Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2012 Greenbone AGOPENVAS:1361412562310903005
HistoryMar 26, 2012 - 12:00 a.m.

Google Chrome Multiple Vulnerabilities (Mar 2012) - Linux

2012-03-2600:00:00
Copyright (C) 2012 Greenbone AG
plugins.openvas.org
13

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

High

0.142 Low

EPSS

Percentile

95.7%

JSON

Google Chrome is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.903005");
  script_version("2024-02-19T05:05:57+0000");
  script_cve_id("CVE-2011-3049", "CVE-2011-3052", "CVE-2011-3053", "CVE-2011-3054",
                "CVE-2011-3055", "CVE-2011-3056", "CVE-2011-3057", "CVE-2011-3051",
                "CVE-2011-3050", "CVE-2011-3045");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"2024-02-19 05:05:57 +0000 (Mon, 19 Feb 2024)");
  script_tag(name:"creation_date", value:"2012-03-26 16:40:40 +0530 (Mon, 26 Mar 2012)");
  script_name("Google Chrome Multiple Vulnerabilities (Mar 2012) - Linux");
  script_xref(name:"URL", value:"http://secunia.com/advisories/48512/");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/52674");
  script_xref(name:"URL", value:"http://www.securitytracker.com/id/1026841");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.in/2012/03/stable-channel-update_21.html");

  script_category(ACT_GATHER_INFO);
  script_tag(name:"qod_type", value:"executable_version");
  script_copyright("Copyright (C) 2012 Greenbone AG");
  script_family("General");
  script_tag(name:"solution_type", value:"VendorFix");
  script_dependencies("gb_google_chrome_detect_lin.nasl");
  script_mandatory_keys("Google-Chrome/Linux/Ver");
  script_tag(name:"impact", value:"Successful exploitation could allow attackers to execute arbitrary code,
  cause a denial of service.");
  script_tag(name:"affected", value:"Google Chrome version prior to 17.0.963.83 on Linux");
  script_tag(name:"insight", value:"The flaws are due to

  - Not properly restrict the extension web request API.

  - Memory corruption in WebGL canvas handling.

  - Use-after-free in block splitting.

  - An error in WebUI privilege implementation which fails to properly perform
    isolation.

  - Prompt in the browser native UI for unpacked extension installation.

  - Cross-origin violation with magic iframe.

  - An invalid read error exists within v8.

  - A use-after-free error exists when handling CSS cross-fade.

  - A use-after-free error exists when handling the first letter.

  - An error exists in the bundled version of libpng.");
  script_tag(name:"solution", value:"Upgrade to Google Chrome version 17.0.963.83 or later.");
  script_tag(name:"summary", value:"Google Chrome is prone to multiple vulnerabilities.");

  exit(0);
}

include("version_func.inc");

chromeVer = get_kb_item("Google-Chrome/Linux/Ver");
if(!chromeVer){
  exit(0);
}

if(version_is_less(version:chromeVer, test_version:"17.0.963.83")){
  security_message( port: 0, data: "The target host was found to be vulnerable" );
  exit(0);
}

exit(99);

Related

openvas 63
nessus 41
freebsd 2
suse 1
chrome 2
threatpost 2
gentoo 3
nvd 10
ubuntucve 10
veracode 1
debiancve 8
prion 10
cve 10
fedora 10
amazon 1
checkpoint_advisories 1
debian 1
cvelist 10
altlinux 1
centos 1
oraclelinux 1
redhat 2
ubuntu 3
securityvulns 3
slackware 1
ibm 1
openvas
openvas
Google Chrome Multiple Vulnerabilities (Mar 2012) - Mac OS X
2012-03-26 00:00:00
Google Chrome Multiple Vulnerabilities (Linux) - Mar 12
2012-03-26 00:00:00
Google Chrome Multiple Vulnerabilities (Windows) - Mar 12
2012-03-26 00:00:00
nessus
nessus
FreeBSD : chromium -- multiple vulnerabilities (330106da-7406-11e1-a1d7-00262d5ed8ee)
2012-03-23 00:00:00
Google Chrome < 17.0.963.83 Multiple Vulnerabilities
2012-03-22 00:00:00
Google Chrome < 17.0.963.83 Multiple Vulnerabilities
2012-03-21 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2012-03-21 00:00:00
chromium -- multiple vulnerabilities
2012-03-28 00:00:00
suse
suse
update for chromium, v8 (important)
2012-04-04 18:08:16
chrome
chrome
Stable Channel Update
2012-03-21 00:00:00
Stable Channel Release and Beta Channel Update
2012-03-28 00:00:00
threatpost
threatpost
Six High-Risk Flaws Fixed in Google Chrome
2012-03-22 11:55:24
Google Releases Chrome 18, Fixes Nine Security Flaws
2012-03-29 11:40:54
gentoo
gentoo
Chromium: Multiple vulnerabilities
2012-03-25 00:00:00
Chromium, V8: Multiple vulnerabilities
2012-03-30 00:00:00
libpng: Multiple vulnerabilities
2012-06-22 00:00:00
nvd
nvd
CVE-2011-3052
2012-03-22 16:55:01
CVE-2011-3054
2012-03-22 16:55:01
CVE-2011-3050
2012-03-22 16:55:01
ubuntucve
ubuntucve
CVE-2011-3057
2012-03-22 00:00:00
CVE-2011-3050
2012-03-22 00:00:00
CVE-2011-3052
2012-03-22 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:11:53
debiancve
debiancve
CVE-2011-3052
2012-03-22 16:55:00
CVE-2011-3049
2012-03-23 10:55:00
CVE-2011-3051
2012-03-22 16:55:00
prion
prion
Memory corruption
2012-03-22 16:55:00
Code injection
2012-03-23 10:55:00
Design/Logic Flaw
2012-03-22 16:55:00
cve
cve
CVE-2011-3051
2012-03-22 16:55:01
CVE-2011-3052
2012-03-22 16:55:01
CVE-2011-3050
2012-03-22 16:55:01
fedora
fedora
[SECURITY] Fedora 17 Update: libpng-1.5.9-1.fc17
2012-03-16 21:25:52
[SECURITY] Fedora 17 Update: libpng10-1.0.58-1.fc17
2012-03-13 18:44:11
[SECURITY] Fedora 16 Update: libpng10-1.0.58-1.fc16
2012-03-19 03:24:40
amazon
amazon
Medium: libpng
2012-03-23 14:13:00
checkpoint_advisories
checkpoint_advisories
libpng png_inflate Buffer Overflow (CVE-2011-3045)
2012-05-14 00:00:00
debian
debian
[SECURITY] [DSA 2439-1] libpng security update
2012-03-22 22:22:28
cvelist
cvelist
CVE-2011-3052
2012-03-22 16:00:00
CVE-2011-3051
2012-03-22 16:00:00
CVE-2011-3050
2012-03-22 16:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package libpng version 1.2.48-alt1
2012-03-23 00:00:00
centos
centos
libpng security update
2012-03-20 23:39:58
oraclelinux
oraclelinux
libpng security update
2012-03-20 00:00:00
redhat
redhat
(RHSA-2012:0407) Moderate: libpng security update
2012-03-20 00:00:00
(RHSA-2012:0488) Important: rhev-hypervisor5 security and bug fix update
2012-04-17 00:00:00
ubuntu
ubuntu
libpng vulnerability
2012-03-22 00:00:00
WebKit vulnerabilities
2012-08-08 00:00:00
WebKit vulnerabilities
2012-10-25 00:00:00
securityvulns
securityvulns
libpng integer overflow
2012-02-22 00:00:00
APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update
2012-05-09 00:00:00
Apple iOS multiple security vulnerabilities
2012-05-09 00:00:00
slackware
slackware
[slackware-security] libpng
2012-07-25 03:00:37
ibm
ibm
Security Bulletin: Gdal vulnerabilities affect IBM Netezza Analytics for NPS
2022-06-03 14:32:29

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

High

0.142 Low

EPSS

Percentile

95.7%

JSON
Related for OPENVAS:1361412562310903005
openvas63nessus41freebsd2suse1chrome2threatpost2gentoo3nvd10ubuntucve10veracode1debiancve8prion10cve10fedora10amazon1checkpoint_advisories1debian1cvelist10altlinux1centos1oraclelinux1redhat2ubuntu3securityvulns3slackware1ibm1