Tenable800904.PRMGoogle Chrome < 2.0.172.37 Buffer Overflow
The version of Google Chrome installed on the remote host is earlier than 2.0.172.37. Such versions are reportedly affected by multiple vulnerabilities :
-
A heap overflow exists when evaluating specially crafted regular expressions in Javascript. This could lead to a denial of service or the remote execution of arbitrary code withing the Google Chrome sandbox.
-
A memory corruption issue exists in the renderer process that could cause a denial of service or possibly allow arbitrary code execution with the privileges of the logged on user.
-
A denial-of-service issue when the application handles a maliciously crafted webpage containing a βHTMLSelectElementβ object with a large length attribute.
Binary data 800904.prmReferences
googlechromereleases.blogspot.com/2009/07/stable-beta-update-security-fix.html
.nessus.org/u?8f3cdeb6
.securityfocus.com/archive/1/504969/100/0/threaded
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1692
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2535
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2555
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2556