Google Chrome < 4.9.385.26 Multiple Vulnerabilities

🗓️ 20 Nov 2025 00:00:00Reported by TenableType

Chrome before 49.0.2623.75 has multiple vulnerabilities enabling DoS and same-origin policy bypass.

Reporter	Title	Published	Views	Family All 560
IBM Security Bulletins	Security Bulletin:Multiple Security Vulnerabilities exist in IBM Cognos Insight	24 Feb 202007:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Flex System Manager (FSM) is affected by libpng vulnerabilities (CVE-2015-7981, CVE-2015-8126)	18 Jun 201801:32	–	ibm
IBM Security Bulletins	Title Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Identity Governance and Intelligence 5.2	16 Jun 201821:39	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java affect IBM Netezza Analytics for NPS	31 May 202203:16	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in current releases of IBM® WebSphere Real Time	15 Jun 201807:04	–	ibm
IBM Security Bulletins	Security Bulletin: CICS Transaction Gateway for Multiplatforms	15 Jun 201807:05	–	ibm
IBM Security Bulletins	Security Bulletin: Gdal vulnerabilities affect IBM Netezza Analytics for NPS	3 Jun 202214:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java JRE, 8.0-1.1 affect IBM Netezza Platform Software clients.	7 Dec 202008:05	–	ibm
IBM Security Bulletins	Security Bulletin: January 2016 Java Platform Standard Edition Vulnerabilities in Multiple N Series Products	18 Jun 201800:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Forms Viewer may be affected by a known issue with libpng library (CVE-2015-8126, CVE-2015-8472)	16 Jun 201819:52	–	ibm

Source	Link
nessus	www.nessus.org/u
crbug	www.crbug.com/560011
crbug	www.crbug.com/569496
crbug	www.crbug.com/549986
crbug	www.crbug.com/572537
crbug	www.crbug.com/559292
crbug	www.crbug.com/585268
crbug	www.crbug.com/584155
crbug	www.crbug.com/560291
crbug	www.crbug.com/555544

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(275879);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/11/24");

  script_cve_id(
    "CVE-2015-8126",
    "CVE-2016-1630",
    "CVE-2016-1631",
    "CVE-2016-1632",
    "CVE-2016-1633",
    "CVE-2016-1634",
    "CVE-2016-1635",
    "CVE-2016-1636",
    "CVE-2016-1637",
    "CVE-2016-1638",
    "CVE-2016-1639",
    "CVE-2016-1640",
    "CVE-2016-1641",
    "CVE-2016-1642"
  );
  script_xref(name:"IAVB", value:"2016-B-0041-S");

  script_name(english:"Google Chrome < 4.9.385.26 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote Windows host is prior to 4.9.385.26. It is, therefore, affected by
multiple vulnerabilities as referenced in the 2016_03_stable-channel-update advisory.

  - Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a
    denial of service or possibly have other impact via unknown vectors. (CVE-2016-1642)

  - The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as
    used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote
    attackers to bypass the Same Origin Policy via a crafted web site. (CVE-2016-1630)

  - The PPB_Flash_MessageLoop_Impl::InternalRun function in
    content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before
    49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin
    Policy via a crafted web site. (CVE-2016-1631)

  - The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties,
    which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that
    triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h.
    (CVE-2016-1632)

  - Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote
    attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
    (CVE-2016-1633)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://chromereleases.googleblog.com/2016/03/stable-channel-update.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fcef0755");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/560011");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/569496");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/549986");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/572537");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/559292");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/585268");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/584155");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/560291");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/555544");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/585282");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/572224");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/550047");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/583718");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome version 4.9.385.26 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-1642");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/11/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/03/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/11/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("google_chrome_installed.nasl");
  script_require_keys("installed_sw/Google Chrome");

  exit(0);
}

include('vdf.inc');

# @tvdl-content-verify-only
var vuln_data = {
  "metadata": {
    "spec_version": "1.0"
  },
  "requires": [
    {
      "scope": "target",
      "match": {
        "os": "windows"
      }
    }
  ],
  "checks": [
    {
      "product": {
        "name": "Google Chrome",
        "type": "app"
      },
      "check_algorithm": "default",
      "constraints": [
        {
          "fixed_version": "4.9.385.26"
        }
      ]
    }
  ]
};

var vdf_result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:vdf_result);

24 Nov 2025 00:00Current

7.5High risk

Vulners AI Score7.5

CVSS 210

CVSS 39.8

EPSS0.05701