Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_GOOGLE_CHROME_49_0_2623_75.NASL
HistoryMar 04, 2016 - 12:00 a.m.

Google Chrome < 49.0.2623.75 Multiple Vulnerabilities (Mac OS X)

2016-03-0400:00:00
This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
JSON

The version of Google Chrome installed on the remote Mac OS X host is prior to 49.0.2623.75. It is, therefore, affected by multiple vulnerabilities :

  • Multiple overflow conditions exist in the libpng library in the png_set_PLTE() and png_get_PLTE() functions due to improper handling of bit depths less than eight. A remote attacker can exploit this, via a specially crafted PNG image, to cause a denial of service condition or the execution of arbitrary code.
    (CVE-2015-8126)

  • An unspecified flaw exists in Blink that allows an attacker to bypass the same-origin policy.
    (CVE-2016-1630)

  • An unspecified flaw exists in the Pepper plugin that allows an attacker to bypass the same-origin policy.
    (CVE-2016-1631)

  • A bad cast flaw exists in the Extensions component that allows an attacker to have an unspecified impact.
    (CVE-2016-1632)

  • Multiple use-after-free errors exist in Blink. A remote attacker can exploit these issues to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1633, CVE-2016-1634, CVE-2016-1635)

  • An unspecified flaw exists that allows an attacker to bypass SRI validation. (CVE-2016-1636)

  • An unspecified flaw exists that allows an attacker to disclose sensitive information. (CVE-2016-1637)

  • An unspecified flaw exists that allows an attacker to bypass the webAPI. (CVE-2016-1638)

  • A use-after-free error exists in WebRTC. A remote attacker can exploit this issue to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1639)

  • An unspecified origin confusion flaw exists in the Extensions UI that allows an attacker to have an unspecified impact. (CVE-2016-1640)

  • A use-after-free error exists in Favicon. A remote attacker can exploit this issue to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1641)

  • Multiple flaws exist that allow a remote attacker to execute arbitrary code. (CVE-2016-1642)

  • Multiple unspecified flaws exist in Google V8 in runetime-scopes.cc that allows an attacker to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-2843)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(89686);
  script_version("1.10");
  script_cvs_date("Date: 2019/11/20");

  script_cve_id(
    "CVE-2015-8126",
    "CVE-2016-1630",
    "CVE-2016-1631",
    "CVE-2016-1632",
    "CVE-2016-1633",
    "CVE-2016-1634",
    "CVE-2016-1635",
    "CVE-2016-1636",
    "CVE-2016-1637",
    "CVE-2016-1638",
    "CVE-2016-1639",
    "CVE-2016-1640",
    "CVE-2016-1641",
    "CVE-2016-1642",
    "CVE-2016-2843"
  );

  script_name(english:"Google Chrome < 49.0.2623.75 Multiple Vulnerabilities (Mac OS X)");
  script_summary(english:"Checks the version number of Google Chrome.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Mac OS X host contains a web browser that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote Mac OS X host is
prior to 49.0.2623.75. It is, therefore, affected by multiple
vulnerabilities :

  - Multiple overflow conditions exist in the libpng library
    in the png_set_PLTE() and png_get_PLTE() functions due
    to improper handling of bit depths less than eight. A
    remote attacker can exploit this, via a specially
    crafted PNG image, to cause a denial of service
    condition or the execution of arbitrary code.
    (CVE-2015-8126)

  - An unspecified flaw exists in Blink that allows an
    attacker to bypass the same-origin policy.
    (CVE-2016-1630)

  - An unspecified flaw exists in the Pepper plugin that
    allows an attacker to bypass the same-origin policy.
    (CVE-2016-1631)

  - A bad cast flaw exists in the Extensions component that
    allows an attacker to have an unspecified impact.
    (CVE-2016-1632)

  - Multiple use-after-free errors exist in Blink. A remote
    attacker can exploit these issues to dereference already
    freed memory, resulting in the execution of arbitrary
    code. (CVE-2016-1633, CVE-2016-1634, CVE-2016-1635)

  - An unspecified flaw exists that allows an attacker to
    bypass SRI validation. (CVE-2016-1636)

  - An unspecified flaw exists that allows an attacker to
    disclose sensitive information. (CVE-2016-1637)

  - An unspecified flaw exists that allows an attacker to
    bypass the webAPI. (CVE-2016-1638)

  - A use-after-free error exists in WebRTC. A remote
    attacker can exploit this issue to dereference already
    freed memory, resulting in the execution of arbitrary
    code. (CVE-2016-1639)

  - An unspecified origin confusion flaw exists in the
    Extensions UI that allows an attacker to have an
    unspecified impact. (CVE-2016-1640)

  - A use-after-free error exists in Favicon. A remote
    attacker can exploit this issue to dereference already
    freed memory, resulting in the execution of arbitrary
    code. (CVE-2016-1641)

  - Multiple flaws exist that allow a remote attacker to
    execute arbitrary code. (CVE-2016-1642)

  - Multiple unspecified flaws exist in Google V8 in
    runetime-scopes.cc that allows an attacker to cause a
    denial of service condition or the execution of
    arbitrary code. (CVE-2016-2843)");
  # http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c095da5b");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome version 49.0.2623.75 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-2843");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/02");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/03/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/04");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_google_chrome_installed.nbin");
  script_require_keys("MacOSX/Google Chrome/Installed");

  exit(0);
}

include("google_chrome_version.inc");

get_kb_item_or_exit("MacOSX/Google Chrome/Installed");

google_chrome_check_version(fix:'49.0.2623.75', severity:SECURITY_HOLE);
VendorProductVersionCPE
googlechromecpe:/a:google:chrome

References

Related

nessus 50
openvas 31
freebsd 2
suse 6
debian 3
chrome 1
redhat 2
archlinux 4
osv 2
kaspersky 1
ubuntu 1
mageia 2
prion 15
cve 15
ubuntucve 16
debiancve 16
seebug 3
fedora 14
veracode 2
f5 4
amazon 1
ibm 4
slackware 2
oraclelinux 1
centos 1
nessus
nessus
Google Chrome < 49.0.2623.75 Multiple Vulnerabilities
2016-03-04 00:00:00
openSUSE Security Update : Chromium (openSUSE-2016-316)
2016-03-10 00:00:00
SUSE SLES12 Security Update : Chromium (SUSE-SU-2016:0665-1)
2016-03-09 00:00:00
openvas
openvas
openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:0729-1)
2016-03-12 00:00:00
openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:0664-1)
2016-03-07 00:00:00
Debian Security Advisory DSA 3507-1 (chromium-browser - security update)
2016-03-05 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2016-03-02 00:00:00
libpng buffer overflow in png_set_PLTE
2015-11-15 00:00:00
suse
suse
Security update for Chromium (important)
2016-03-06 17:12:11
Security update for Chromium (important)
2016-03-11 22:11:41
Security update for Chromium (important)
2016-03-06 17:11:45
debian
debian
[SECURITY] [DSA 3507-1] chromium-browser security update
2016-03-05 21:22:56
[SECURITY] [DSA 3507-1] chromium-browser security update
2016-03-05 21:22:56
[SECURITY] [DSA 3399-1] libpng security update
2015-11-18 19:55:41
chrome
chrome
Stable Channel Update
2016-03-02 00:00:00
redhat
redhat
(RHSA-2016:0359) Important: chromium-browser security update
2016-03-07 00:00:00
(RHSA-2015:2596) Moderate: libpng security update
2015-12-09 13:26:42
archlinux
archlinux
chromium: multiple issues
2016-03-03 00:00:00
libpng: buffer overflow
2015-12-28 00:00:00
libpng: multiple issues
2015-11-17 00:00:00
osv
osv
chromium-browser - security update
2016-03-05 00:00:00
libpng - security update
2015-11-18 00:00:00
kaspersky
kaspersky
KLA10764 Multiple vulnerabilities in Google Chrome
2016-03-02 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2016-03-10 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2016-03-31 23:22:34
Updated libpng/libpng12 packages fix security vulnerability
2015-11-20 01:08:19
prion
prion
Design/Logic Flaw
2016-03-06 02:59:00
Design/Logic Flaw
2016-03-06 02:59:00
Design/Logic Flaw
2016-03-06 02:59:00
cve
cve
CVE-2016-1631
2016-03-06 02:59:00
CVE-2016-1638
2016-03-06 02:59:00
CVE-2016-1639
2016-03-06 02:59:00
ubuntucve
ubuntucve
CVE-2016-1638
2016-03-06 00:00:00
CVE-2016-1632
2016-03-06 00:00:00
CVE-2016-1630
2016-03-05 00:00:00
debiancve
debiancve
CVE-2016-1631
2016-03-06 02:59:00
CVE-2016-1639
2016-03-06 02:59:00
CVE-2016-1640
2016-03-06 02:59:00
seebug
seebug
Chrome Universal XSS using Flash message loop (CVE-2016-1631)
2017-04-24 00:00:00
Chrome Universal XSS using widget updates in ContainerNode::parserRemoveChild (CVE-2016-1630)
2017-04-24 00:00:00
Chrome the improper use of Flash message loop leads to the UXSS Vulnerability, CVE-2016-1631)
2016-11-21 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: mingw-libpng-1.6.19-1.fc23
2015-11-27 18:24:08
[SECURITY] Fedora 21 Update: mingw-libpng-1.6.19-1.fc21
2015-11-28 23:18:28
[SECURITY] Fedora 22 Update: mingw-libpng-1.6.19-1.fc22
2015-11-27 20:53:25
veracode
veracode
Buffer Overflow
2017-02-08 02:19:46
Denial-of-Service (DoS) Via Embedded Dependency
2017-02-27 07:42:41
f5
f5
K76930736 : Libpng vulnerability CVE-2015-8126
2015-12-19 00:00:00
SOL76930736 - Libpng vulnerability CVE-2015-8126
2015-12-18 00:00:00
SOL81903701 - Libpng vulnerability CVE-2015-8472
2016-03-07 00:00:00
amazon
amazon
Medium: libpng
2015-11-23 13:43:00
ibm
ibm
Security Bulletin: Vulnerabilities in libpng affect Rational DOORS (CVE-2015-8126, CVE-2015-8472)
2020-05-01 08:19:24
Security Bulletin: Vulnerabilities in libpng affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems (CVE-2015-8126 CVE-2015-7981)
2023-04-14 14:32:25
Security Bulletin: Vulnerabilities in libpng affect IBM Integrated Management Module (IMM) (CVE-2015-7981, CVE-2015-8126)
2023-04-14 14:32:25
slackware
slackware
[slackware-security] libpng
2015-12-03 08:20:21
[slackware-security] libpng
2015-12-16 06:25:09
oraclelinux
oraclelinux
libpng security update
2015-12-09 00:00:00
centos
centos
libpng security update
2015-12-09 19:21:36
JSON
Related for MACOSX_GOOGLE_CHROME_49_0_2623_75.NASL
nessus50openvas31freebsd2suse6debian3chrome1redhat2archlinux4osv2kaspersky1ubuntu1mageia2prion15cve15ubuntucve16debiancve16seebug3fedora14veracode2f54amazon1ibm4slackware2oraclelinux1centos1