The version of Google Chrome installed on the remote Windows host is prior to 65.0.3325.146. It is, therefore, affected by a multiple unspecified vulnerabilities as noted in Chrome stable channel update release notes for March 6th, 2018. Please refer to the release notes for additional information.
Note that Nessus has not attempted to exploit these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(107220);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/06/08");
script_cve_id(
"CVE-2017-11215",
"CVE-2017-11225",
"CVE-2018-6057",
"CVE-2018-6060",
"CVE-2018-6061",
"CVE-2018-6062",
"CVE-2018-6063",
"CVE-2018-6064",
"CVE-2018-6065",
"CVE-2018-6066",
"CVE-2018-6067",
"CVE-2018-6068",
"CVE-2018-6069",
"CVE-2018-6070",
"CVE-2018-6071",
"CVE-2018-6072",
"CVE-2018-6073",
"CVE-2018-6074",
"CVE-2018-6075",
"CVE-2018-6076",
"CVE-2018-6077",
"CVE-2018-6078",
"CVE-2018-6079",
"CVE-2018-6080",
"CVE-2018-6081",
"CVE-2018-6082",
"CVE-2018-6083"
);
script_bugtraq_id(101837);
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/22");
script_name(english:"Google Chrome < 65.0.3325.146 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"A web browser installed on the remote Windows host is affected by
multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote Windows host is
prior to 65.0.3325.146. It is, therefore, affected by a multiple
unspecified vulnerabilities as noted in Chrome stable channel update
release notes for March 6th, 2018. Please refer to the release notes
for additional information.
Note that Nessus has not attempted to exploit these issues but has
instead relied only on the application's self-reported version number.");
# https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?68129919");
script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome version 65.0.3325.146 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-11225");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/06");
script_set_attribute(attribute:"patch_publication_date", value:"2018/03/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("google_chrome_installed.nasl");
script_require_keys("SMB/Google_Chrome/Installed");
exit(0);
}
include("google_chrome_version.inc");
get_kb_item_or_exit("SMB/Google_Chrome/Installed");
installs = get_kb_list("SMB/Google_Chrome/*");
google_chrome_check_version(installs:installs, fix:'65.0.3325.146', severity:SECURITY_HOLE);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11215
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11225
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6057
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6060
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6061
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6063
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6064
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6065
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6066
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6067
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6068
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6070
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6071
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6072
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6073
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6074
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6075
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6076
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6077
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6078
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6079
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6080
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6081
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6082
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6083
www.nessus.org/u?68129919