ID CVE-2012-5142 Type cve Reporter cve@mitre.org Modified 2018-10-30T16:27:00
Description
Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
{"openvas": [{"lastseen": "2017-07-02T21:10:51", "bulletinFamily": "scanner", "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2017-04-18T00:00:00", "published": "2012-12-14T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803127", "id": "OPENVAS:803127", "title": "Google Chrome Multiple Vulnerabilities-03 Dec2012 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln03_dec12_win.nasl 5963 2017-04-18 09:02:14Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities-03 Dec2012 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service.\n Impact Level: System/Application\";\ntag_affected = \"Google Chrome version prior to 23.0.1271.97 on Windows\";\ntag_insight = \"- An use-after-free error exists in visibility events and in URL loader.\n - Error exists within the instantiation of the Chromoting client plug-in,\n history navigation and AAC decoding.\n - An integer overflow error exists within handling of PPAPI image buffers.\";\ntag_solution = \"Upgrade to the Google Chrome 23.0.1271.97 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803127);\n script_version(\"$Revision: 5963 $\");\n script_cve_id(\"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\",\n \"CVE-2012-5143\", \"CVE-2012-5144\");\n script_bugtraq_id(56903);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-18 11:02:14 +0200 (Tue, 18 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-14 13:26:00 +0530 (Fri, 14 Dec 2012)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-03 Dec2012 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51549/\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2012/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_require_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Versions prior to 23.0.1271.97\nif(version_is_less(version:chromeVer, test_version:\"23.0.1271.97\")){\n security_message(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:49", "bulletinFamily": "scanner", "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2017-04-17T00:00:00", "published": "2012-12-14T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803128", "id": "OPENVAS:803128", "title": "Google Chrome Multiple Vulnerabilities-03 Dec2012 (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln03_dec12_lin.nasl 5958 2017-04-17 09:02:19Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities-03 Dec2012 (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service.\n Impact Level: System/Application\";\ntag_affected = \"Google Chrome version prior to 23.0.1271.97 on Linux\";\ntag_insight = \"- An use-after-free error exists in visibility events and in URL loader.\n - Error exists within the instantiation of the Chromoting client plug-in,\n history navigation and AAC decoding.\n - An integer overflow error exists within handling of PPAPI image buffers.\";\ntag_solution = \"Upgrade to the Google Chrome 23.0.1271.97 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803128);\n script_version(\"$Revision: 5958 $\");\n script_cve_id(\"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\",\n \"CVE-2012-5143\", \"CVE-2012-5144\");\n script_bugtraq_id(56903);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-17 11:02:19 +0200 (Mon, 17 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-14 13:26:37 +0530 (Fri, 14 Dec 2012)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-03 Dec2012 (Linux)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51549/\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2012/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_require_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Versions prior to 23.0.1271.97\nif(version_is_less(version:chromeVer, test_version:\"23.0.1271.97\")){\n security_message(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:41", "bulletinFamily": "scanner", "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2017-04-10T00:00:00", "published": "2012-12-14T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803129", "id": "OPENVAS:803129", "title": "Google Chrome Multiple Vulnerabilities-03 Dec2012 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln03_dec12_macosx.nasl 5912 2017-04-10 09:01:51Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities-03 Dec2012 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service.\n Impact Level: System/Application\";\ntag_affected = \"Google Chrome version prior to 23.0.1271.97 on Mac OS X\";\ntag_insight = \"- An use-after-free error exists in visibility events and in URL loader.\n - Error exists within the instantiation of the Chromoting client plug-in,\n history navigation and AAC decoding.\n - An integer overflow error exists within handling of PPAPI image buffers.\";\ntag_solution = \"Upgrade to the Google Chrome 23.0.1271.97 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803129);\n script_version(\"$Revision: 5912 $\");\n script_cve_id(\"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\",\n \"CVE-2012-5143\", \"CVE-2012-5144\");\n script_bugtraq_id(56903);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-10 11:01:51 +0200 (Mon, 10 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-14 13:40:56 +0530 (Fri, 14 Dec 2012)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-03 Dec2012 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51549/\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2012/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_require_keys(\"GoogleChrome/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Versions prior to 23.0.1271.97\nif(version_is_less(version:chromeVer, test_version:\"23.0.1271.97\")){\n security_message(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-07-19T22:16:04", "bulletinFamily": "scanner", "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2012-12-14T00:00:00", "id": "OPENVAS:1361412562310803128", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803128", "title": "Google Chrome Multiple Vulnerabilities-03 Dec2012 (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-03 Dec2012 (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803128\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\",\n \"CVE-2012-5143\", \"CVE-2012-5144\");\n script_bugtraq_id(56903);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-12-14 13:26:37 +0530 (Fri, 14 Dec 2012)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-03 Dec2012 (Linux)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51549/\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2012/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 23.0.1271.97 on Linux\");\n script_tag(name:\"insight\", value:\"- An use-after-free error exists in visibility events and in URL loader.\n\n - Error exists within the instantiation of the Chromoting client plug-in,\n history navigation and AAC decoding.\n\n - An integer overflow error exists within handling of PPAPI image buffers.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 23.0.1271.97 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"23.0.1271.97\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:16:02", "bulletinFamily": "scanner", "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2012-12-14T00:00:00", "id": "OPENVAS:1361412562310803127", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803127", "title": "Google Chrome Multiple Vulnerabilities-03 Dec2012 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-03 Dec2012 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803127\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\",\n \"CVE-2012-5143\", \"CVE-2012-5144\");\n script_bugtraq_id(56903);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-12-14 13:26:00 +0530 (Fri, 14 Dec 2012)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-03 Dec2012 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51549/\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2012/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 23.0.1271.97 on Windows\");\n script_tag(name:\"insight\", value:\"- An use-after-free error exists in visibility events and in URL loader.\n\n - Error exists within the instantiation of the Chromoting client plug-in,\n history navigation and AAC decoding.\n\n - An integer overflow error exists within handling of PPAPI image buffers.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 23.0.1271.97 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"23.0.1271.97\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:16:31", "bulletinFamily": "scanner", "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2012-12-14T00:00:00", "id": "OPENVAS:1361412562310803129", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803129", "title": "Google Chrome Multiple Vulnerabilities-03 Dec2012 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-03 Dec2012 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803129\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\",\n \"CVE-2012-5143\", \"CVE-2012-5144\");\n script_bugtraq_id(56903);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-12-14 13:40:56 +0530 (Fri, 14 Dec 2012)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-03 Dec2012 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51549/\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2012/12/stable-channel-update.html\");\n\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 23.0.1271.97 on Mac OS X\");\n script_tag(name:\"insight\", value:\"- An use-after-free error exists in visibility events and in URL loader.\n\n - Error exists within the instantiation of the Chromoting client plug-in,\n history navigation and AAC decoding.\n\n - An integer overflow error exists within handling of PPAPI image buffers.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 23.0.1271.97 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"23.0.1271.97\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:10", "bulletinFamily": "scanner", "description": "Gentoo Linux Local Security Checks GLSA 201309-16", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121030", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121030", "title": "Gentoo Security Advisory GLSA 201309-16", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201309-16.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121030\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:25:53 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201309-16\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201309-16\");\n script_cve_id(\"CVE-2012-5116\", \"CVE-2012-5117\", \"CVE-2012-5118\", \"CVE-2012-5120\", \"CVE-2012-5121\", \"CVE-2012-5122\", \"CVE-2012-5123\", \"CVE-2012-5124\", \"CVE-2012-5125\", \"CVE-2012-5126\", \"CVE-2012-5127\", \"CVE-2012-5128\", \"CVE-2012-5130\", \"CVE-2012-5132\", \"CVE-2012-5133\", \"CVE-2012-5135\", \"CVE-2012-5136\", \"CVE-2012-5137\", \"CVE-2012-5138\", \"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\", \"CVE-2012-5143\", \"CVE-2012-5144\", \"CVE-2012-5145\", \"CVE-2012-5146\", \"CVE-2012-5147\", \"CVE-2012-5148\", \"CVE-2012-5149\", \"CVE-2012-5150\", \"CVE-2012-5151\", \"CVE-2012-5152\", \"CVE-2012-5153\", \"CVE-2012-5154\", \"CVE-2013-0828\", \"CVE-2013-0829\", \"CVE-2013-0830\", \"CVE-2013-0831\", \"CVE-2013-0832\", \"CVE-2013-0833\", \"CVE-2013-0834\", \"CVE-2013-0835\", \"CVE-2013-0836\", \"CVE-2013-0837\", \"CVE-2013-0838\", \"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\", \"CVE-2013-0879\", \"CVE-2013-0880\", \"CVE-2013-0881\", \"CVE-2013-0882\", \"CVE-2013-0883\", \"CVE-2013-0884\", \"CVE-2013-0885\", \"CVE-2013-0887\", \"CVE-2013-0888\", \"CVE-2013-0889\", \"CVE-2013-0890\", \"CVE-2013-0891\", \"CVE-2013-0892\", \"CVE-2013-0893\", \"CVE-2013-0894\", \"CVE-2013-0895\", \"CVE-2013-0896\", \"CVE-2013-0897\", \"CVE-2013-0898\", \"CVE-2013-0899\", \"CVE-2013-0900\", \"CVE-2013-0902\", \"CVE-2013-0903\", \"CVE-2013-0904\", \"CVE-2013-0905\", \"CVE-2013-0906\", \"CVE-2013-0907\", \"CVE-2013-0908\", \"CVE-2013-0909\", \"CVE-2013-0910\", \"CVE-2013-0911\", \"CVE-2013-0912\", \"CVE-2013-0916\", \"CVE-2013-0917\", \"CVE-2013-0918\", \"CVE-2013-0919\", \"CVE-2013-0920\", \"CVE-2013-0921\", \"CVE-2013-0922\", \"CVE-2013-0923\", \"CVE-2013-0924\", \"CVE-2013-0925\", \"CVE-2013-0926\", \"CVE-2013-2836\", \"CVE-2013-2837\", \"CVE-2013-2838\", \"CVE-2013-2839\", \"CVE-2013-2840\", \"CVE-2013-2841\", \"CVE-2013-2842\", \"CVE-2013-2843\", \"CVE-2013-2844\", \"CVE-2013-2845\", \"CVE-2013-2846\", \"CVE-2013-2847\", \"CVE-2013-2848\", \"CVE-2013-2849\", \"CVE-2013-2853\", \"CVE-2013-2855\", \"CVE-2013-2856\", \"CVE-2013-2857\", \"CVE-2013-2858\", \"CVE-2013-2859\", \"CVE-2013-2860\", \"CVE-2013-2861\", \"CVE-2013-2862\", \"CVE-2013-2863\", \"CVE-2013-2865\", \"CVE-2013-2867\", \"CVE-2013-2868\", \"CVE-2013-2869\", \"CVE-2013-2870\", \"CVE-2013-2871\", \"CVE-2013-2874\", \"CVE-2013-2875\", \"CVE-2013-2876\", \"CVE-2013-2877\", \"CVE-2013-2878\", \"CVE-2013-2879\", \"CVE-2013-2880\", \"CVE-2013-2881\", \"CVE-2013-2882\", \"CVE-2013-2883\", \"CVE-2013-2884\", \"CVE-2013-2885\", \"CVE-2013-2886\", \"CVE-2013-2887\", \"CVE-2013-2900\", \"CVE-2013-2901\", \"CVE-2013-2902\", \"CVE-2013-2903\", \"CVE-2013-2904\", \"CVE-2013-2905\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201309-16\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 29.0.1457.57\"), vulnerable: make_list(\"lt 29.0.1457.57\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/v8\", unaffected: make_list(\"ge 3.18.5.14\"), vulnerable: make_list(\"lt 3.18.5.14\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2016-09-26T17:24:34", "bulletinFamily": "unix", "description": "\nGoogle Chrome Releases reports:\n\n[158204] High CVE-2012-5139: Use-after-free with visibility\n\t events. Credit to Chamal de Silva.\n[159429] High CVE-2012-5140: Use-after-free in URL loader. Credit\n\t to Chamal de Silva.\n[160456] Medium CVE-2012-5141: Limit Chromoting client plug-in\n\t instantiation. Credit to Google Chrome Security Team (J\u00c3\u00bcri\n\t Aedla).\n[160803] Critical CVE-2012-5142: Crash in history navigation.\n\t Credit to Michal Zalewski of Google Security Team.\n[160926] Medium CVE-2012-5143: Integer overflow in PPAPI image\n\t buffers. Credit to Google Chrome Security Team (Cris Neckar).\n[161639] High CVE-2012-5144: Stack corruption in AAC decoding.\n\t Credit to pawlkt.\n\n", "modified": "2012-12-11T00:00:00", "published": "2012-12-11T00:00:00", "href": "https://vuxml.freebsd.org/freebsd/51f84e28-444e-11e2-8306-00262d5ed8ee.html", "id": "51F84E28-444E-11E2-8306-00262D5ED8EE", "title": "chromium -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-11-01T02:37:46", "bulletinFamily": "scanner", "description": "Google Chrome Releases reports :\n\n[158204] High CVE-2012-5139: Use-after-free with visibility events.\nCredit to Chamal de Silva.\n\n[159429] High CVE-2012-5140: Use-after-free in URL loader. Credit to\nChamal de Silva.\n\n[160456] Medium CVE-2012-5141: Limit Chromoting client plug-in\ninstantiation. Credit to Google Chrome Security Team (Juri Aedla).\n\n[160803] Critical CVE-2012-5142: Crash in history navigation. Credit\nto Michal Zalewski of Google Security Team.\n\n[160926] Medium CVE-2012-5143: Integer overflow in PPAPI image\nbuffers. Credit to Google Chrome Security Team (Cris Neckar).\n\n[161639] High CVE-2012-5144: Stack corruption in AAC decoding. Credit\nto pawlkt.", "modified": "2019-11-02T00:00:00", "id": "FREEBSD_PKG_51F84E28444E11E2830600262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/nessus/63256", "published": "2012-12-13T00:00:00", "title": "FreeBSD : chromium -- multiple vulnerabilities (51f84e28-444e-11e2-8306-00262d5ed8ee)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2016 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63256);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2016/05/26 16:04:31 $\");\n\n script_cve_id(\"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\", \"CVE-2012-5143\", \"CVE-2012-5144\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (51f84e28-444e-11e2-8306-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n[158204] High CVE-2012-5139: Use-after-free with visibility events.\nCredit to Chamal de Silva.\n\n[159429] High CVE-2012-5140: Use-after-free in URL loader. Credit to\nChamal de Silva.\n\n[160456] Medium CVE-2012-5141: Limit Chromoting client plug-in\ninstantiation. Credit to Google Chrome Security Team (Juri Aedla).\n\n[160803] Critical CVE-2012-5142: Crash in history navigation. Credit\nto Michal Zalewski of Google Security Team.\n\n[160926] Medium CVE-2012-5143: Integer overflow in PPAPI image\nbuffers. Credit to Google Chrome Security Team (Cris Neckar).\n\n[161639] High CVE-2012-5144: Stack corruption in AAC decoding. Credit\nto pawlkt.\"\n );\n # http://googlechromereleases.blogspot.nl/search/label/Stable%20updates\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bdc75d6a\"\n );\n # http://www.freebsd.org/ports/portaudit/51f84e28-444e-11e2-8306-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72d67163\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<23.0.1271.97\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T03:00:33", "bulletinFamily": "scanner", "description": " - Update to 25.0.1362\n\n - Security fixes (bnc#794075) :\n\n - CVE-2012-5139: Use-after-free with visibility events\n\n - CVE-2012-5140: Use-after-free in URL loader\n\n - CVE-2012-5141: Limit Chromoting client plug-in\n instantiation.\n\n - CVE-2012-5142: Crash in history navigation.\n\n - CVE-2012-5143: Integer overflow in PPAPI image buffers\n\n - CVE-2012-5144: Stack corruption in AAC decoding\n\n - Fixed garbled header and footer text in print preview.\n [Issue: 152893]\n\n - Fixed extension action badges with long text. [Issue:\n 160069]\n\n - Disable find if constrained window is shown. [Issue:\n 156969]\n\n - Enable fullscreen for apps windows. [Issue: 161246]\n\n - Fixed broken profile with system-wide installation and\n UserDataDir & DiskCacheDir policy. [Issue: 161336]\n\n - Fixed stability crashes like 158747, 159437, 149139,\n 160914, 160401, 161858, 158747, 156878\n\n - Fixed graphical corruption in Dust. [Issue: 155258]\n\n - Fixed scrolling issue. [Issue: 163553]", "modified": "2019-11-02T00:00:00", "id": "OPENSUSE-2012-867.NASL", "href": "https://www.tenable.com/plugins/nessus/74848", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : chromium (openSUSE-SU-2012:1682-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-867.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74848);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:50:00\");\n\n script_cve_id(\"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\", \"CVE-2012-5143\", \"CVE-2012-5144\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-SU-2012:1682-1)\");\n script_summary(english:\"Check for the openSUSE-2012-867 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to 25.0.1362\n\n - Security fixes (bnc#794075) :\n\n - CVE-2012-5139: Use-after-free with visibility events\n\n - CVE-2012-5140: Use-after-free in URL loader\n\n - CVE-2012-5141: Limit Chromoting client plug-in\n instantiation.\n\n - CVE-2012-5142: Crash in history navigation.\n\n - CVE-2012-5143: Integer overflow in PPAPI image buffers\n\n - CVE-2012-5144: Stack corruption in AAC decoding\n\n - Fixed garbled header and footer text in print preview.\n [Issue: 152893]\n\n - Fixed extension action badges with long text. [Issue:\n 160069]\n\n - Disable find if constrained window is shown. [Issue:\n 156969]\n\n - Enable fullscreen for apps windows. [Issue: 161246]\n\n - Fixed broken profile with system-wide installation and\n UserDataDir & DiskCacheDir policy. [Issue: 161336]\n\n - Fixed stability crashes like 158747, 159437, 149139,\n 160914, 160401, 161858, 158747, 156878\n\n - Fixed graphical corruption in Dust. [Issue: 155258]\n\n - Fixed scrolling issue. [Issue: 163553]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=794075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-12/msg00045.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromedriver-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromedriver-debuginfo-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-debuginfo-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-debugsource-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-desktop-gnome-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-desktop-kde-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-ffmpegsumo-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-ffmpegsumo-debuginfo-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-suid-helper-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chromium-suid-helper-debuginfo-25.0.1362.0-1.47.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromedriver-25.0.1362.0-1.27.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromedriver-debuginfo-25.0.1362.0-1.27.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-25.0.1362.0-1.27.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-debuginfo-25.0.1362.0-1.27.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-debugsource-25.0.1362.0-1.27.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-desktop-gnome-25.0.1362.0-1.27.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-desktop-kde-25.0.1362.0-1.27.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-ffmpegsumo-25.0.1362.0-1.27.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-ffmpegsumo-debuginfo-25.0.1362.0-1.27.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-suid-helper-25.0.1362.0-1.27.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-suid-helper-debuginfo-25.0.1362.0-1.27.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:43:40", "bulletinFamily": "scanner", "description": "The version of Google Chrome installed on the remote host is earlier\nthan 23.0.1271.97 and is, therefore, affected by the following\nvulnerabilities :\n\n - Use-after-free errors exist related to visibility events\n and the URL loader. (CVE-2012-5139, CVE-2012-5140)\n\n - An unspecified error exists related to instantiation\n of the ", "modified": "2019-11-02T00:00:00", "id": "GOOGLE_CHROME_23_0_1271_97.NASL", "href": "https://www.tenable.com/plugins/nessus/63232", "published": "2012-12-12T00:00:00", "title": "Google Chrome < 23.0.1271.97 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63232);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/11/15 20:50:27\");\n\n script_cve_id(\n \"CVE-2012-5139\",\n \"CVE-2012-5140\",\n \"CVE-2012-5141\",\n \"CVE-2012-5142\",\n \"CVE-2012-5143\",\n \"CVE-2012-5144\",\n \"CVE-2012-5676\",\n \"CVE-2012-5677\",\n \"CVE-2012-5678\"\n );\n script_bugtraq_id(56892, 56896, 56898, 56903);\n\n script_name(english:\"Google Chrome < 23.0.1271.97 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version number of Google Chrome\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is earlier\nthan 23.0.1271.97 and is, therefore, affected by the following\nvulnerabilities :\n\n - Use-after-free errors exist related to visibility events\n and the URL loader. (CVE-2012-5139, CVE-2012-5140)\n\n - An unspecified error exists related to instantiation\n of the 'Chromoting' client plugin. (CVE-2012-5141)\n\n - An unspecified error exists related to history\n navigation that can lead to application crashes.\n (CVE-2012-5142)\n\n - An integer overflow error exists related to the 'PPAPI'\n image buffers. (CVE-2012-5143)\n\n - A stack corruption error exists related to 'AAC'\n decoding. (CVE-2012-5144)\n\n - The bundled version of Adobe Flash Player contains\n flaws that can lead to arbitrary code execution.\n (CVE-2012-5676, CVE-2012-5677, CVE-2012-5678)\n\nSuccessful exploitation of some of these issues could lead to an\napplication crash or even allow arbitrary code execution, subject to the\nuser's privileges.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-021/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-27.html\");\n # https://chromereleases.googleblog.com/2012/12/stable-channel-update.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?62fd45a9\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Google Chrome 23.0.1271.97 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\n\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\ngoogle_chrome_check_version(installs:installs, fix:'23.0.1271.97', severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:40:28", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201309-16\n(Chromium, V8: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and V8. Please\n review the CVE identifiers and release notes referenced below for\n details.\n \nImpact :\n\n A context-dependent attacker could entice a user to open a specially\n crafted website or JavaScript program using Chromium or V8, possibly\n resulting in the execution of arbitrary code with the privileges of the\n process or a Denial of Service condition. Furthermore, a remote attacker\n may be able to bypass security restrictions or have other, unspecified,\n impact.\n \nWorkaround :\n\n There is no known workaround at this time.", "modified": "2019-11-02T00:00:00", "id": "GENTOO_GLSA-201309-16.NASL", "href": "https://www.tenable.com/plugins/nessus/70112", "published": "2013-09-25T00:00:00", "title": "GLSA-201309-16 : Chromium, V8: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201309-16.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70112);\n script_version(\"1.26\");\n script_cvs_date(\"Date: 2018/07/12 15:01:52\");\n\n script_cve_id(\"CVE-2012-5116\", \"CVE-2012-5117\", \"CVE-2012-5118\", \"CVE-2012-5120\", \"CVE-2012-5121\", \"CVE-2012-5122\", \"CVE-2012-5123\", \"CVE-2012-5124\", \"CVE-2012-5125\", \"CVE-2012-5126\", \"CVE-2012-5127\", \"CVE-2012-5128\", \"CVE-2012-5130\", \"CVE-2012-5132\", \"CVE-2012-5133\", \"CVE-2012-5135\", \"CVE-2012-5136\", \"CVE-2012-5137\", \"CVE-2012-5138\", \"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\", \"CVE-2012-5143\", \"CVE-2012-5144\", \"CVE-2012-5145\", \"CVE-2012-5146\", \"CVE-2012-5147\", \"CVE-2012-5148\", \"CVE-2012-5149\", \"CVE-2012-5150\", \"CVE-2012-5151\", \"CVE-2012-5152\", \"CVE-2012-5153\", \"CVE-2012-5154\", \"CVE-2013-0828\", \"CVE-2013-0829\", \"CVE-2013-0830\", \"CVE-2013-0831\", \"CVE-2013-0832\", \"CVE-2013-0833\", \"CVE-2013-0834\", \"CVE-2013-0835\", \"CVE-2013-0836\", \"CVE-2013-0837\", \"CVE-2013-0838\", \"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\", \"CVE-2013-0879\", \"CVE-2013-0880\", \"CVE-2013-0881\", \"CVE-2013-0882\", \"CVE-2013-0883\", \"CVE-2013-0884\", \"CVE-2013-0885\", \"CVE-2013-0887\", \"CVE-2013-0888\", \"CVE-2013-0889\", \"CVE-2013-0890\", \"CVE-2013-0891\", \"CVE-2013-0892\", \"CVE-2013-0893\", \"CVE-2013-0894\", \"CVE-2013-0895\", \"CVE-2013-0896\", \"CVE-2013-0897\", \"CVE-2013-0898\", \"CVE-2013-0899\", \"CVE-2013-0900\", \"CVE-2013-0902\", \"CVE-2013-0903\", \"CVE-2013-0904\", \"CVE-2013-0905\", \"CVE-2013-0906\", \"CVE-2013-0907\", \"CVE-2013-0908\", \"CVE-2013-0909\", \"CVE-2013-0910\", \"CVE-2013-0911\", \"CVE-2013-0912\", \"CVE-2013-0916\", \"CVE-2013-0917\", \"CVE-2013-0918\", \"CVE-2013-0919\", \"CVE-2013-0920\", \"CVE-2013-0921\", \"CVE-2013-0922\", \"CVE-2013-0923\", \"CVE-2013-0924\", \"CVE-2013-0925\", \"CVE-2013-0926\", \"CVE-2013-2836\", \"CVE-2013-2837\", \"CVE-2013-2838\", \"CVE-2013-2839\", \"CVE-2013-2840\", \"CVE-2013-2841\", \"CVE-2013-2842\", \"CVE-2013-2843\", \"CVE-2013-2844\", \"CVE-2013-2845\", \"CVE-2013-2846\", \"CVE-2013-2847\", \"CVE-2013-2848\", \"CVE-2013-2849\", \"CVE-2013-2853\", \"CVE-2013-2855\", \"CVE-2013-2856\", \"CVE-2013-2857\", \"CVE-2013-2858\", \"CVE-2013-2859\", \"CVE-2013-2860\", \"CVE-2013-2861\", \"CVE-2013-2862\", \"CVE-2013-2863\", \"CVE-2013-2865\", \"CVE-2013-2867\", \"CVE-2013-2868\", \"CVE-2013-2869\", \"CVE-2013-2870\", \"CVE-2013-2871\", \"CVE-2013-2874\", \"CVE-2013-2875\", \"CVE-2013-2876\", \"CVE-2013-2877\", \"CVE-2013-2878\", \"CVE-2013-2879\", \"CVE-2013-2880\", \"CVE-2013-2881\", \"CVE-2013-2882\", \"CVE-2013-2883\", \"CVE-2013-2884\", \"CVE-2013-2885\", \"CVE-2013-2886\", \"CVE-2013-2887\", \"CVE-2013-2900\", \"CVE-2013-2901\", \"CVE-2013-2902\", \"CVE-2013-2903\", \"CVE-2013-2904\", \"CVE-2013-2905\");\n script_bugtraq_id(56413, 56684, 56741, 56903, 58318, 58388, 58723, 58724, 58725, 58727, 58728, 58729, 58730, 58731, 58732, 58733, 58734, 59326, 59327, 59328, 59330, 59331, 59332, 59334, 59336, 59337, 59338, 59339, 59340, 59342, 59343, 59344, 59345, 59346, 59347, 59349, 59351, 59413, 59414, 59415, 59416, 59417, 59418, 59419, 59420, 59422, 59423, 59425, 59427, 59428, 59429, 59430, 59431, 59433, 59435, 59436, 59437, 59438, 59515, 59516, 59518, 59520, 59521, 59522, 59523, 59524, 59680, 59681, 59682, 59683, 60062, 60063, 60064, 60065, 60066, 60067, 60068, 60069, 60070, 60071, 60072, 60073, 60074, 60076, 60395, 60396, 60397, 60398, 60399, 60400, 60401, 60403, 60404, 60405, 61046, 61047, 61049, 61050, 61051, 61052, 61054, 61055, 61057, 61059, 61060, 61061, 61547, 61548, 61549, 61550, 61551, 61552, 61885, 61886, 61887, 61888, 61889, 61890, 61891);\n script_xref(name:\"GLSA\", value:\"201309-16\");\n\n script_name(english:\"GLSA-201309-16 : Chromium, V8: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201309-16\n(Chromium, V8: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and V8. Please\n review the CVE identifiers and release notes referenced below for\n details.\n \nImpact :\n\n A context-dependent attacker could entice a user to open a specially\n crafted website or JavaScript program using Chromium or V8, possibly\n resulting in the execution of arbitrary code with the privileges of the\n process or a Denial of Service condition. Furthermore, a remote attacker\n may be able to bypass security restrictions or have other, unspecified,\n impact.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b9b0b08\"\n );\n # https://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f59319e\"\n );\n # https://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ee73f07e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201309-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-29.0.1457.57'\n All V8 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.18.5.14'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:v8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 29.0.1457.57\"), vulnerable:make_list(\"lt 29.0.1457.57\"))) flag++;\nif (qpkg_check(package:\"dev-lang/v8\", unaffected:make_list(\"ge 3.18.5.14\"), vulnerable:make_list(\"lt 3.18.5.14\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium / V8\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2018-10-06T23:01:44", "bulletinFamily": "info", "description": "It\u2019s Patch Tuesday, and not just for Microsoft and Adobe. Google also patched a number of security vulnerabilities in its Chrome browser today, including one critical flaw and three high-severity ones.\n\nThe most serious vulnerability that Google fixed in Chrome 23 is a crash in the browser\u2019s history navigation mechanism. That bug, which was discovered by Michal Zalewski of Google\u2019s internal security team, is the only critical vulnerability fixed in the newest version of Chrome. There also are three high-severity vulnerabilities repaired in this release, including two use-after-free bugs, both of which were discovered by Chamal de Silva.\n\nHere\u2019s the full list of flaws fixed in Chrome 23.0.1271.97:\n\n * ****[$1500] [[158204](<https://code.google.com/p/chromium/issues/detail?id=158204>)] High CVE-2012-5139: Use-after-free with visibility events. Credit to Chamal de Silva.****\n * **[$1000] [[159429](<https://code.google.com/p/chromium/issues/detail?id=159429>)] High CVE-2012-5140: Use-after-free in URL loader. Credit to Chamal de Silva.**\n * ****[[160456](<https://code.google.com/p/chromium/issues/detail?id=160456>)] Medium CVE-2012-5141: Limit Chromoting client plug-in instantiation. Credit to Google Chrome Security Team (J\u00fcri Aedla).****\n * ****[[160803](<https://code.google.com/p/chromium/issues/detail?id=160803>)] Critical CVE-2012-5142: Crash in history navigation. Credit to Michal Zalewski of Google Security Team.****\n * ****[[160926](<https://code.google.com/p/chromium/issues/detail?id=160926>)] Medium CVE-2012-5143: Integer overflow in PPAPI image buffers. Credit to Google Chrome Security Team (Cris Neckar).****\n * ****[$2000] [[161639](<https://code.google.com/p/chromium/issues/detail?id=161639>)] High CVE-2012-5144: Stack corruption in AAC decoding. Credit to pawlkt.****\n", "modified": "2013-04-17T16:31:06", "published": "2012-12-11T20:45:25", "id": "THREATPOST:0A2B48F22F6C20D48FC4FF60BF273E57", "href": "https://threatpost.com/critical-vulnerability-fixed-chrome-23-121112/77304/", "type": "threatpost", "title": "Critical Vulnerability Fixed in Chrome 23", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:03", "bulletinFamily": "unix", "description": "### Background\n\nChromium is an open-source web browser project. V8 is Google\u2019s open source JavaScript engine. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. \n\n### Impact\n\nA context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass security restrictions or have other, unspecified, impact. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-29.0.1457.57\"\n \n\nAll V8 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/v8-3.18.5.14\"", "modified": "2013-09-25T00:00:00", "published": "2013-09-24T00:00:00", "id": "GLSA-201309-16", "href": "https://security.gentoo.org/glsa/201309-16", "type": "gentoo", "title": "Chromium, V8: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
