Google Chrome Multiple Vulnerabilities Network Vulnerability

Summary

This host has Google Chrome web browser installed, which is prone to arbitrary code execution and Denial of Service vulnerabilities.

Impact

A remote user could cause Denial of Service conditions or can execute arbitrary code by convincing the users to visit a malicious website. Impact Level : Application

Solution

Upgrade to Google Chrome 0.2.149.29 or later. For updates refer to http://www.google.com/chrome

Insight

Multiple flaws are due to: - the Browser failing to handle specially crafted HTML img tags, certain user-supplied data, HTTP view-source headers, and HTML href tags. - the Browser allows users to download arbitrary files without confirmation. - the Browser fails to perform adequate validation on user supplied data.

Affected

Google Chrome Version 0.2.149.27

References

http://evilfingers.com/advisory/google_chrome_poc.php
http://securitytracker.com/alerts/2008/Sep/1020823.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2008-6994, CVE-2008-6995, CVE-2008-6996, CVE-2008-6997, CVE-2008-6998

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Flash Player/Air Multiple Vulnerabilities - August10 (Win)
Apple Safari DoS or XSS Vulnerability - July09
Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Win)
AppSocket DoS
CUPS IPP Use-After-Free Denial of Service Vulnerability

Google Chrome multiple vulnerabilities

Take action and discover your vulnerabilities