Lucene search
Copyright (C) 2010 SecPodOPENVAS:902096HistoryAug 26, 2010 - 12:00 a.m.
Google Chrome multiple vulnerabilities - (Aug10)
2010-08-2600:00:00
Copyright (C) 2010 SecPod
plugins.openvas.org
22
EPSS
0.052
Percentile
93.0%
This host is installed with Google Chrome and is prone to multiple
vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_google_chrome_mult_vuln_aug10.nasl 5394 2017-02-22 09:22:42Z teissa $
#
# Google Chrome multiple vulnerabilities - (Aug10)
#
# Authors:
# Madhuri D <[email protected]>
#
# Copyright:
# Copyright (c) 2010 SecPod, http://www.secpod.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
tag_impact = "Successful exploitation will allow remote attackers to execute arbitrary code
in the context of the browser, cause denial-of-service conditions, or disclose
sensitive information.
Impact Level: Application";
tag_affected = "Google Chrome version prior to 5.0.375.127 on Windows";
tag_insight = "The flaws are due to:
- A memory corruption with 'Geolocation' support.
- An error in supporting the 'Ruby' language.
- An error in 'Omnibox' implementation, which fails to anticipate entry of
passwords.
- An Error in implementing the notifications feature, history feature.
- A memory corruption in 'MIME' type handling.
- An error in text-editing implementation, which fails to properly perform
casts, which has unspecified impact and attack vectors.
- A memory corruption error when processing 'SVG' files, file dialogs.
- An unspecified error in the 'Windows kernel', which has unknown impact and
attack vectors.";
tag_solution = "Upgrade to Google Chrome version 5.0.375.127 or later,
For updates refer to http://www.google.com/chrome";
tag_summary = "This host is installed with Google Chrome and is prone to multiple
vulnerabilities.";
if(description)
{
script_id(902096);
script_version("$Revision: 5394 $");
script_tag(name:"last_modification", value:"$Date: 2017-02-22 10:22:42 +0100 (Wed, 22 Feb 2017) $");
script_tag(name:"creation_date", value:"2010-08-26 15:28:03 +0200 (Thu, 26 Aug 2010)");
script_cve_id("CVE-2010-3120", "CVE-2010-3119", "CVE-2010-3118", "CVE-2010-3117",
"CVE-2010-3116", "CVE-2010-3115", "CVE-2010-3114", "CVE-2010-3113",
"CVE-2010-3112", "CVE-2010-3111");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Google Chrome multiple vulnerabilities - (Aug10)");
script_copyright("Copyright (C) 2010 SecPod");
script_category(ACT_GATHER_INFO);
script_tag(name:"qod_type", value:"executable_version");
script_family("General");
script_dependencies("gb_google_chrome_detect_win.nasl");
script_require_keys("GoogleChrome/Win/Ver");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_xref(name : "URL" , value : "http://en.securitylab.ru/nvd/");
script_xref(name : "URL" , value : "http://seclists.org/cert/2010/182");
script_xref(name : "URL" , value : "http://googlechromereleases.blogspot.com/");
script_xref(name : "URL" , value : "http://www.us-cert.gov/current/#google_releases_chrome_5_06");
script_xref(name : "URL" , value : "http://www.nessus.org/plugins/index.php?view=single&id=48383");
exit(0);
}
include("version_func.inc");
## Get the version from KB
chromeVer = get_kb_item("GoogleChrome/Win/Ver");
if(!chromeVer){
exit(0);
}
## Check for Google Chrome Version less than 5.0.375.127
if(version_is_less(version:chromeVer, test_version:"5.0.375.127")){
security_message(0);
}
Related
openvas
openvas
Google Chrome Multiple Vulnerabilities (Aug 2010) - Windows
2010-08-26 00:00:00
FreeBSD Ports: webkit-gtk2
2010-11-17 00:00:00
FreeBSD Ports: webkit-gtk2
2010-11-17 00:00:00
nessus
nessus
Google Chrome < 5.0.375.127 Multiple Vulnerabilities
2010-08-20 00:00:00
Fedora 13 : webkitgtk-1.2.5-1.fc13 (2010-15957)
2010-10-20 00:00:00
Fedora 12 : webkitgtk-1.2.5-1.fc12 (2010-15982)
2010-10-20 00:00:00
threatpost
threatpost
Assessing the Adobe Reader X Sandbox
2010-11-22 17:10:54
cvelist
cvelist
ubuntucve
ubuntucve
prion
prion
Denial of service
2010-08-24 20:00:00
Memory corruption
2010-08-24 20:00:00
Memory corruption
2010-08-24 20:00:00
cve
cve
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:19
Use-after-free
2020-04-10 00:53:18
Denial Of Service(DoS)
2020-04-10 00:53:18
nvd
nvd
freebsd
freebsd
Webkit-gtk2 -- Multiple Vulnabilities
2010-10-01 00:00:00
webkit-gtk2 -- Multiple vulnerabilities
2010-09-07 00:00:00
debiancve
debiancve
oraclelinux
oraclelinux
webkitgtk security update
2011-02-10 00:00:00
redhat
redhat
(RHSA-2011:0177) Moderate: webkitgtk security update
2011-01-25 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: webkitgtk-1.2.6-1.fc13
2011-01-07 20:01:55
[SECURITY] Fedora 13 Update: webkitgtk-1.2.5-1.fc13
2010-10-19 07:21:56
[SECURITY] Fedora 12 Update: webkitgtk-1.2.5-1.fc12
2010-10-19 07:09:06
ubuntu
ubuntu
WebKit vulnerabilities
2011-08-23 00:00:00
securityvulns
securityvulns
Apple Webkit / Safari / Google Chrome multiple security vulnerabilities
2010-11-23 00:00:00
About the security content of Safari 5.0.3 and Safari 4.1.3
2010-11-20 00:00:00