Google Chrome < 62.0.3202.89 Multiple Vulnerabilities (macOS)

2017-11-07T00:00:00
ID MACOSX_GOOGLE_CHROME_62_0_3202_89.NASL
Type nessus
Reporter This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
Modified 2020-02-02T00:00:00

Description

The version of Google Chrome installed on the remote macOS or Mac OS X host is prior to 62.0.32. It is, therefore, affected by multiple vulnerabilities as noted in Chrome stable channel update release notes for October 17th 2017. Please refer to the release notes for additional information.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(104435);
  script_version("1.5");
  script_cvs_date("Date: 2018/07/14  1:59:37");

  script_cve_id("CVE-2017-15398", "CVE-2017-15399");

  script_name(english:"Google Chrome < 62.0.3202.89 Multiple Vulnerabilities (macOS)");
  script_summary(english:"Checks the version of Google Chrome.");

  script_set_attribute(attribute:"synopsis", value:
"A web browser installed on the remote macOS or Mac OS X host is
affected by multiple unspecified vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote macOS or Mac OS X
host is prior to 62.0.32. It is, therefore, affected by multiple 
vulnerabilities as noted in Chrome stable channel update release notes
for October 17th 2017. Please refer to the release notes for additional 
information.");
  # https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop.html
  script_set_attribute(attribute:"see_also",value:"http://www.nessus.org/u?4af6a216");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome version 62.0.3202.89 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/11/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/11/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/11/07");

  script_set_attribute(attribute:"plugin_type",value:"local");
  script_set_attribute(attribute:"cpe",value:"cpe:/a:google:chrome");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.");

  script_dependencies("macosx_google_chrome_installed.nbin");
  script_require_keys("MacOSX/Google Chrome/Installed");

  exit(0);
}

include("google_chrome_version.inc");

get_kb_item_or_exit("MacOSX/Google Chrome/Installed");

google_chrome_check_version(fix:'62.0.3202.89', severity:SECURITY_HOLE);