Summary
The host is installed with Google Chrome
and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers
to spoof certain content, bypass certain security restrictions, and compromise a user's system.
Solution
Upgrade to Google Chrome version 37.0.2062.94
or later, For updates refer to http://www.google.com/chrome
Insight
Multiple Flaws are due to,
- Some errors within V8, IPC, sync, and extensions.
- A use-after-free error exists within SVG.
- A use-after-free error exists within DOM.
- An error within Extension permission dialog.
- A use-after-free error exists within bindings.
- An error exists within extension debugging.
- An uninitialized memory read error exists in WebGL.
- An uninitialized memory read error exists in Web Audio.
- and some unspecified errors exist.
Affected
Google Chrome version prior to 37.0.2062.94
on Linux.
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-3168, CVE-2014-3169, CVE-2014-3170, CVE-2014-3171, CVE-2014-3172, CVE-2014-3173, CVE-2014-3174, CVE-2014-3175, CVE-2014-3176, CVE-2014-3177 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities - Windows
- Adobe Acrobat Multiple Unspecified Vulnerabilities - Mac OS X
- Adobe Air Code Execution and DoS Vulnerabilities (Windows)
- Adobe ExtendedScript Toolkit (ESTK) Insecure Library Loading Vulnerability (Win)
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Windows)