ID CVE-2011-3903 Type cve Reporter NVD Modified 2017-09-18T21:34:10
Description
Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
{"gentoo": [{"lastseen": "2016-09-06T19:47:07", "bulletinFamily": "unix", "description": "### Background\n\nChromium is an open source web browser project. V8 is Google's open source JavaScript engine. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. \n\n### Impact\n\nA context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition. \n\nThe attacker could also perform URL bar spoofing.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/chromium-16.0.912.75\"\n \n\nAll V8 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/v8-3.6.6.11\"", "modified": "2012-01-08T00:00:00", "published": "2012-01-08T00:00:00", "id": "GLSA-201201-03", "href": "https://security.gentoo.org/glsa/201201-03", "type": "gentoo", "title": "Chromium, V8: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-10-22T16:43:08", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 201201-03.", "modified": "2018-10-12T00:00:00", "published": "2012-02-12T00:00:00", "id": "OPENVAS:136141256231070804", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070804", "title": "Gentoo Security Advisory GLSA 201201-03 (chromium v8)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201201_03.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70804\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3906\", \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\", \"CVE-2011-3917\", \"CVE-2011-3921\", \"CVE-2011-3922\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:41 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201201-03 (chromium v8)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been reported in Chromium and V8,\n some of which may allow execution of arbitrary code.\");\n script_tag(name:\"solution\", value:\"All Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=www-client/chromium-16.0.912.75'\n\n\nAll V8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.6.6.11'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201201-03\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=394587\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=397907\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201201-03.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 16.0.912.75\"), vulnerable: make_list(\"lt 16.0.912.75\"))) != NULL ) {\n report += res;\n}\nif((res = ispkgvuln(pkg:\"dev-lang/v8\", unaffected: make_list(\"ge 3.6.6.11\"), vulnerable: make_list(\"lt 3.6.6.11\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:39", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 201201-03.", "modified": "2017-07-07T00:00:00", "published": "2012-02-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=70804", "id": "OPENVAS:70804", "title": "Gentoo Security Advisory GLSA 201201-03 (chromium v8)", "type": "openvas", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been reported in Chromium and V8,\n some of which may allow execution of arbitrary code.\";\ntag_solution = \"All Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=www-client/chromium-16.0.912.75'\n \n\nAll V8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.6.6.11'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201201-03\nhttp://bugs.gentoo.org/show_bug.cgi?id=394587\nhttp://bugs.gentoo.org/show_bug.cgi?id=397907\nhttp://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html\nhttp://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201201-03.\";\n\n \n \nif(description)\n{\n script_id(70804);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3906\", \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\", \"CVE-2011-3917\", \"CVE-2011-3921\", \"CVE-2011-3922\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:41 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201201-03 (chromium v8)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 16.0.912.75\"), vulnerable: make_list(\"lt 16.0.912.75\"))) != NULL ) {\n report += res;\n}\nif((res = ispkgvuln(pkg:\"dev-lang/v8\", unaffected: make_list(\"ge 3.6.6.11\"), vulnerable: make_list(\"lt 3.6.6.11\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-03-14T14:32:24", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2019-03-14T00:00:00", "published": "2012-02-13T00:00:00", "id": "OPENVAS:136141256231070593", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070593", "title": "FreeBSD Ports: chromium", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_chromium1.nasl 14170 2019-03-14 09:24:12Z cfischer $\n#\n# Auto generated from VID 68ac6266-25c3-11e1-b63a-00262d5ed8ee\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70593\");\n script_tag(name:\"creation_date\", value:\"2012-02-13 01:48:16 +0100 (Mon, 13 Feb 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 10:24:12 +0100 (Thu, 14 Mar 2019) $\");\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3905\", \"CVE-2011-3906\", \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\", \"CVE-2011-3911\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\", \"CVE-2011-3915\", \"CVE-2011-3916\", \"CVE-2011-3917\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14170 $\");\n script_name(\"FreeBSD Ports: chromium\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: chromium\n\nCVE-2011-3903\nGoogle Chrome before 16.0.912.63 does not properly perform regex\nmatching, which allows remote attackers to cause a denial of service\n(out-of-bounds read) via unspecified vectors.\n\nCVE-2011-3904\nUse-after-free vulnerability in Google Chrome before 16.0.912.63\nallows remote attackers to cause a denial of service or possibly have\nunspecified other impact via vectors related to bidirectional text\n(aka bidi) handling.\n\nCVE-2011-3905\nlibxml2, as used in Google Chrome before 16.0.912.63, allows remote\nattackers to cause a denial of service (out-of-bounds read) via\nunspecified vectors.\n\nCVE-2011-3906\nThe PDF parser in Google Chrome before 16.0.912.63 allows remote\nattackers to cause a denial of service (out-of-bounds read) via\nunspecified vectors.\n\nCVE-2011-3907\nThe view-source feature in Google Chrome before 16.0.912.63 allows\nremote attackers to spoof the URL bar via unspecified vectors.\n\nCVE-2011-3908\nGoogle Chrome before 16.0.912.63 does not properly parse SVG\ndocuments, which allows remote attackers to cause a denial of service\n(out-of-bounds read) via unspecified vectors.\n\nCVE-2011-3909\nThe Cascading Style Sheets (CSS) implementation in Google Chrome\nbefore 16.0.912.63 on 64-bit platforms does not properly manage\nproperty arrays, which allows remote attackers to cause a denial of\nservice (memory corruption) via unspecified vectors.\n\nText truncated. Please see the references for more information.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/search/label/Stable%20updates\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/68ac6266-25c3-11e1-b63a-00262d5ed8ee.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"chromium\");\nif(!isnull(bver) && revcomp(a:bver, b:\"16.0.912.63\")<0) {\n txt += 'Package chromium version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:44:21", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2018-10-22T00:00:00", "published": "2011-12-15T00:00:00", "id": "OPENVAS:1361412562310902646", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902646", "title": "Google Chrome Multiple Vulnerabilities - December11 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_google_chrome_mult_vuln_dec11_macosx.nasl 12006 2018-10-22 07:42:16Z mmartin $\n#\n# Google Chrome Multiple Vulnerabilities - December11 (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902646\");\n script_version(\"$Revision: 12006 $\");\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3905\", \"CVE-2011-3906\",\n \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\",\n \"CVE-2011-3911\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\",\n \"CVE-2011-3915\", \"CVE-2011-3916\", \"CVE-2011-3917\");\n script_bugtraq_id(51041);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-22 09:42:16 +0200 (Mon, 22 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-15 16:18:22 +0530 (Thu, 15 Dec 2011)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - December11 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/47231/\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/51041\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions, or cause a denial-of-service condition.\");\n script_tag(name:\"affected\", value:\"Google Chrome versions prior to 16.0.912.63 on Mac OS X\");\n script_tag(name:\"insight\", value:\"For more information on the vulnerabilities refer to the links below.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 16.0.912.63 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"16.0.912.63\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:44:37", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2018-10-20T00:00:00", "published": "2011-12-15T00:00:00", "id": "OPENVAS:1361412562310902647", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902647", "title": "Google Chrome Multiple Vulnerabilities - December11 (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_google_chrome_mult_vuln_dec11_lin.nasl 11997 2018-10-20 11:59:41Z mmartin $\n#\n# Google Chrome Multiple Vulnerabilities - December11 (Linux)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902647\");\n script_version(\"$Revision: 11997 $\");\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3905\", \"CVE-2011-3906\",\n \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\",\n \"CVE-2011-3911\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\",\n \"CVE-2011-3915\", \"CVE-2011-3916\", \"CVE-2011-3917\");\n script_bugtraq_id(51041);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-20 13:59:41 +0200 (Sat, 20 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-15 16:20:01 +0530 (Thu, 15 Dec 2011)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - December11 (Linux)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/47231/\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/51041\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions, or cause a denial-of-service condition.\");\n script_tag(name:\"affected\", value:\"Google Chrome versions prior to 16.0.912.63 on Linux\");\n script_tag(name:\"insight\", value:\"For more information on the vulnerabilities refer to the links below.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 16.0.912.63 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"16.0.912.63\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:37", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2017-04-24T00:00:00", "published": "2012-02-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=70593", "id": "OPENVAS:70593", "title": "FreeBSD Ports: chromium", "type": "openvas", "sourceData": "#\n#VID 68ac6266-25c3-11e1-b63a-00262d5ed8ee\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 68ac6266-25c3-11e1-b63a-00262d5ed8ee\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: chromium\n\nCVE-2011-3903\nGoogle Chrome before 16.0.912.63 does not properly perform regex\nmatching, which allows remote attackers to cause a denial of service\n(out-of-bounds read) via unspecified vectors.\n\nCVE-2011-3904\nUse-after-free vulnerability in Google Chrome before 16.0.912.63\nallows remote attackers to cause a denial of service or possibly have\nunspecified other impact via vectors related to bidirectional text\n(aka bidi) handling.\n\nCVE-2011-3905\nlibxml2, as used in Google Chrome before 16.0.912.63, allows remote\nattackers to cause a denial of service (out-of-bounds read) via\nunspecified vectors.\n\nCVE-2011-3906\nThe PDF parser in Google Chrome before 16.0.912.63 allows remote\nattackers to cause a denial of service (out-of-bounds read) via\nunspecified vectors.\n\nCVE-2011-3907\nThe view-source feature in Google Chrome before 16.0.912.63 allows\nremote attackers to spoof the URL bar via unspecified vectors.\n\nCVE-2011-3908\nGoogle Chrome before 16.0.912.63 does not properly parse SVG\ndocuments, which allows remote attackers to cause a denial of service\n(out-of-bounds read) via unspecified vectors.\n\nCVE-2011-3909\nThe Cascading Style Sheets (CSS) implementation in Google Chrome\nbefore 16.0.912.63 on 64-bit platforms does not properly manage\nproperty arrays, which allows remote attackers to cause a denial of\nservice (memory corruption) via unspecified vectors.\n\nCVE-2011-3910\nGoogle Chrome before 16.0.912.63 does not properly handle YUV video\nframes, which allows remote attackers to cause a denial of service\n(out-of-bounds read) via unspecified vectors.\n\nCVE-2011-3911\nGoogle Chrome before 16.0.912.63 does not properly handle PDF\ndocuments, which allows remote attackers to cause a denial of service\n(out-of-bounds read) via unspecified vectors.\n\nCVE-2011-3912\nUse-after-free vulnerability in Google Chrome before 16.0.912.63\nallows remote attackers to cause a denial of service or possibly have\nunspecified other impact via vectors related to SVG filters.\n\nCVE-2011-3913\nUse-after-free vulnerability in Google Chrome before 16.0.912.63\nallows remote attackers to cause a denial of service or possibly have\nunspecified other impact via vectors related to Range handling.\n\nCVE-2011-3914\nThe internationalization (aka i18n) functionality in Google V8, as\nused in Google Chrome before 16.0.912.63, allows remote attackers to\ncause a denial of service or possibly have unspecified other impact\nvia unknown vectors that trigger an out-of-bounds write.\n\nCVE-2011-3915\nBuffer overflow in Google Chrome before 16.0.912.63 allows remote\nattackers to cause a denial of service or possibly have unspecified\nother impact via vectors related to PDF fonts.\n\nCVE-2011-3916\nGoogle Chrome before 16.0.912.63 does not properly handle PDF cross\nreferences, which allows remote attackers to cause a denial of service\n(out-of-bounds read) via unspecified vectors.\n\nCVE-2011-3917\nStack-based buffer overflow in FileWatcher in Google Chrome before\n16.0.912.63 allows remote attackers to cause a denial of service or\npossibly have unspecified other impact via unknown vectors.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://googlechromereleases.blogspot.com/search/label/Stable%20updates\nhttp://www.vuxml.org/freebsd/68ac6266-25c3-11e1-b63a-00262d5ed8ee.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(70593);\n script_tag(name:\"creation_date\", value:\"2012-02-13 01:48:16 +0100 (Mon, 13 Feb 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-24 11:02:24 +0200 (Mon, 24 Apr 2017) $\");\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3905\", \"CVE-2011-3906\", \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\", \"CVE-2011-3911\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\", \"CVE-2011-3915\", \"CVE-2011-3916\", \"CVE-2011-3917\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6018 $\");\n script_name(\"FreeBSD Ports: chromium\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"chromium\");\nif(!isnull(bver) && revcomp(a:bver, b:\"16.0.912.63\")<0) {\n txt += 'Package chromium version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:44:17", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2018-10-20T00:00:00", "published": "2011-12-15T00:00:00", "id": "OPENVAS:1361412562310902645", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902645", "title": "Google Chrome Multiple Vulnerabilities - December11 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_google_chrome_mult_vuln_dec11_win.nasl 11997 2018-10-20 11:59:41Z mmartin $\n#\n# Google Chrome Multiple Vulnerabilities - December11 (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902645\");\n script_version(\"$Revision: 11997 $\");\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3905\", \"CVE-2011-3906\",\n \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\",\n \"CVE-2011-3911\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\",\n \"CVE-2011-3915\", \"CVE-2011-3916\", \"CVE-2011-3917\");\n script_bugtraq_id(51041);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-20 13:59:41 +0200 (Sat, 20 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-15 16:12:15 +0530 (Thu, 15 Dec 2011)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - December11 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/47231/\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/51041\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions, or cause a denial-of-service condition.\");\n script_tag(name:\"affected\", value:\"Google Chrome versions prior to 16.0.912.63 on Windows\");\n script_tag(name:\"insight\", value:\"For more information on the vulnerabilities refer to the links below.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 16.0.912.63 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"16.0.912.63\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-05T11:22:31", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2017-09-04T00:00:00", "published": "2011-12-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=902645", "id": "OPENVAS:902645", "title": "Google Chrome Multiple Vulnerabilities - December11 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_google_chrome_mult_vuln_dec11_win.nasl 7052 2017-09-04 11:50:51Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities - December11 (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions, or cause a denial-of-service condition.\n Impact Level: System/Application\";\ntag_affected = \"Google Chrome versions prior to 16.0.912.63 on Windows\";\ntag_insight = \"For more information on the vulnerabilities refer to the links below.\";\ntag_solution = \"Upgrade to the Google Chrome 16.0.912.63 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(902645);\n script_version(\"$Revision: 7052 $\");\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3905\", \"CVE-2011-3906\",\n \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\",\n \"CVE-2011-3911\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\",\n \"CVE-2011-3915\", \"CVE-2011-3916\", \"CVE-2011-3917\");\n script_bugtraq_id(51041);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-09-04 13:50:51 +0200 (Mon, 04 Sep 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-15 16:12:15 +0530 (Thu, 15 Dec 2011)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - December11 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/47231/\");\n script_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/51041\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_require_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Versions prior to 16.0.912.63\nif(version_is_less(version:chromeVer, test_version:\"16.0.912.63\")){\n security_message(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-04T14:20:09", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2017-09-01T00:00:00", "published": "2011-12-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=902646", "id": "OPENVAS:902646", "title": "Google Chrome Multiple Vulnerabilities - December11 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_google_chrome_mult_vuln_dec11_macosx.nasl 7044 2017-09-01 11:50:59Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities - December11 (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions, or cause a denial-of-service condition.\n Impact Level: System/Application\";\ntag_affected = \"Google Chrome versions prior to 16.0.912.63 on Mac OS X\";\ntag_insight = \"For more information on the vulnerabilities refer to the links below.\";\ntag_solution = \"Upgrade to the Google Chrome 16.0.912.63 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(902646);\n script_version(\"$Revision: 7044 $\");\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3905\", \"CVE-2011-3906\",\n \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\",\n \"CVE-2011-3911\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\",\n \"CVE-2011-3915\", \"CVE-2011-3916\", \"CVE-2011-3917\");\n script_bugtraq_id(51041);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-09-01 13:50:59 +0200 (Fri, 01 Sep 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-15 16:18:22 +0530 (Thu, 15 Dec 2011)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - December11 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/47231/\");\n script_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/51041\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_require_keys(\"GoogleChrome/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Versions prior to 16.0.912.63\nif(version_is_less(version:chromeVer, test_version:\"16.0.912.63\")){\n security_message(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-04T14:19:55", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2017-08-31T00:00:00", "published": "2011-12-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=902647", "id": "OPENVAS:902647", "title": "Google Chrome Multiple Vulnerabilities - December11 (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_google_chrome_mult_vuln_dec11_lin.nasl 7029 2017-08-31 11:51:40Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities - December11 (Linux)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions, or cause a denial-of-service condition.\n Impact Level: System/Application\";\ntag_affected = \"Google Chrome versions prior to 16.0.912.63 on Linux\";\ntag_insight = \"For more information on the vulnerabilities refer to the links below.\";\ntag_solution = \"Upgrade to the Google Chrome 16.0.912.63 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(902647);\n script_version(\"$Revision: 7029 $\");\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3905\", \"CVE-2011-3906\",\n \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\",\n \"CVE-2011-3911\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\",\n \"CVE-2011-3915\", \"CVE-2011-3916\", \"CVE-2011-3917\");\n script_bugtraq_id(51041);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-31 13:51:40 +0200 (Thu, 31 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-15 16:20:01 +0530 (Thu, 15 Dec 2011)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - December11 (Linux)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/47231/\");\n script_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/51041\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_require_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chirome Versions prior to 16.0.912.63\nif(version_is_less(version:chromeVer, test_version:\"16.0.912.63\")){\n security_message(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:15:49", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201201-03 (Chromium, V8: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.\n Impact :\n\n A context-dependent attacker could entice a user to open a specially crafted website or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition.\n The attacker could also perform URL bar spoofing.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-08-10T00:00:00", "id": "GENTOO_GLSA-201201-03.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57456", "published": "2012-01-09T00:00:00", "title": "GLSA-201201-03 : Chromium, V8: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201201-03.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57456);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3906\", \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\", \"CVE-2011-3917\", \"CVE-2011-3921\", \"CVE-2011-3922\");\n script_xref(name:\"GLSA\", value:\"201201-03\");\n\n script_name(english:\"GLSA-201201-03 : Chromium, V8: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201201-03\n(Chromium, V8: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and V8. Please\n review the CVE identifiers and release notes referenced below for\n details.\n \nImpact :\n\n A context-dependent attacker could entice a user to open a specially\n crafted website or JavaScript program using Chromium or V8, possibly\n resulting in the execution of arbitrary code with the privileges of the\n process, or a Denial of Service condition.\n The attacker could also perform URL bar spoofing.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a2b81fb\"\n );\n # https://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?645a7adf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201201-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/chromium-16.0.912.75'\n All V8 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.6.6.11'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:v8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 16.0.912.75\"), vulnerable:make_list(\"lt 16.0.912.75\"))) flag++;\nif (qpkg_check(package:\"dev-lang/v8\", unaffected:make_list(\"ge 3.6.6.11\"), vulnerable:make_list(\"lt 3.6.6.11\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium / V8\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:15:47", "bulletinFamily": "scanner", "description": "Google Chrome Releases reports :\n\n[81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching.\nCredit to David Holloway of the Chromium development community.\n[95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno). [98809] Medium CVE-2011-3906:\nOut-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG.\n[99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Mitja Kolsek of ACROS Security. [100863] Low CVE-2011-3908:\nOut-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG.\n[101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu. [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar). [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF.\nCredit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team. [102359] High CVE-2011-3912:\nUse-after-free in SVG filters. Credit to Arthur Gerkis. [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis. [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to Slawomir Blazek. [104529] High CVE-2011-3915:\nBuffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG. [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG. [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella). [107258] High CVE-2011-3904:\nUse-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz.", "modified": "2013-06-21T00:00:00", "id": "FREEBSD_PKG_68AC626625C311E1B63A00262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57292", "published": "2011-12-14T00:00:00", "title": "FreeBSD : chromium -- multiple vulnerabilities (68ac6266-25c3-11e1-b63a-00262d5ed8ee)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57292);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:57:17 $\");\n\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3905\", \"CVE-2011-3906\", \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\", \"CVE-2011-3911\", \"CVE-2011-3912\", \"CVE-2011-3913\", \"CVE-2011-3914\", \"CVE-2011-3915\", \"CVE-2011-3916\", \"CVE-2011-3917\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (68ac6266-25c3-11e1-b63a-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n[81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching.\nCredit to David Holloway of the Chromium development community.\n[95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to\nGoogle Chrome Security Team (Inferno). [98809] Medium CVE-2011-3906:\nOut-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG.\n[99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit\nto Mitja Kolsek of ACROS Security. [100863] Low CVE-2011-3908:\nOut-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG.\n[101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS\nproperty array. Credit to Google Chrome Security Team (scarybeasts)\nand Chu. [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV\nvideo frame handling. Credit to Google Chrome Security Team (Cris\nNeckar). [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF.\nCredit to Google Chrome Security Team (scarybeasts) and Robert Swiecki\nof the Google Security Team. [102359] High CVE-2011-3912:\nUse-after-free in SVG filters. Credit to Arthur Gerkis. [103921] High\nCVE-2011-3913: Use-after-free in Range handling. Credit to Arthur\nGerkis. [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n\nhandling. Credit to Slawomir Blazek. [104529] High CVE-2011-3915:\nBuffer overflow in PDF font handling. Credit to Atte Kettunen of\nOUSPG. [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross\nreferences. Credit to Atte Kettunen of OUSPG. [105162] Medium\nCVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google\nChrome Security Team (Marty Barbella). [107258] High CVE-2011-3904:\nUse-after-free in bidi handling. Credit to Google Chrome Security Team\n(Inferno) and miaubiz.\"\n );\n # http://googlechromereleases.blogspot.com/search/label/Stable%20updates\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29fa020e\"\n );\n # http://www.freebsd.org/ports/portaudit/68ac6266-25c3-11e1-b63a-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?51c2b178\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<16.0.912.63\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:06", "bulletinFamily": "scanner", "description": "Chromium update to to 18.0.972", "modified": "2014-06-13T00:00:00", "published": "2014-06-13T00:00:00", "id": "OPENSUSE-2011-93.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74538", "title": "openSUSE Security Update : v8 / chromium (openSUSE-2011-93)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2011-93.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74538);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:53:55 $\");\n\n script_cve_id(\"CVE-2011-3903\", \"CVE-2011-3904\", \"CVE-2011-3905\", \"CVE-2011-3906\", \"CVE-2011-3907\", \"CVE-2011-3908\", \"CVE-2011-3909\", \"CVE-2011-3910\", \"CVE-2011-3911\", \"CVE-2011-3912\", \"CVE-2011-3914\", \"CVE-2011-3915\", \"CVE-2011-3916\", \"CVE-2011-3917\");\n\n script_name(english:\"openSUSE Security Update : v8 / chromium (openSUSE-2011-93)\");\n script_summary(english:\"Check for the openSUSE-2011-93 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(attribute:\"description\", value:\"Chromium update to to 18.0.972\");\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=736716\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected v8 / chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libv8-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libv8-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:v8-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:v8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:v8-private-headers-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-18.0.972.0-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-debuginfo-18.0.972.0-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-debugsource-18.0.972.0-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-desktop-gnome-18.0.972.0-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-desktop-kde-18.0.972.0-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-suid-helper-18.0.972.0-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-suid-helper-debuginfo-18.0.972.0-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libv8-3-3.7.12.6-1.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libv8-3-debuginfo-3.7.12.6-1.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"v8-debugsource-3.7.12.6-1.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"v8-devel-3.7.12.6-1.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"v8-private-headers-devel-3.7.12.6-1.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium / chromium-debuginfo / chromium-debugsource / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:15:47", "bulletinFamily": "scanner", "description": "The version of Google Chrome installed on the remote host is earlier than 16.0.912.63 and is affected by the following vulnerabilities:\n\n - Out-of-bounds read errors exist related to regex matching, libxml, the PDF parser, the SVG parser, YUV video frame handling, i18n handling in V8 and PDF cross references. (CVE-2011-3903, CVE-2011-3905, CVE-2011-3906, CVE-2011-3908, CVE-2011-3910, CVE-2011-3911, CVE-2011-3914, CVE-2011-3916)\n\n - Use-after-free errors exist related to SVG filters, Range handling and bidi handling. (CVE-2011-3904, CVE-2011-3912, CVE-2011-3913)\n\n - URL bar spoofing is possible due to an error related to 'view-source'. (CVE-2011-3907)\n\n - A memory corruption error exists related to arrays of CSS properties. (CVE-2011-3909)\n\n - A buffer overflow exists related to PDF font handling.\n (CVE-2011-3915)\n\n - A stack-based buffer overflow exists related to the 'FileWatcher'. (CVE-2011-3917)", "modified": "2018-11-15T00:00:00", "id": "GOOGLE_CHROME_16_0_912_63.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57288", "published": "2011-12-14T00:00:00", "title": "Google Chrome < 16.0.912.63 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57288);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n\n script_cve_id(\n \"CVE-2011-3903\",\n \"CVE-2011-3904\",\n \"CVE-2011-3905\",\n \"CVE-2011-3906\",\n \"CVE-2011-3907\",\n \"CVE-2011-3908\",\n \"CVE-2011-3909\",\n \"CVE-2011-3910\",\n \"CVE-2011-3911\",\n \"CVE-2011-3912\",\n \"CVE-2011-3913\",\n \"CVE-2011-3914\",\n \"CVE-2011-3915\",\n \"CVE-2011-3916\",\n \"CVE-2011-3917\"\n );\n script_bugtraq_id(51041, 51084, 51262);\n\n script_name(english:\"Google Chrome < 16.0.912.63 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version number of Google Chrome\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is earlier\nthan 16.0.912.63 and is affected by the following vulnerabilities:\n\n - Out-of-bounds read errors exist related to regex\n matching, libxml, the PDF parser, the SVG parser, YUV\n video frame handling, i18n handling in V8 and PDF cross\n references. (CVE-2011-3903, CVE-2011-3905,\n CVE-2011-3906, CVE-2011-3908, CVE-2011-3910,\n CVE-2011-3911, CVE-2011-3914, CVE-2011-3916)\n\n - Use-after-free errors exist related to SVG filters,\n Range handling and bidi handling. (CVE-2011-3904,\n CVE-2011-3912, CVE-2011-3913)\n\n - URL bar spoofing is possible due to an error related\n to 'view-source'. (CVE-2011-3907)\n\n - A memory corruption error exists related to arrays of\n CSS properties. (CVE-2011-3909)\n\n - A buffer overflow exists related to PDF font handling.\n (CVE-2011-3915)\n\n - A stack-based buffer overflow exists related to the\n 'FileWatcher'. (CVE-2011-3917)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c20b7ac5\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Google Chrome 16.0.912.63 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\n\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\ngoogle_chrome_check_version(installs:installs, fix:'16.0.912.63', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2016-09-26T17:24:41", "bulletinFamily": "unix", "description": "\nGoogle Chrome Releases reports:\n\n[81753] Medium CVE-2011-3903: Out-of-bounds read in regex\n\t matching. Credit to David Holloway of the Chromium development\n\t community.\n\t [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to\n\t Google Chrome Security Team (Inferno).\n\t [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser.\n\t Credit to Aki Helin of OUSPG.\n\t [99016] High CVE-2011-3907: URL bar spoofing with view-source.\n\t Credit to Mitja Kolsek of ACROS Security.\n\t [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing.\n\t Credit to Aki Helin of OUSPG.\n\t [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in\n\t CSS property array. Credit to Google Chrome Security Team\n\t (scarybeasts) and Chu.\n\t [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video\n\t frame handling. Credit to Google Chrome Security Team (Cris\n\t Neckar).\n\t [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to\n\t Google Chrome Security Team (scarybeasts) and Robert Swiecki of\n\t the Google Security Team.\n\t [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit\n\t to Arthur Gerkis.\n\t [103921] High CVE-2011-3913: Use-after-free in Range handling.\n\t Credit to Arthur Gerkis.\n\t [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n\n\t handling. Credit to Slawomir Blazek.\n\t [104529] High CVE-2011-3915: Buffer overflow in PDF font handling.\n\t Credit to Atte Kettunen of OUSPG.\n\t [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross\n\t references. Credit to Atte Kettunen of OUSPG.\n\t [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher.\n\t Credit to Google Chrome Security Team (Marty Barbella).\n\t [107258] High CVE-2011-3904: Use-after-free in bidi handling.\n\t Credit to Google Chrome Security Team (Inferno) and miaubiz.\n\n", "modified": "2011-12-13T00:00:00", "published": "2011-12-13T00:00:00", "href": "https://vuxml.freebsd.org/freebsd/68ac6266-25c3-11e1-b63a-00262d5ed8ee.html", "id": "68AC6266-25C3-11E1-B63A-00262D5ED8EE", "title": "chromium -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "threatpost": [{"lastseen": "2018-10-06T23:04:12", "bulletinFamily": "info", "description": "[](<https://threatpost.com/google-fixes-15-flaws-chrome-121311/>)Google has fixed 15 security vulnerabilities in its Chrome browser, including six high-risk bugs. As part of its reward program, Google paid out $6,000 in rewards to researchers who reported flaws.\n\nThis is one of the larger groups of bug fixes that Google has included in recent releases of Chrome. The company has been using a rolling update schedule for Chrome, and it often will release new stable versions of the browser with just a few bug fixes or security patches. But this release is a fairly major one.\n\nThe full list of fixes in [version 16**.0.912.63** of Chrome](<http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+GoogleChromeReleases+%28Google+Chrome+Releases%29>):\n\n * [[81753](<https://code.google.com/p/chromium/issues/detail?id=81753>)] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community.\n * [[95465](<https://code.google.com/p/chromium/issues/detail?id=95465>)] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno).\n * [$500] [[98809](<https://code.google.com/p/chromium/issues/detail?id=98809>)] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG.\n * [$1000] [[99016](<https://code.google.com/p/chromium/issues/detail?id=99016>)] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Mitja Kolsek of ACROS Security.\n * [[100863](<https://code.google.com/p/chromium/issues/detail?id=100863>)] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG.\n * [[101010](<https://code.google.com/p/chromium/issues/detail?id=101010>)] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu.\n * [[101494](<https://code.google.com/p/chromium/issues/detail?id=101494>)] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar).\n * [[101779](<https://code.google.com/p/chromium/issues/detail?id=101779>)] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team.\n * [$1000] [[102359](<https://code.google.com/p/chromium/issues/detail?id=102359>)] High CVE-2011-3912: Use-after-free in SVG filters. Credit to Arthur Gerkis.\n * [$1000] [[103921](<https://code.google.com/p/chromium/issues/detail?id=103921>)] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis.\n * [$1000] [[104011](<https://code.google.com/p/chromium/issues/detail?id=104011>)] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to S\u0142awomir B\u0142a\u017cek.\n * [$1000] [[104529](<https://code.google.com/p/chromium/issues/detail?id=104529>)] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG.\n * [$500] [[104959](<https://code.google.com/p/chromium/issues/detail?id=104959>)] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG.\n * [[105162](<https://code.google.com/p/chromium/issues/detail?id=105162>)] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella).\n * [[107258](<https://bugs.webkit.org/show_bug.cgi?id=66015>)] High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz.\n\nAlso in this version of Chrome, Google added the ability for people to add new users to each installation of the browser. Each individual user can sign in to Chrome and sync their settings, extensions and other add-ons to the Web, giving each person a separate experience.\n\n\u201cKeep in mind that adding new users to Chrome isn\u2019t intended to secure your data against other people using your computer, since it just takes a few clicks to switch between users. We\u2019re providing this functionality as a quick and simple user interface convenience for people who are already sharing Chrome on the same computer today,\u201d [Google\u2019s Tim Steele](<http://chrome.blogspot.com/2011/12/get-your-personal-chrome-experience-on.html>) wrote in a blog post.\n", "modified": "2013-04-17T16:33:09", "published": "2011-12-13T19:14:26", "id": "THREATPOST:C4FD269A1D3C8717B477EA84F9D4F75B", "href": "https://threatpost.com/google-fixes-15-flaws-chrome-121311/75995/", "type": "threatpost", "title": "Google Fixes 15 Flaws in Chrome", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
