Summary
The host is installed with Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to conduct a denial of service, bypass intended sandbox restrictions, compromise a user's system or an unknown impact.
Impact Level: System/Application
Solution
Upgrade to Google Chrome 34.0.1847.131 or later,
For updates refer to http://www.google.com/chrome
Insight
The flaws are due to,
- Multiple unspecified errors in V8.
- A type confusion error exists in v8.
- A type confusion error exists within DOM.
- A use-after-free error exists in Speech Recognition.
- An error exists related to compilation of Seccomp-BPF.
- Some unspecified errors exist.
- Integer overflow in api.cc in Google V8.
Affected
Google Chrome version prior to 34.0.1847.131 on Mac OS X.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1730, CVE-2014-1731, CVE-2014-1732, CVE-2014-1733, CVE-2014-1734, CVE-2014-1735, CVE-2014-1736 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:C/I:N/A:N
Related Vulnerabilities
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Linux)
- Adobe Flash Player 9.0.115.0 and earlier vulnerability (Lin)
- Adobe Acrobat Remote Code Execution Vulnerability(Win)
- Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Mac OS X)
- Adobe Air Multiple Vulnerabilities - December12 (Windows)