google Chrome version 43.0.2357.65 or later.