Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_GOOGLE_CHROME_37_0_2062_120.NASL
HistorySep 10, 2014 - 12:00 a.m.

Google Chrome < 37.0.2062.120 Multiple Vulnerabilities (Mac OS X)

2014-09-1000:00:00
This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.973

Percentile

99.9%

JSON

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 37.0.2062.120. It is, therefore, affected by the following vulnerabilities :

  • A use-after-free error exists related to rendering that allows a remote attacker to execute arbitrary code.
    (CVE-2014-3178)

  • Unspecified errors exist having unspecified impact.
    (CVE-2014-3179)

Note that the following issues exist due to the version of Adobe Flash bundled with the application :

  • Unspecified memory corruption issues exist that allow arbitrary code execution. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555)

  • An unspecified error exists that allows cross-origin policy violations. (CVE-2014-0548)

  • A use-after-free error exists that allows arbitrary code execution. (CVE-2014-0553)

  • An unspecified error exists that allows an unspecified security bypass. (CVE-2014-0554)

  • Unspecified errors exist that allow memory leaks leading to easier defeat of memory address randomization.
    (CVE-2014-0557)

  • Heap-based buffer overflow errors exist that allow arbitrary code execution. (CVE-2014-0556, CVE-2014-0559)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(77582);
  script_version("1.16");
  script_cvs_date("Date: 2019/11/25");

  script_cve_id(
    "CVE-2014-0547",
    "CVE-2014-0548",
    "CVE-2014-0549",
    "CVE-2014-0550",
    "CVE-2014-0551",
    "CVE-2014-0552",
    "CVE-2014-0553",
    "CVE-2014-0554",
    "CVE-2014-0555",
    "CVE-2014-0556",
    "CVE-2014-0557",
    "CVE-2014-0559",
    "CVE-2014-3178",
    "CVE-2014-3179"
  );
  script_bugtraq_id(
    69695,
    69696,
    69697,
    69699,
    69700,
    69701,
    69702,
    69703,
    69704,
    69705,
    69706,
    69707,
    69709,
    69710
  );

  script_name(english:"Google Chrome < 37.0.2062.120 Multiple Vulnerabilities (Mac OS X)");
  script_summary(english:"Checks the version number of Google Chrome.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Mac OS X host contains a web browser that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote Mac OS X host is
a version prior to 37.0.2062.120. It is, therefore, affected by the
following vulnerabilities :

  - A use-after-free error exists related to rendering that
    allows a remote attacker to execute arbitrary code.
    (CVE-2014-3178)

  - Unspecified errors exist having unspecified impact.
    (CVE-2014-3179)

Note that the following issues exist due to the version of Adobe Flash
bundled with the application :

  - Unspecified memory corruption issues exist that allow
    arbitrary code execution. (CVE-2014-0547, CVE-2014-0549,
    CVE-2014-0550, CVE-2014-0551, CVE-2014-0552,
    CVE-2014-0555)

  - An unspecified error exists that allows cross-origin
    policy violations. (CVE-2014-0548)

  - A use-after-free error exists that allows arbitrary
    code execution. (CVE-2014-0553)

  - An unspecified error exists that allows an unspecified
    security bypass. (CVE-2014-0554)

  - Unspecified errors exist that allow memory leaks leading
    to easier defeat of memory address randomization.
    (CVE-2014-0557)

  - Heap-based buffer overflow errors exist that allow
    arbitrary code execution. (CVE-2014-0556, CVE-2014-0559)");
  # http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_9.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?55269b52");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome 37.0.2062.120 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0559");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player copyPixelsToByteArray Method Integer Overflow');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/09/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_google_chrome_installed.nbin");
  script_require_keys("MacOSX/Google Chrome/Installed");

  exit(0);
}

include("google_chrome_version.inc");

get_kb_item_or_exit("MacOSX/Google Chrome/Installed");

google_chrome_check_version(fix:'37.0.2062.120', severity:SECURITY_HOLE, xss:FALSE);
VendorProductVersionCPE
googlechromecpe:/a:google:chrome

Related

nessus 19
openvas 16
redhat 1
suse 3
mageia 1
gentoo 2
freebsd 2
prion 14
ubuntucve 14
nvd 14
cvelist 14
cve 14
chrome 1
checkpoint_advisories 12
canvas 1
packetstorm 2
zdt 2
debiancve 2
metasploit 1
googleprojectzero 6
hackerone 3
exploitdb 1
threatpost 1
ubuntu 1
osv 1
securityvulns 2
debian 2
nessus
nessus
Google Chrome < 37.0.2062.120 Multiple Vulnerabilities
2014-09-10 00:00:00
GLSA-201409-05 : Adobe Flash Player: Multiple vulnerabilities
2014-09-22 00:00:00
Flash Player < 15.0.0.152 Multiple Vulnerabilities (APSB14-21)
2014-09-10 00:00:00
openvas
openvas
Adobe AIR Multiple Vulnerabilities-01 (Sep 2014) - Mac OS X
2014-09-12 00:00:00
Adobe Flash Player Multiple Vulnerabilities-01 (Sep 2014) - Mac OS X
2014-09-12 00:00:00
Gentoo Security Advisory GLSA 201409-05
2015-09-29 00:00:00
redhat
redhat
(RHSA-2014:1173) Critical: flash-plugin security update
2014-09-10 00:00:00
suse
suse
flash-player to 11.2.202.40 (important)
2014-09-10 17:04:13
update flash-player to 11.2.202.40 (important)
2014-09-16 01:04:20
Security update for flash-player (important)
2014-09-13 01:04:17
mageia
mageia
Updated flash-player-plugin packages fix multiple security vulnerabilities
2014-09-22 12:31:24
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-09-19 00:00:00
Chromium: Multiple vulnerabilities
2014-09-19 00:00:00
freebsd
freebsd
Flash player -- Multiple security vulnerabilities in www/linux-*-flashplugin11
2014-09-09 00:00:00
www/chromium -- multiple vulnerabilities
2014-09-09 00:00:00
prion
prion
Memory corruption
2014-09-10 01:55:00
Memory corruption
2014-09-10 01:55:00
Memory corruption
2014-09-10 01:55:00
ubuntucve
ubuntucve
CVE-2014-0551
2014-09-10 00:00:00
CVE-2014-0547
2014-09-10 00:00:00
CVE-2014-0550
2014-09-10 00:00:00
nvd
nvd
CVE-2014-0549
2014-09-10 01:55:07
CVE-2014-0550
2014-09-10 01:55:07
CVE-2014-0552
2014-09-10 01:55:08
cvelist
cvelist
CVE-2014-0555
2014-09-10 01:00:00
CVE-2014-0547
2014-09-10 01:00:00
CVE-2014-0549
2014-09-10 01:00:00
cve
cve
CVE-2014-0552
2014-09-10 01:55:08
CVE-2014-0547
2014-09-10 01:55:06
CVE-2014-0555
2014-09-10 01:55:08
chrome
chrome
Stable Channel Update
2014-09-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player and AIR String Concatenation Integer Overflow (CVE-2014-0550)
2014-10-14 00:00:00
Adobe Flash Player Memory Corruption (APSB14-21: CVE-2014-0552)
2014-09-21 00:00:00
Adobe Flash Player Memory Leakage (APSB14-21: CVE-2014-0557)
2014-11-13 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_COPYPIXELSTOBYTEARRAY
2014-09-10 01:55:00
packetstorm
packetstorm
Adobe Flash Player copyPixelsToByteArray Integer Overflow
2015-04-19 00:00:00
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
2014-09-30 00:00:00
zdt
zdt
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
2014-10-01 00:00:00
Adobe Flash Player copyPixelsToByteArray Integer Overflow Exploit
2015-04-19 00:00:00
debiancve
debiancve
CVE-2014-3179
2014-09-10 10:55:00
CVE-2014-3178
2014-09-10 10:55:00
metasploit
metasploit
Adobe Flash Player copyPixelsToByteArray Method Integer Overflow
2015-04-15 19:08:16
googleprojectzero
googleprojectzero
Exploiting CVE-2014-0556 in Flash
2014-09-23 00:00:00
The poisoned NUL byte, 2014 edition
2014-08-25 00:00:00
Significant Flash exploit mitigations are live in v18.0.0.209
2015-07-16 00:00:00
hackerone
hackerone
Internet Bug Bounty: Flash Local Sandbox Bypass
2014-09-09 20:51:19
Internet Bug Bounty: Adobe Flash Player MP4 Use-After-Free Vulnerability
2014-10-08 02:03:48
Internet Bug Bounty: Adobe Flash Player Out-of-Bound Access Vulnerability
2015-02-07 14:50:18
exploitdb
exploitdb
Adobe Flash Player - copyPixelsToByteArray Integer Overflow (Metasploit)
2015-04-21 00:00:00
threatpost
threatpost
Microsoft Warns of Crowti Ransomware
2014-10-29 14:20:49
ubuntu
ubuntu
Oxide vulnerabilities
2014-10-14 00:00:00
osv
osv
chromium-browser - security update
2014-09-28 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-10-05 00:00:00
Google Chrome / Chromium multiple security vulnerabilities
2014-10-05 00:00:00
debian
debian
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-09-28 18:48:40
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-09-28 18:48:40

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.973

Percentile

99.9%

JSON
Related for MACOSX_GOOGLE_CHROME_37_0_2062_120.NASL
nessus19openvas16redhat1suse3mageia1gentoo2freebsd2prion14ubuntucve14nvd14cvelist14cve14chrome1checkpoint_advisories12canvas1packetstorm2zdt2debiancve2metasploit1googleprojectzero6hackerone3exploitdb1threatpost1ubuntu1osv1securityvulns2debian2