Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_GOOGLE_CHROME_84_0_4147_89.NASL
HistoryJul 14, 2020 - 12:00 a.m.

Google Chrome < 84.0.4147.89 Multiple Vulnerabilities

2020-07-1400:00:00
This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
JSON

The version of Google Chrome installed on the remote macOS host is prior to 84.0.4147.89. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_07_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(138448);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/12");

  script_cve_id(
    "CVE-2020-6510",
    "CVE-2020-6511",
    "CVE-2020-6512",
    "CVE-2020-6513",
    "CVE-2020-6514",
    "CVE-2020-6515",
    "CVE-2020-6516",
    "CVE-2020-6517",
    "CVE-2020-6518",
    "CVE-2020-6519",
    "CVE-2020-6520",
    "CVE-2020-6521",
    "CVE-2020-6522",
    "CVE-2020-6523",
    "CVE-2020-6524",
    "CVE-2020-6525",
    "CVE-2020-6526",
    "CVE-2020-6527",
    "CVE-2020-6528",
    "CVE-2020-6529",
    "CVE-2020-6530",
    "CVE-2020-6531",
    "CVE-2020-6533",
    "CVE-2020-6534",
    "CVE-2020-6535",
    "CVE-2020-6536"
  );
  script_xref(name:"IAVA", value:"2020-A-0314-S");

  script_name(english:"Google Chrome < 84.0.4147.89 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote macOS host is prior to 84.0.4147.89. It is, therefore, affected by
multiple vulnerabilities as referenced in the 2020_07_stable-channel-update-for-desktop advisory. Note that Nessus has
not tested for this issue but has instead relied only on the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1095560");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/986051");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1064676");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1092274");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1075734");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1052093");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1080481");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1081722");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1091670");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1074340");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/992698");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1063690");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/978779");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1016278");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1042986");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1069964");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1072412");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1073409");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1080934");
  # https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?96792814");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1103195");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1074317");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1084820");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1091404");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1076703");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1082755");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1092449");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1095560");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/986051");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1064676");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1092274");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1075734");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1052093");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1080481");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1081722");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1091670");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1074340");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/992698");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1063690");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/978779");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1016278");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1042986");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1069964");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1072412");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1073409");
  script_set_attribute(attribute:"see_also", value:"https://crbug.com/1080934");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome version 84.0.4147.89 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-6524");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-6522");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/07/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/07/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/07/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_google_chrome_installed.nbin");
  script_require_keys("MacOSX/Google Chrome/Installed");

  exit(0);
}
include('google_chrome_version.inc');

get_kb_item_or_exit('MacOSX/Google Chrome/Installed');

google_chrome_check_version(fix:'84.0.4147.89', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);
VendorProductVersionCPE
googlechromecpe:/a:google:chrome

References

Related

nessus 12
suse 6
kaspersky 1
openvas 7
chrome 1
fedora 2
freebsd 1
gentoo 2
redhat 1
cve 26
redhatcve 26
veracode 26
prion 26
debiancve 26
ubuntucve 26
talos 1
zdt 2
alpinelinux 1
googleprojectzero 1
githubexploit 2
checkpoint_advisories 1
thn 1
packetstorm 1
nessus
nessus
openSUSE Security Update : opera (openSUSE-2020-1148)
2020-08-06 00:00:00
Google Chrome < 84.0.4147.89 Multiple Vulnerabilities
2020-07-14 00:00:00
openSUSE Security Update : opera (openSUSE-2020-1172)
2020-08-10 00:00:00
suse
suse
Security update for opera (moderate)
2020-08-09 00:00:00
Security update for chromium (important)
2020-09-18 00:00:00
Security update for opera (moderate)
2020-08-05 00:00:00
kaspersky
kaspersky
KLA11869 Multiple vulnerability in Google Chrome
2020-07-14 00:00:00
openvas
openvas
Fedora: Security Advisory for chromium (FEDORA-2020-bf684961d9)
2020-07-31 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2020:1020-1)
2020-07-21 00:00:00
Fedora: Security Advisory for chromium (FEDORA-2020-84d87cbd50)
2020-08-02 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2020-07-14 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: chromium-84.0.4147.89-1.fc32
2020-07-30 17:54:07
[SECURITY] Fedora 31 Update: chromium-84.0.4147.89-1.fc31
2020-08-02 01:09:48
freebsd
freebsd
chromium -- multiple vulnerabilities
2020-07-14 00:00:00
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2020-07-26 00:00:00
Qt WebEngine: Multiple vulnerabilities
2021-01-26 00:00:00
redhat
redhat
(RHSA-2020:3377) Critical: chromium-browser security update
2020-08-10 06:22:50
cve
cve
CVE-2020-6518
2020-07-22 17:15:00
CVE-2020-6529
2020-07-22 17:15:00
CVE-2020-6534
2020-07-22 17:15:00
redhatcve
redhatcve
CVE-2020-6518
2020-07-15 17:08:20
CVE-2020-6523
2020-07-15 17:08:07
CVE-2020-6522
2020-07-15 17:08:40
veracode
veracode
Out Of Bounds Write
2020-12-21 19:50:03
Arbitrary Code Execution
2020-12-21 19:52:14
Authentication Bypass
2020-12-21 19:49:58
prion
prion
Design/Logic Flaw
2020-07-22 17:15:00
Design/Logic Flaw
2020-07-22 17:15:00
Design/Logic Flaw
2020-07-22 17:15:00
debiancve
debiancve
CVE-2020-6521
2020-07-22 17:15:00
CVE-2020-6522
2020-07-22 17:15:00
CVE-2020-6533
2020-07-22 17:15:00
ubuntucve
ubuntucve
CVE-2020-6534
2020-07-22 00:00:00
CVE-2020-6522
2020-07-22 00:00:00
CVE-2020-6533
2020-07-22 00:00:00
talos
talos
Google Chrome PDFium Javascript Active Document Memory Corruption Vulnerability
2020-09-14 00:00:00
zdt
zdt
WebRTC usrsctp Incorrect Call Vulnerability
2020-08-01 00:00:00
Chromium 83 - Full CSP Bypass Exploit
2020-12-04 00:00:00
alpinelinux
alpinelinux
CVE-2020-6514
2020-07-22 17:15:00
googleprojectzero
googleprojectzero
Exploiting Android Messengers with WebRTC: Part 3
2020-08-06 00:00:00
githubexploit
githubexploit
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Google Chrome
2020-08-09 20:06:50
Exploit for Vulnerability in Google Chrome
2020-08-09 08:25:40
checkpoint_advisories
checkpoint_advisories
Google Chrome Heap Corruption (CVE-2020-6514)
2020-08-24 00:00:00
thn
thn
Google Chrome Bug Could Let Hackers Bypass CSP Protection; Update Web Browsers
2020-08-11 14:22:00
packetstorm
packetstorm
Chromium 83 CSP Bypass
2020-12-04 00:00:00
JSON
Related for MACOSX_GOOGLE_CHROME_84_0_4147_89.NASL
nessus12suse6kaspersky1openvas7chrome1fedora2freebsd1gentoo2redhat1cve26redhatcve26veracode26prion26debiancve26ubuntucve26talos1zdt2alpinelinux1googleprojectzero1githubexploit2checkpoint_advisories1thn1packetstorm1