Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_GOOGLE_CHROME_37_0_2062_94.NASL
HistoryAug 27, 2014 - 12:00 a.m.

Google Chrome < 37.0.2062.94 Multiple Vulnerabilities (Mac OS X)

2014-08-2700:00:00
This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 37.0.2062.94. It is, therefore, affected by the following vulnerabilities :

  • Blink contains a use-after-free vulnerability in its SVG implementation. By using a specially crafted web page, a remote attacker can cause a denial of service or execute arbitrary code. (CVE-2014-3168)

  • Blink contains a use-after-free vulnerability in its DOM implementation. By using a specially crafted web page, a remote attacker can cause a denial of service or execute arbitrary code. (CVE-2014-3169)

  • A flaw exists in the ‘url_pattern.cc’ file that does not prevent the use of NULL characters ‘\0’ in a host name.
    A remote attacker can use this to spoof the extension permission dialogue by relying on truncation after this character. (CVE-2014-3170)

  • Blink contains a use-after-free vulnerability in its V8 bindings. By using improper HashMap add operations, a remote attacker can cause a denial of service or execute arbitrary code. (CVE-2014-3171)

  • The Debugger extension API does not properly a validate a tab’s URL before attaching. A remote attacker can therefore bypass access limitations by means of an extension that uses a restricted URL. (CVE-2014-3172)

  • A flaw exists in the WebGL implementation where clear calls do not interact properly with the draw buffer. By using a specially crafted CANVAS element, a remote attacker can cause a denial of service. (CVE-2014-3173)

  • A flaw exists in the Blink Web Audio API implementation in how it updates biquad filter coefficients when there are concurrent threads. By using specially crafted API calls, a remote attacker can cause a denial of service.
    (CVE-2014-3174)

  • Flaws exist in the ‘load_truetype_glyph’ function and other unspecified functions which can be exploited by a remote attacker to cause a denial of service or other impact. (CVE-2014-3175)

  • Flaws exist related to the interaction of the IPC, Sync API, and V8 extensions. A remote attacker can exploit these to bypass the sandbox and execute arbitrary code.
    (CVE-2014-3176, CVE-2014-3177)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(77410);
  script_version("1.6");
  script_cvs_date("Date: 2019/11/25");

  script_cve_id(
    "CVE-2014-3168",
    "CVE-2014-3169",
    "CVE-2014-3170",
    "CVE-2014-3171",
    "CVE-2014-3172",
    "CVE-2014-3173",
    "CVE-2014-3174",
    "CVE-2014-3175",
    "CVE-2014-3176",
    "CVE-2014-3177"
  );
  script_bugtraq_id(
    69398,
    69400,
    69401,
    69402,
    69403,
    69404,
    69405,
    69406,
    69407
  );

  script_name(english:"Google Chrome < 37.0.2062.94 Multiple Vulnerabilities (Mac OS X)");
  script_summary(english:"Checks the version number of Google Chrome.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Mac OS X host contains a web browser that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote Mac OS X host is
a version prior to 37.0.2062.94. It is, therefore, affected by the
following vulnerabilities :

  - Blink contains a use-after-free vulnerability in its SVG
    implementation. By using a specially crafted web page, a
    remote attacker can cause a denial of service or execute
    arbitrary code. (CVE-2014-3168)

  - Blink contains a use-after-free vulnerability in its DOM
    implementation. By using a specially crafted web page, a
    remote attacker can cause a denial of service or execute
    arbitrary code. (CVE-2014-3169)

  - A flaw exists in the 'url_pattern.cc' file that does not
    prevent the use of NULL characters '\0' in a host name.
    A remote attacker can use this to spoof the extension
    permission dialogue by relying on truncation after this
    character. (CVE-2014-3170)

  - Blink contains a use-after-free vulnerability in its V8
    bindings. By using improper HashMap add operations, a
    remote attacker can cause a denial of service or execute
    arbitrary code. (CVE-2014-3171)

  - The Debugger extension API does not properly a validate
    a tab's URL before attaching. A remote attacker can
    therefore bypass access limitations by means of an
    extension that uses a restricted URL. (CVE-2014-3172)

  - A flaw exists in the WebGL implementation where clear
    calls do not interact properly with the draw buffer. By
    using a specially crafted CANVAS element, a remote
    attacker can cause a denial of service. (CVE-2014-3173)

  - A flaw exists in the Blink Web Audio API implementation
    in how it updates biquad filter coefficients when there
    are concurrent threads. By using specially crafted API
    calls, a remote attacker can cause a denial of service.
    (CVE-2014-3174)

  - Flaws exist in the 'load_truetype_glyph' function and
    other unspecified functions which can be exploited by a
    remote attacker to cause a denial of service or other
    impact. (CVE-2014-3175)

  - Flaws exist related to the interaction of the IPC, Sync
    API, and V8 extensions. A remote attacker can exploit
    these to bypass the sandbox and execute arbitrary code.
    (CVE-2014-3176, CVE-2014-3177)");
  # http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bc0adbf3");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome 37.0.2062.94 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-3177");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/08/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/08/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_google_chrome_installed.nbin");
  script_require_keys("MacOSX/Google Chrome/Installed");

  exit(0);
}

include("google_chrome_version.inc");

get_kb_item_or_exit("MacOSX/Google Chrome/Installed");

google_chrome_check_version(fix:'37.0.2062.94', severity:SECURITY_HOLE, xss:FALSE);
VendorProductVersionCPE
googlechromecpe:/a:google:chrome

Related

nessus 7
chrome 2
openvas 8
freebsd 1
suse 1
threatpost 1
ubuntu 1
securityvulns 2
debian 2
osv 1
prion 10
cve 10
ubuntucve 10
debiancve 10
gentoo 1
nessus
nessus
openSUSE Security Update : chromium (openSUSE-SU-2014:1151-1)
2014-09-23 00:00:00
Google Chrome < 37.0.2062.94 Multiple Vulnerabilities
2014-08-27 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (fd5f305d-2d3d-11e4-aa3d-00262d5ed8ee)
2014-08-27 00:00:00
chrome
chrome
Stable Channel Update
2014-08-26 00:00:00
Stable Channel Update for Chrome OS
2014-09-03 00:00:00
openvas
openvas
Google Chrome Multiple Vulnerabilities - 01 (Sep 2014) - Linux
2014-09-11 00:00:00
Google Chrome Multiple Vulnerabilities - 01 (Sep 2014) - Mac OS X
2014-09-11 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2014:1151-1)
2014-09-23 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2014-08-26 00:00:00
suse
suse
chromium to 37.0.2062.94 (important)
2014-09-22 15:04:25
threatpost
threatpost
50 Security Flaws Fixed in Google Chrome
2014-08-26 10:40:00
ubuntu
ubuntu
Oxide vulnerabilities
2014-09-02 00:00:00
securityvulns
securityvulns
Google Chrome / Chromium multiple security vulnerabilities
2014-10-05 00:00:00
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-10-05 00:00:00
debian
debian
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-09-28 19:24:48
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-09-28 18:48:40
osv
osv
chromium-browser - security update
2014-09-28 00:00:00
prion
prion
Code injection
2014-08-27 01:55:00
Code injection
2014-08-27 01:55:00
Design/Logic Flaw
2014-08-27 01:55:00
cve
cve
CVE-2014-3176
2014-08-27 01:55:00
CVE-2014-3177
2014-08-27 01:55:00
CVE-2014-3175
2014-08-27 01:55:00
ubuntucve
ubuntucve
CVE-2014-3177
2014-08-27 00:00:00
CVE-2014-3176
2014-08-27 00:00:00
CVE-2014-3172
2014-08-27 00:00:00
debiancve
debiancve
CVE-2014-3176
2014-08-27 01:55:00
CVE-2014-3177
2014-08-27 01:55:00
CVE-2014-3175
2014-08-27 01:55:00
gentoo
gentoo
Chromium: Multiple vulnerabilities
2014-08-30 00:00:00
JSON
Related for MACOSX_GOOGLE_CHROME_37_0_2062_94.NASL
nessus7chrome2openvas8freebsd1suse1threatpost1ubuntu1securityvulns2debian2osv1prion10cve10ubuntucve10debiancve10gentoo1