Summary
The host is installed with Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to conduct a denial of service and potentially execute arbitrary code.
Impact Level: System/Application
Solution
Upgrade to Google Chrome 34.0.1847.137 or later,
For updates refer to http://www.google.com/chrome
Insight
The flaws are due to,
- A use-after-free error in WebSockets.
- An integer overflow error in the 'CharacterData::deleteData' and 'CharacterData::replaceData' functions in dom/CharacterData.cpp.
- A use-after-free error in the 'FrameSelection::updateAppearance' function in editing/FrameSelection.cpp related to editing.
Affected
Google Chrome version prior to 34.0.1847.137 on Linux.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1740, CVE-2014-1741, CVE-2014-1742 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)
- Adobe Air Multiple Vulnerabilities - November12 (Mac OS X)
- Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)
- Adobe Air Code Execution and DoS Vulnerabilities (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)