Lucene search
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_GOOGLE_CHROME_30_0_1599_101.NASLHistoryNov 13, 2013 - 12:00 a.m.
Google Chrome < 30.0.1599.101 Multiple Vulnerabilities (Mac OS X)
2013-11-1300:00:00
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.025
Percentile
90.2%
The version of Google Chrome installed on the remote host is a version prior to 30.0.1599.101. It is, therefore, affected by multiple vulnerabilities :
-
Use-after-free errors exist related to editing, forms, and XmlHttpRequest (XHR). (CVE-2013-2925, CVE-2013-2926, CVE-2013-2927)
-
Various, unspecified errors exist. (CVE-2013-2928)
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(70892);
script_version("1.7");
script_cvs_date("Date: 2019/11/27");
script_cve_id(
"CVE-2013-2925",
"CVE-2013-2926",
"CVE-2013-2927",
"CVE-2013-2928"
);
script_bugtraq_id(
63024,
63025,
63026,
63028
);
script_name(english:"Google Chrome < 30.0.1599.101 Multiple Vulnerabilities (Mac OS X)");
script_summary(english:"Checks version number of Google Chrome");
script_set_attribute(attribute:"synopsis", value:
"The remote Mac OS X host contains a web browser that is affected by
multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote host is a version
prior to 30.0.1599.101. It is, therefore, affected by multiple
vulnerabilities :
- Use-after-free errors exist related to editing, forms,
and XmlHttpRequest (XHR). (CVE-2013-2925, CVE-2013-2926,
CVE-2013-2927)
- Various, unspecified errors exist. (CVE-2013-2928)");
# http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b19cce80");
script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome 30.0.1599.101 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-2928");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/10/15");
script_set_attribute(attribute:"patch_publication_date", value:"2013/10/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/13");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MacOS X Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("macosx_google_chrome_installed.nbin");
script_require_keys("MacOSX/Google Chrome/Installed");
exit(0);
}
include("google_chrome_version.inc");
get_kb_item_or_exit("MacOSX/Google Chrome/Installed");
google_chrome_check_version(fix:'30.0.1599.101', severity:SECURITY_HOLE);
Related
nessus
nessus
Google Chrome < 30.0.1599.101 Multiple Vulnerabilities
2013-10-18 00:00:00
openSUSE Security Update : chromium (openSUSE-SU-2013:1729-1)
2014-06-13 00:00:00
Google Chrome < 30.0.1599.101 Multiple Vulnerabilities
2013-11-11 00:00:00
openvas
openvas
Google Chrome Multiple Vulnerabilities-02 (Oct 2013) - Mac OS X
2013-10-23 00:00:00
Google Chrome Multiple Vulnerabilities-02 (Oct 2013) - Linux
2013-10-23 00:00:00
Mageia: Security Advisory (MGASA-2013-0321)
2022-01-28 00:00:00
chrome
chrome
Stable Channel Update
2013-10-15 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2013-10-15 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix multiple vulnerabilities
2013-11-09 22:58:53
threatpost
threatpost
Google Fixes Three High-Risk Flaws in Chrome
2013-10-15 13:37:29
May 2014 Apple Safari Browser Security Patches
2014-05-23 09:03:49
cvelist
cvelist
ubuntucve
ubuntucve
nvd
nvd
debiancve
debiancve
prion
prion
Design/Logic Flaw
2013-10-16 20:55:00
Design/Logic Flaw
2013-10-16 20:55:00
Design/Logic Flaw
2013-10-16 20:55:00
cve
cve
suse
suse
chromium: 31.0.1650.57 version update (important)
2013-11-27 20:04:13
chromium: update to 31.0.1650.57 (important)
2013-12-12 18:05:02
debian
debian
[SECURITY] [DSA 2785-1] chromium-browser security update
2013-10-26 19:03:01
[SECURITY] [DSA 2785-1] chromium-browser security update
2013-10-26 19:03:01
osv
osv
chromium-browser - several
2013-10-26 00:00:00
securityvulns
securityvulns
APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3
2014-04-03 00:00:00
Apple Safari multiple security vulnerabilities
2014-04-03 00:00:00
APPLE-SA-2014-03-10-2 Apple TV 6.1
2014-03-13 00:00:00
gentoo
gentoo
Chromium, V8: Multiple vulnerabilities
2014-03-05 00:00:00
thn
thn
Apple Patches 22 Safari WebKit Vulnerabilities
2014-05-23 20:33:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.025
Percentile
90.2%
Related for MACOSX_GOOGLE_CHROME_30_0_1599_101.NASL