Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_GOOGLE_CHROME_42_0_2311_152.NASL
HistoryMay 12, 2015 - 12:00 a.m.

Google Chrome < 42.0.2311.152 Multiple Vulnerabilities (Mac OS X)

2015-05-1200:00:00
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
JSON

The version of Google Chrome installed on the remote Mac OS X host is prior to 42.0.2311.152. It is, therefore, affected by multiple vulnerabilities related to Adobe Flash :

  • An unspecified security bypass flaw exists that allows an attacker to disclose sensitive information.
    (CVE-2015-3044)

  • Multiple unspecified type confusion flaws exist that allow an attacker to execute arbitrary code.
    (CVE-2015-3077, CVE-2015-3084, CVE-2015-3086)

  • Multiple memory corruption flaws exist due to improper validation of user-supplied input. A remote attacker can exploit these flaws, via specially crafted flash content, to corrupt memory and execute arbitrary code.
    (CVE-2015-3078, CVE-2015-3089, CVE-2015-3090, CVE-2015-3093)

  • An unspecified security bypass exists that allows a context-dependent attacker to disclose sensitive information. (CVE-2015-3079)

  • An unspecified use-after-free error exists that allows an attacker to execute arbitrary code. (CVE-2015-3080)

  • Multiple validation bypass vulnerabilities exists that allow an attacker to lead to write arbitrary data to the file system. (CVE-2015-3082, CVE-2015-3083, CVE-2015-3085)

  • An integer overflow condition exists due to improper validation of user-supplied input. This allows a context-dependent attacker to execute arbitrary code.
    (CVE-2015-3087)

  • A heap-based buffer overflow condition exists due to improper validation of user-supplied input. A remote attacker can exploit this to execute arbitrary code.
    (CVE-2015-3088)

  • Multiple unspecified memory leaks exist that allow an attacker to bypass the Address Space Layout Randomization (ASLR) feature. (CVE-2015-3091, CVE-2015-3092)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(83368);
  script_version("1.15");
  script_cvs_date("Date: 2019/11/22");

  script_cve_id(
    "CVE-2015-3044",
    "CVE-2015-3077",
    "CVE-2015-3078",
    "CVE-2015-3079",
    "CVE-2015-3080",
    "CVE-2015-3082",
    "CVE-2015-3083",
    "CVE-2015-3084",
    "CVE-2015-3085",
    "CVE-2015-3086",
    "CVE-2015-3087",
    "CVE-2015-3088",
    "CVE-2015-3089",
    "CVE-2015-3090",
    "CVE-2015-3091",
    "CVE-2015-3092",
    "CVE-2015-3093"
  );
  script_bugtraq_id(
    74605,
    74608,
    74609,
    74610,
    74612,
    74614,
    74616,
    74617
  );

  script_name(english:"Google Chrome < 42.0.2311.152 Multiple Vulnerabilities (Mac OS X)");
  script_summary(english:"Checks the version number of Google Chrome.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Mac OS X host contains a web browser that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote Mac OS X host is
prior to 42.0.2311.152. It is, therefore, affected by multiple
vulnerabilities related to Adobe Flash :

  - An unspecified security bypass flaw exists that allows
    an attacker to disclose sensitive information.
    (CVE-2015-3044)

  - Multiple unspecified type confusion flaws exist that
    allow an attacker to execute arbitrary code.
    (CVE-2015-3077, CVE-2015-3084, CVE-2015-3086)

  - Multiple memory corruption flaws exist due to improper
    validation of user-supplied input. A remote attacker can
    exploit these flaws, via specially crafted flash
    content, to corrupt memory and execute arbitrary code.
    (CVE-2015-3078, CVE-2015-3089, CVE-2015-3090,
    CVE-2015-3093)

  - An unspecified security bypass exists that allows a
    context-dependent attacker to disclose sensitive
    information. (CVE-2015-3079)

  - An unspecified use-after-free error exists that allows
    an attacker to execute arbitrary code. (CVE-2015-3080)

  - Multiple validation bypass vulnerabilities exists that
    allow an attacker to lead to write arbitrary data to the
    file system. (CVE-2015-3082, CVE-2015-3083,
    CVE-2015-3085)

  - An integer overflow condition exists due to improper
    validation of user-supplied input. This allows a
    context-dependent attacker to execute arbitrary code.
    (CVE-2015-3087)

  - A heap-based buffer overflow condition exists due to
    improper validation of user-supplied input. A remote
    attacker can exploit this to execute arbitrary code.
    (CVE-2015-3088)

  - Multiple unspecified memory leaks exist that allow an
    attacker to bypass the Address Space Layout
    Randomization (ASLR) feature. (CVE-2015-3091,
    CVE-2015-3092)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.");
  # http://googlechromereleases.blogspot.com/2015/05/stable-channel-update.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7417f6c2");
  script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/flash-player/apsb15-09.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome 42.0.2311.152 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-3093");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player ShaderJob Buffer Overflow');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/05/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/05/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_google_chrome_installed.nbin");
  script_require_keys("MacOSX/Google Chrome/Installed");

  exit(0);
}

include("google_chrome_version.inc");

get_kb_item_or_exit("MacOSX/Google Chrome/Installed");

google_chrome_check_version(fix:'42.0.2311.152', severity:SECURITY_HOLE);
VendorProductVersionCPE
googlechromecpe:/a:google:chrome

References

Related

nessus 27
redhat 2
openvas 15
suse 7
securityvulns 1
altlinux 4
mageia 2
freebsd 2
gentoo 2
kaspersky 2
ubuntucve 17
cve 17
prion 17
checkpoint_advisories 16
hackerone 2
zdt 6
zdi 1
googleprojectzero 2
packetstorm 1
metasploit 1
exploitdb 1
threatpost 1
archlinux 1
nessus
nessus
Google Chrome < 42.0.2311.152 Multiple Vulnerabilities
2015-06-16 00:00:00
Google Chrome < 42.0.2311.152 Multiple Vulnerabilities
2015-05-12 00:00:00
RHEL 5 / 6 : flash-plugin (RHSA-2015:1005)
2015-05-13 00:00:00
redhat
redhat
(RHSA-2015:1005) Critical: flash-plugin security update
2015-05-13 00:00:00
(RHSA-2015:0813) Critical: flash-plugin security update
2015-04-15 00:00:00
openvas
openvas
Adobe Air Multiple Vulnerabilities - 01 (May 2015) - Mac OS X
2015-05-15 00:00:00
Adobe Flash Player Multiple Vulnerabilities - 01 (May 2015) - Linux
2015-05-15 00:00:00
Adobe Flash Player Multiple Vulnerabilities - 01 (May 2015) - Mac OS X
2015-05-15 00:00:00
suse
suse
Security update for flash-player (important)
2015-05-16 00:05:04
Security update for flash-player (important)
2015-05-14 20:04:55
Security update for flash-player (important)
2015-05-19 17:04:53
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2015-05-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt44
2015-05-15 00:00:00
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt44
2015-05-15 00:00:00
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt43
2015-04-15 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix security vulnerabilities
2015-05-12 22:37:48
Updated flash-player-plugin packages fix security vulnerabilities
2015-04-15 12:01:28
freebsd
freebsd
Adobe Flash Player -- critical vulnerabilities
2015-05-12 00:00:00
Adobe Flash Player -- critical vulnerabilities
2015-04-14 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-05-31 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2015-04-17 00:00:00
kaspersky
kaspersky
KLA10574 Multiple vulnerabilities in Adobe Flash Player
2015-05-12 00:00:00
KLA10576 Flash Player update for Google Chrome
2015-05-12 00:00:00
ubuntucve
ubuntucve
CVE-2015-3078
2015-05-13 00:00:00
CVE-2015-3089
2015-05-13 00:00:00
CVE-2015-3090
2015-05-13 00:00:00
cve
cve
CVE-2015-3078
2015-05-13 11:00:00
CVE-2015-3090
2015-05-13 11:00:00
CVE-2015-3089
2015-05-13 11:00:00
prion
prion
Memory corruption
2015-05-13 11:00:00
Memory corruption
2015-05-13 11:00:00
Memory corruption
2015-05-13 11:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Validation Bypass (APSB15-09: CVE-2015-3085; CVE-2015-3082)
2015-06-02 00:00:00
Adobe Flash Player Memory Corruption (APSB15-09: CVE-2015-3093)
2015-06-07 00:00:00
Adobe Flash Player Integer Overflow (APSB15-09: CVE-2015-3087)
2015-06-02 00:00:00
hackerone
hackerone
Internet Bug Bounty: Internet-based attacker can run Flash apps in local sandboxes by using special URL schemes (PSIRT-3299, CVE-2015-3079)
2015-06-30 14:33:56
Internet Bug Bounty: Flash Player information disclosure (etc.) CVE-2015-3044, PSIRT-3298
2015-05-21 19:39:15
zdt
zdt
Flash Player Integer Overflow in Function.apply Exploit
2015-08-19 00:00:00
Flash Broker-Based Sandbox Escape via Unexpected Directory Lock Exploit
2015-08-19 00:00:00
Flash AVSS.setSubscribedTags Use After Free Memory Corruption Exploit
2015-08-19 00:00:00
zdi
zdi
(Pwn2Own) Adobe Flash Player BrokerCreateFile Broker Method Path Traversal Sandbox Escape Vulnerability
2015-05-12 00:00:00
googleprojectzero
googleprojectzero
One Perfect Bug: Exploiting Type Confusion in Flash
2015-07-20 00:00:00
Attacking ECMAScript Engines with Redefinition
2015-08-17 00:00:00
packetstorm
packetstorm
Adobe Flash Player ShaderJob Buffer Overflow
2015-06-19 00:00:00
metasploit
metasploit
Adobe Flash Player ShaderJob Buffer Overflow
2015-06-18 17:36:14
exploitdb
exploitdb
Adobe Flash Player - ShaderJob Buffer Overflow (Metasploit)
2015-06-24 00:00:00
threatpost
threatpost
Angler Exploit Kit Exploiting New Adobe Vulnerability, Dropping Cryptowall 3.0
2015-05-28 13:57:47
archlinux
archlinux
flashplugin: multiple issues
2015-04-17 00:00:00
JSON
Related for MACOSX_GOOGLE_CHROME_42_0_2311_152.NASL
nessus27redhat2openvas15suse7securityvulns1altlinux4mageia2freebsd2gentoo2kaspersky2ubuntucve17cve17prion17checkpoint_advisories16hackerone2zdt6zdi1googleprojectzero2packetstorm1metasploit1exploitdb1threatpost1archlinux1