Google Chrome < 65.0.3325.146 Multiple Vulnerabilities

2018-08-23T00:00:00
ID 700355.PASL
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00

Description

The version of Google Chrome installed on the remote host is prior to 65.0.3325.146, and is affected by multiple vulnerabilities :

  • A flaw exists in the 'xmlParseChunk()' function in 'parser.c' that is triggered when handling encoding errors. This may allow a context-dependent attacker to have an unspecified impact.
  • An out-of-bounds read flaw exists in the 'xmlParseNCNameComplex()' function in 'parser.c' that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.
  • A flaw exists in the 'ft_bitmap_assure_buffer()' function in 'base/ftbitmap.c' related to use of uninitialized memory. This may allow a context-dependent attacker to have an unspecified impact.

                                        
                                            Binary data 700355.pasl