CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
91.6%
The version of Google Chrome installed on the remote host is earlier than 12.0.742.91. Such versions of Chrome are affected by multiple vulnerabilities:
Use-after-free errors exist in the handling of float variables, accessibility functionality, developer tools and an image loader. (Issues #73962, #79746, #75496, #80358, #81949)
An information disclosure vulnerability exists that can leak browser history via CSS. (Issue #75643)
An unspecified error exists related to handling many form submissions. (Issue #76034)
An unspecified extensions permissions bypass vulnerability exists. (Issue #77026)
An unspecified error in the extensions framework can leave stale pointers behind. (Issue #78516).
An unspecified error can lead to a read of an uninitialized pointer. (Issue #79362)
An extension can inject script into a new tab page or into the browser chrome. (Issues #79862, #83010)
An unspecified error exists which can corrupt memory when the browser history is deleted. (Issue #81916)
Errors exist that allow the same origin policy to be bypassed in ‘v8’ and ‘DOM’. (Issues #83275, #83743)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(54989);
script_version("1.14");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");
script_cve_id(
"CVE-2011-1808",
"CVE-2011-1809",
"CVE-2011-1810",
"CVE-2011-1811",
"CVE-2011-1812",
"CVE-2011-1813",
"CVE-2011-1814",
"CVE-2011-1815",
"CVE-2011-1816",
"CVE-2011-1817",
"CVE-2011-1818",
"CVE-2011-1819",
"CVE-2011-2332",
"CVE-2011-2342"
);
script_bugtraq_id(48129);
script_name(english:"Google Chrome < 12.0.742.91 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"The remote host contains a web browser that is affected by multiple
vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote host is earlier
than 12.0.742.91. Such versions of Chrome are affected by multiple
vulnerabilities:
- Use-after-free errors exist in the handling of float
variables, accessibility functionality, developer
tools and an image loader. (Issues #73962, #79746,
#75496, #80358, #81949)
- An information disclosure vulnerability exists that
can leak browser history via CSS. (Issue #75643)
- An unspecified error exists related to handling
many form submissions. (Issue #76034)
- An unspecified extensions permissions bypass
vulnerability exists. (Issue #77026)
- An unspecified error in the extensions framework can
leave stale pointers behind. (Issue #78516).
- An unspecified error can lead to a read of an
uninitialized pointer. (Issue #79362)
- An extension can inject script into a new tab page or
into the browser chrome. (Issues #79862, #83010)
- An unspecified error exists which can corrupt memory
when the browser history is deleted. (Issue #81916)
- Errors exist that allow the same origin policy to be
bypassed in 'v8' and 'DOM'. (Issues #83275, #83743)");
# https://chromereleases.googleblog.com/2011/06/chrome-stable-release.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?133b7552");
script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome 12.0.742.91 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/07");
script_set_attribute(attribute:"patch_publication_date", value:"2011/06/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2011-2022 Tenable Network Security, Inc.");
script_dependencies("google_chrome_installed.nasl");
script_require_keys("SMB/Google_Chrome/Installed");
exit(0);
}
include("google_chrome_version.inc");
get_kb_item_or_exit("SMB/Google_Chrome/Installed");
installs = get_kb_list("SMB/Google_Chrome/*");
google_chrome_check_version(installs:installs, fix:'12.0.742.91', severity:SECURITY_HOLE);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1809
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1812
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1813
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1816
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1817
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1818
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1819
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2332
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2342
www.nessus.org/u?133b7552