Summary
The host is installed with Google Chrome
and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers
to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to Google Chrome version 39.0.2171.65
or later, For updates refer to http://www.google.com/chrome
Insight
Multiple Flaws are due to,
- A use-after-free error in pdfium.
- An integer overflow error in pdfium.
- Another use-after-free error in pdfium.
- An unspecified error in pdfium.
- An unspecified error in Skia.
- A use-after-free error in pepper plugins.
- Multiple use-after-free errors in blink.
- An integer overflow error in media.
- An unspecified error in Skia.
- Other Multiple unspecified errors.
- An unspecified error that can be exploited to spoof the address bar.
Affected
Google Chrome version prior to 39.0.2171.65
on Linux.
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-7899, CVE-2014-7900, CVE-2014-7901, CVE-2014-7902, CVE-2014-7903, CVE-2014-7904, CVE-2014-7906, CVE-2014-7907, CVE-2014-7908, CVE-2014-7909, CVE-2014-7910 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Windows)
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Windows)
- Adobe Air Code Execution and DoS Vulnerabilities (Windows)
- 7T Interactive Graphical SCADA System Multiple Security Vulnerabilities