Google Chrome < 46.0.2490.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is prior to 46.0.2490.71 and is affected by multiple vulnerabilities :

• Google Chrome contains an unspecified high severity flaw that may allow a context-dependent attacker to have an unspecified impact. No further details have been provided by the vendor. (CVE-2015-6763)
• Google Chrome contains a use-after-free error in ‘service_worker/embedded_worker_instance.cc’ that is triggered when handling ‘EmbeddedWorkerInstance’ startup sequence failures. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2015-6757)
• Google Chrome contains a flaw in the ContainerNode::parserInsertBefore() function in ‘dom/ContainerNode.cpp’ that is triggered when removing a specific child during reparenting. This may allow a context-dependent attacker to bypass the same-origin policy. (CVE-2015-6755)
• Google Chrome contains a flaw in the shouldTreatAsUniqueOrigin() function in ‘weborigin/SecurityOrigin.cpp’ that is triggered when handling the origin of a LocalStorage resource. This may allow a context-dependent attacker to disclose potentially sensitive information. (CVE-2015-6759)
• Google Chrome contains a flaw in the CSSFontFaceSrcValue::fetch() function in ‘css/CSSFontFaceSrcValue.cpp’ that is triggered when handling CSS fonts. This may allow a context-dependent attacker to bypass Cross-Origin Resource Sharing (CORS) restrictions. (CVE-2015-6762)
• Google V8 contains a use-after-free error in the SlotsBuffer::RemoveInvalidSlots() function in heap/mark-compact.cc. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2015-7834)
• Google PDFium contains a use-after-free error in the CPDFSDK_Annot::GetPDFAnnot() function. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code (CVE-2015-6768).
• Google PDFium contains a type-casting flaw in the CPDF_Document::GetPage() function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2015-6758)
• ANGLE contains a flaw in the Image11::map() function in libANGLE/renderer/d3d/d3d11/Image11.cpp that is triggered when handling mapping failures after device-lost events. This may allow a context-dependent attacker to have an unspecified impact in an application linked against the library. (CVE-2015-6760)
• FFmpeg contains a race condition in the update_dimensions() function in libavcodec/vp8.c. The issue is triggered when handling multi-threaded operations based on the coefficient-partition count. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2015-6761)