Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_GOOGLE_CHROME_38_0_2125_122.NASL
HistoryNov 12, 2014 - 12:00 a.m.

Google Chrome < 38.0.2125.122 Multiple Vulnerabilities (Mac OS X)

2014-11-1200:00:00
This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
33
JSON

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 38.0.2125.122. It is, therefore, affected by the following vulnerabilities due to the version of Adobe Flash bundled with the application :

  • Multiple memory corruption vulnerabilities allow an attacker to execute arbitrary code. (CVE-2014-0576, CVE-2014-0581, CVE-2014-8440, CVE-2014-8441)

  • Multiple use-after-free vulnerabilities could result in arbitrary code execution. (CVE-2014-0573, CVE-2014-0588, CVE-2014-8438, CVE-2014-0574)

  • Multiple type confusion vulnerabilities could result in arbitrary code execution. (CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0590)

  • Multiple heap-based buffer overflow vulnerabilities can be exploited to execute arbitrary code or elevate privileges. (CVE-2014-0583, CVE-2014-0582, CVE-2014-0589)

  • A permission issue that allows a remote attacker to gain elevated privileges. (CVE-2014-8442)

  • An information disclosure vulnerability can be exploited to disclose secret session tokens. (CVE-2014-8437)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(79144);
  script_version("1.10");
  script_cvs_date("Date: 2019/11/25");

  script_cve_id(
    "CVE-2014-0573",
    "CVE-2014-0574",
    "CVE-2014-0576",
    "CVE-2014-0577",
    "CVE-2014-0581",
    "CVE-2014-0582",
    "CVE-2014-0583",
    "CVE-2014-0584",
    "CVE-2014-0585",
    "CVE-2014-0586",
    "CVE-2014-0588",
    "CVE-2014-0589",
    "CVE-2014-0590",
    "CVE-2014-8437",
    "CVE-2014-8438",
    "CVE-2014-8440",
    "CVE-2014-8441",
    "CVE-2014-8442"
  );
  script_bugtraq_id(
    71033,
    71035,
    71036,
    71037,
    71038,
    71039,
    71040,
    71041,
    71042,
    71043,
    71044,
    71045,
    71046,
    71047,
    71048,
    71049,
    71050,
    71051
  );

  script_name(english:"Google Chrome < 38.0.2125.122 Multiple Vulnerabilities (Mac OS X)");
  script_summary(english:"Checks the version number of Google Chrome.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Mac OS X host contains a web browser that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote Mac OS X host is
a version prior to 38.0.2125.122. It is, therefore, affected by the
following vulnerabilities due to the version of Adobe Flash bundled
with the application :

  - Multiple memory corruption vulnerabilities allow an
    attacker to execute arbitrary code. (CVE-2014-0576,
    CVE-2014-0581, CVE-2014-8440, CVE-2014-8441)

  - Multiple use-after-free vulnerabilities could result in
    arbitrary code execution. (CVE-2014-0573, CVE-2014-0588,
    CVE-2014-8438, CVE-2014-0574)

  - Multiple type confusion vulnerabilities could result in
    arbitrary code execution. (CVE-2014-0577, CVE-2014-0584,
    CVE-2014-0585, CVE-2014-0586, CVE-2014-0590)

  - Multiple heap-based buffer overflow vulnerabilities can
    be exploited to execute arbitrary code or elevate
    privileges. (CVE-2014-0583, CVE-2014-0582,
    CVE-2014-0589)

  - A permission issue that allows a remote attacker to gain
    elevated privileges. (CVE-2014-8442)

  - An information disclosure vulnerability can be exploited
    to disclose secret session tokens. (CVE-2014-8437)");
  # http://googlechromereleases.blogspot.com/2014/11/stable-channel-update.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fb7317d6");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome 38.0.2125.122 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-8441");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/11/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/11/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_google_chrome_installed.nbin");
  script_require_keys("MacOSX/Google Chrome/Installed");

  exit(0);
}

include("google_chrome_version.inc");

get_kb_item_or_exit("MacOSX/Google Chrome/Installed");

google_chrome_check_version(fix:'38.0.2125.122', severity:SECURITY_HOLE, xss:FALSE);
VendorProductVersionCPE
googlechromecpe:/a:google:chrome

References

Related

nessus 18
suse 4
openvas 9
archlinux 1
redhat 1
mageia 1
gentoo 1
cvelist 18
cve 18
prion 18
ubuntucve 18
checkpoint_advisories 15
threatpost 6
zdt 1
metasploit 1
packetstorm 1
hackerone 2
symantec 3
exploitdb 1
thn 1
freebsd 1
chrome 1
nessus
nessus
SuSE 11.3 Security Update : flash-player (SAT Patch Number 9958)
2014-11-18 00:00:00
RHEL 5 / 6 : flash-plugin (RHSA-2014:1852)
2014-11-13 00:00:00
Adobe AIR <= 15.0.0.293 Multiple Vulnerabilities (APSB14-24)
2014-11-12 00:00:00
suse
suse
Security update for flash-player (important)
2014-11-18 12:04:40
Security update for flash-player (important)
2014-11-18 01:05:27
Security update for Adobe Flash Player (important)
2015-04-16 13:04:48
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities (APSB14-24) - Linux
2014-11-14 00:00:00
Adobe AIR Multiple Vulnerabilities (APSB14-24) - Windows
2014-11-14 00:00:00
Adobe Flash Player Multiple Vulnerabilities (APSB14-24) - Mac OS X
2014-11-14 00:00:00
archlinux
archlinux
flashplugin: remote code execution
2014-11-13 00:00:00
redhat
redhat
(RHSA-2014:1852) Critical: flash-plugin security update
2014-11-13 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix multiple security vulnerabilities
2014-11-14 04:27:45
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-11-21 00:00:00
cvelist
cvelist
CVE-2014-0585
2014-11-11 23:00:00
CVE-2014-0586
2014-11-11 23:00:00
CVE-2014-0590
2014-11-11 23:00:00
cve
cve
CVE-2014-0586
2014-11-11 23:55:00
CVE-2014-0584
2014-11-11 23:55:00
CVE-2014-0585
2014-11-11 23:55:00
prion
prion
Type confusion
2014-11-11 23:55:00
Type confusion
2014-11-11 23:55:00
Type confusion
2014-11-11 23:55:00
ubuntucve
ubuntucve
CVE-2014-0577
2014-11-11 00:00:00
CVE-2014-0590
2014-11-11 00:00:00
CVE-2014-0586
2014-11-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Use After Free Code Execution (APSB14-24: CVE-2014-8438)
2015-01-25 00:00:00
Adobe Flash Player Memory Corruption (APSB14-24: CVE-2014-8440)
2014-12-10 00:00:00
Adobe Flash Player Heap Buffer Overflow (APSB14-24: CVE-2014-0589)
2015-02-03 00:00:00
threatpost
threatpost
Exploit for Flash Zero Day Appears in Angler Exploit Kit
2015-01-21 11:53:31
Drupal Denial of Service Session Hijacking Patch
2014-11-20 10:03:05
Citadel Variant Targets Password Managers
2014-11-19 14:54:34
zdt
zdt
Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory Exploit
2015-05-01 00:00:00
metasploit
metasploit
Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory
2015-04-29 22:52:04
packetstorm
packetstorm
Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory
2015-05-01 00:00:00
hackerone
hackerone
Internet Bug Bounty: Adobe Flash Player MP4 Use-After-Free Vulnerability
2014-11-17 06:20:07
Internet Bug Bounty: Race condition in Flash workers may cause an exploitabl​e double free
2014-11-24 08:10:24
symantec
symantec
Adobe Flash Player and AIR CVE-2014-8440 Unspecified Memory Corruption Vulnerability
2014-11-11 00:00:00
Adobe Flash Player and AIR CVE-2014-0577 Type Confusion Remote Code Execution Vulnerability
2014-11-11 00:00:00
Adobe Flash Player and AIR CVE-2014-0588 Use After Free Remote Code Execution Vulnerability
2014-11-11 00:00:00
exploitdb
exploitdb
Adobe Flash Player - UncompressViaZlibVariant Uninitialized Memory (Metasploit)
2015-05-01 00:00:00
thn
thn
Adobe Releases Emergency Flash Player Update to Address Critical Vulnerability
2014-11-25 21:27:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2014-11-18 00:00:00
chrome
chrome
Stable Channel Update
2014-11-18 00:00:00
JSON
Related for MACOSX_GOOGLE_CHROME_38_0_2125_122.NASL
nessus18suse4openvas9archlinux1redhat1mageia1gentoo1cvelist18cve18prion18ubuntucve18checkpoint_advisories15threatpost6zdt1metasploit1packetstorm1hackerone2symantec3exploitdb1thn1freebsd1chrome1