Summary
The host is installed with Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to conduct a denial of service, bypass intended sandbox restrictions, compromise a user's system or an unknown impact.
Impact Level: System/Application
Solution
Upgrade to Google Chrome 34.0.1847.131 or later,
For updates refer to http://www.google.com/chrome
Insight
The flaws are due to,
- Multiple unspecified errors in V8.
- A type confusion error exists in v8.
- A type confusion error exists within DOM.
- A use-after-free error exists in Speech Recognition.
- An error exists related to compilation of Seccomp-BPF.
- Some unspecified errors exist.
- Integer overflow in api.cc in Google V8.
Affected
Google Chrome version prior to 34.0.1847.131 on Windows.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1730, CVE-2014-1731, CVE-2014-1732, CVE-2014-1733, CVE-2014-1734, CVE-2014-1735, CVE-2014-1736 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:C/I:N/A:N
Related Vulnerabilities
- Adobe Flash Media Server multiple vulnerabilities
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Windows
- Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Mac OS X)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Windows)
- Adobe AIR Security Bypass Vulnerability Jan14 (Windows)