Lucene search
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.GOOGLE_CHROME_94_0_4606_81.NASLHistoryOct 07, 2021 - 12:00 a.m.
Google Chrome < 94.0.4606.81 Multiple Vulnerabilities
2021-10-0700:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
43
8.8 High
AI Score
Confidence
High
The version of Google Chrome installed on the remote Windows host is prior to 94.0.4606.81. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop advisory.
-
heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37979)
-
Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)
-
Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)
-
Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows. (CVE-2021-37980)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(153931);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/28");
script_cve_id(
"CVE-2021-37977",
"CVE-2021-37978",
"CVE-2021-37979",
"CVE-2021-37980"
);
script_xref(name:"IAVA", value:"2021-A-0459-S");
script_name(english:"Google Chrome < 94.0.4606.81 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote Windows host is prior to 94.0.4606.81. It is, therefore, affected
by multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop advisory.
- heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who
convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted
HTML page. (CVE-2021-37979)
- Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to
potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)
- Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to
potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)
- Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker
to potentially bypass site isolation via Windows. (CVE-2021-37980)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7bd0fdf5");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1252878");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1236318");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1247260");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1254631");
script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome version 94.0.4606.81 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-37979");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/10/07");
script_set_attribute(attribute:"patch_publication_date", value:"2021/10/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/10/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
script_set_attribute(attribute:"stig_severity", value:"I");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("google_chrome_installed.nasl");
script_require_keys("SMB/Google_Chrome/Installed");
exit(0);
}
include('google_chrome_version.inc');
get_kb_item_or_exit('SMB/Google_Chrome/Installed');
var installs = get_kb_list('SMB/Google_Chrome/*');
google_chrome_check_version(installs:installs, fix:'94.0.4606.81', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37977
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37978
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37979
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37980
www.nessus.org/u?7bd0fdf5
crbug.com/1236318
crbug.com/1247260
crbug.com/1252878
crbug.com/1254631
Related
nessus
nessus
FreeBSD : chromium -- multiple vulnerabilities (7d3d94d3-2810-11ec-9c51-3065ec8fd3ec)
2021-10-11 00:00:00
Microsoft Edge (Chromium) < 94.0.992.47 Multiple Vulnerabilities
2021-10-11 00:00:00
Google Chrome < 94.0.4606.81 Multiple Vulnerabilities
2021-10-07 00:00:00
openvas
openvas
kaspersky
kaspersky
KLA12307 Multiple vulnerabilities in Microsoft Browser
2021-10-11 00:00:00
KLA12306 Multiple vulnerabilities in Google Chrome
2021-09-08 00:00:00
KLA12334 Multiple vulnerabilities in Opera
2021-10-21 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2021-10-07 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2021-10-07 00:00:00
archlinux
archlinux
[ASA-202110-8] opera: multiple issues
2021-10-29 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: chromium-94.0.4606.81-1.fc33
2021-11-04 01:24:01
[SECURITY] Fedora 34 Update: chromium-94.0.4606.81-1.fc34
2021-10-15 19:23:21
[SECURITY] Fedora 35 Update: chromium-94.0.4606.81-1.fc35
2021-10-29 23:26:34
suse
suse
Security update for opera (important)
2021-11-01 00:00:00
Security update for opera (important)
2021-11-01 00:00:00
Security update for chromium (important)
2021-10-12 00:00:00
cve
cve
mscve
mscve
Chromium: CVE-2021-37977 Use after free in Garbage Collection
2021-10-11 07:00:00
Chromium: CVE-2021-37980 Inappropriate implementation in Sandbox
2021-10-11 07:00:00
Chromium: CVE-2021-37979 Heap buffer overflow in WebRTC
2021-10-11 07:00:00
cnvd
cnvd
Google Chrome Post-release Reuse Vulnerability (CNVD-2021-84819)
2021-10-09 00:00:00
Google Chrome Heap Buffer Overflow Vulnerability (CNVD-2021-84817)
2021-10-09 00:00:00
alpinelinux
alpinelinux
debiancve
debiancve
ubuntucve
ubuntucve
prion
prion
Design/Logic Flaw
2021-11-02 21:15:00
Heap overflow
2021-11-02 21:15:00
Heap overflow
2021-11-02 21:15:00
veracode
veracode
Denial Of Service (DoS)
2021-10-20 02:39:41
Denial Of Service (DoS)
2021-10-20 02:39:55
Use After Free
2021-11-23 02:45:41
talos
talos
mageia
mageia
Updated qtwebengine5 packages fix security vulnerability
2022-02-05 23:23:13
rapid7blog
rapid7blog
Patch Tuesday - October 2021
2021-10-12 19:47:16
debian
debian
[SECURITY] [DSA 5046-1] chromium security update
2022-01-14 19:31:45
osv
osv
chromium - security update
2022-01-14 00:00:00
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2022-01-31 00:00:00