Google Chrome Multiple Vulnerabilities - 02 - May15 (Linux)

The host is installed with Google Chrome and is prone to multiple vulnerabilities.

Multiple flaws are due to: - Multiple unspecified vulnerabilities in Google V8. - Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem. - common/partial_circular_buffer.cc script in Google Chrome does not properly handle wraps. - Vulnerability in core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome. - Vulnerability in core/dom/Document.cpp in Blink, as used in Google Chrome which allows the inheritance of the designMode attribute. - Use-after-free vulnerability in content/renderer/media/webaudio_capturer_source.cc script in the WebAudio implementation. - Use-after-free vulnerability in the SVG implementation in Blink. - platform/graphics/filters/FEColorMatrix.cpp script in the SVG implementation in Blink. - Google Chrome relies on libvpx code that was not built with an appropriate size-limit value. - PDFium, as used in Google Chrome, does not properly initialize memory. - Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc script in the WebRTC implementation. - Cross-site scripting (XSS) vulnerability in Google Chrome. - The Spellcheck API implementation in Google Chrome before does not use an HTTPS session for downloading a Hunspell dictionary. - platform/fonts/shaping/HarfBuzzShaper.cpp script in Blink, does not initialize a certain width field.

Google Chrome version prior to 43.0.2357.65 on Linux.

Checks if a vulnerable version is present on the target host.

Upgrade to Google Chrome version 43.0.2357.65 or later.