Lucene search

K
nessusTenable700131.PASL
HistoryJun 07, 2017 - 12:00 a.m.

Google Chrome < 59.0.3071.86 Multiple Vulnerabilities

2017-06-0700:00:00
Tenable
www.tenable.com
5

The version of Google Chrome installed on the remote host is prior to 59.0.3071.86, and is affected by multiple vulnerabilities :

  • An unspecified type confusion flaw exists that may allow a context-dependent attacker to potentially execute arbitrary code. No further details have been provided.
  • An out-of-bounds read flaw. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.
  • An unspecified flaw exists in Omnibox that may allow a context-dependent attacker to spoof the address. No further details have been provided.
  • A use-after-free error exists in print preview that may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.
  • An unspecified flaw exists in CSP reporting that may allow a context-dependent attacker to disclose potentially sensitive information. No further details have been provided.
  • An unspecified flaw exists in Omnibox that may allow a context-dependent attacker to spoof the address. No further details have been provided.
  • An overflow condition exists that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
  • An unspecified flaw exists in its mailto handling functionality. This may allow a context-dependent attacker to potentially inject arbitrary commands.
  • An unspecified flaw exists in Blink that may allow a context-dependent attacker to spoof the UI. No further details have been provided.
  • A use-after-free error exists in credit card autofill that may allow a context-dependent attacker to dereference already freed memory and have an unspecified impact.
  • An unspecified flaw exists that may allow a context-dependent attacker to bypass extension verification mechanisms. No further details have been provided.
  • An unspecified flaw exists in the credit card editor view related to insufficient hardening, which may allow a context-dependent attacker to potentially more easily disclose information related to credit cards.
  • An unspecified flaw exists in Blink which may allow a context-dependent attacker to spoof the UI. No further details have been provided.
  • A flaw exists on WebUI pages that is triggered as they improperly allow the execution of JavaScript. This may potentially allow a context-dependent attacker to execute JavaScript code.
  • An unspecified flaw exists that may allow a context-dependent attacker to have an unspecified impact. No further details have been provided.
Binary data 700131.pasl
VendorProductVersion
googlechrome