Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.MICROSOFT_EDGE_CHROMIUM_108_0_1462_54.NASL
HistoryDec 16, 2022 - 12:00 a.m.

Microsoft Edge (Chromium) < 108.0.1462.54 Multiple Vulnerabilities

2022-12-1600:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
76
JSON

The version of Microsoft Edge installed on the remote Windows host is prior to 108.0.1462.54. It is, therefore, affected by multiple vulnerabilities as referenced in the December 16, 2022 advisory.

  • Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-4436)

  • Use after free in Mojo IPC in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-4437)

  • Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-4438)

  • Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: High) (CVE-2022-4439)

  • Use after free in Profiles in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) (CVE-2022-4440)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(168877);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/02/10");

  script_cve_id(
    "CVE-2022-4436",
    "CVE-2022-4437",
    "CVE-2022-4438",
    "CVE-2022-4439",
    "CVE-2022-4440"
  );
  script_xref(name:"IAVA", value:"2023-A-0003-S");

  script_name(english:"Microsoft Edge (Chromium) < 108.0.1462.54 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has an web browser installed that is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Microsoft Edge installed on the remote Windows host is prior to 108.0.1462.54. It is, therefore, affected
by multiple vulnerabilities as referenced in the December 16, 2022 advisory.

  - Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to
    potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
    (CVE-2022-4436)

  - Use after free in Mojo IPC in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to
    potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
    (CVE-2022-4437)

  - Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who
    convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a
    crafted HTML page. (Chromium security severity: High) (CVE-2022-4438)

  - Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who
    convinced the user to engage in specific UI interactions to potentially exploit heap corruption via
    specific UI interactions. (Chromium security severity: High) (CVE-2022-4439)

  - Use after free in Profiles in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to
    potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
    (CVE-2022-4440)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?245dfb65");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4436");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4437");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4438");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4439");
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4440");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Microsoft Edge version 108.0.1462.54 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-4440");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/12/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/12/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/12/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:edge");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("microsoft_edge_chromium_installed.nbin");
  script_require_keys("installed_sw/Microsoft Edge (Chromium)", "SMB/Registry/Enumerated");

  exit(0);
}

include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');
var app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);

var extended = FALSE;
if (app_info['Channel'] == 'extended') extended = TRUE;

var constraints;
if (!extended) {
	constraints = [
  		{ 'fixed_version' : '108.0.1462.54' }
	];
} else {
	audit(AUDIT_INST_VER_NOT_VULN, 'Microsoft Edge (Chromium)');
};
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
VendorProductVersionCPE
microsoftedgecpe:/a:microsoft:edge

Related

nessus 10
kaspersky 3
openvas 6
osv 1
freebsd 1
mageia 1
chrome 1
debian 1
redos 1
debiancve 5
veracode 5
prion 5
mscve 5
cve 5
ubuntucve 5
alpinelinux 2
altlinux 1
gentoo 2
nessus
nessus
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10244-1)
2022-12-17 00:00:00
Google Chrome < 108.0.5359.124 Multiple Vulnerabilities
2022-12-13 00:00:00
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10245-1)
2022-12-17 00:00:00
kaspersky
kaspersky
KLA20199 Multiple vulnerabilities in Opera
2022-12-20 00:00:00
KLA20144 Multiple vulnerabilities in Microsoft Browser
2022-12-16 00:00:00
KLA20125 Multiple vulnerabilities in Google Chrome
2022-12-13 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0480)
2022-12-26 00:00:00
Debian: Security Advisory (DSA-5302-1)
2022-12-18 00:00:00
Google Chrome Security Update (stable-channel-update-for-desktop_13-2022-12) - Mac OS X
2022-12-16 00:00:00
osv
osv
chromium - security update
2022-12-16 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2022-12-13 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2022-12-24 12:14:14
chrome
chrome
Stable Channel Update for Desktop
2022-12-13 00:00:00
debian
debian
[SECURITY] [DSA 5302-1] chromium security update
2022-12-16 19:08:33
redos
redos
ROS-20231114-01
2023-11-14 00:00:00
debiancve
debiancve
CVE-2022-4436
2022-12-14 06:15:00
CVE-2022-4440
2022-12-14 06:15:00
CVE-2022-4438
2022-12-14 06:15:00
veracode
veracode
Denial Of Service (DoS)
2023-03-13 00:11:40
Denial Of Service (DoS)
2023-03-13 00:13:22
Denial Of Service (DoS)
2023-03-13 00:13:39
prion
prion
Design/Logic Flaw
2022-12-14 06:15:00
Design/Logic Flaw
2022-12-14 06:15:00
Design/Logic Flaw
2022-12-14 06:15:00
mscve
mscve
Chromium: CVE-2022-4440 Use after free in Profiles
2022-12-16 15:56:09
Chromium: CVE-2022-4436 Use after free in Blink Media
2022-12-16 15:55:57
Chromium: CVE-2022-4438 Use after free in Blink Frames
2022-12-16 15:56:04
cve
cve
CVE-2022-4436
2022-12-14 06:15:00
CVE-2022-4440
2022-12-14 06:15:00
CVE-2022-4438
2022-12-14 06:15:00
ubuntucve
ubuntucve
CVE-2022-4440
2022-12-14 00:00:00
CVE-2022-4436
2022-12-14 00:00:00
CVE-2022-4438
2022-12-14 00:00:00
alpinelinux
alpinelinux
CVE-2022-4438
2022-12-14 06:15:00
CVE-2022-4437
2022-12-14 06:15:00
altlinux
altlinux
Security fix for the ALT Linux 10 package yandex-browser-stable version 23.1.2.1033-alt1
2023-04-04 00:00:00
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2023-05-03 00:00:00
QtWebEngine: Multiple Vulnerabilities
2023-11-25 00:00:00
JSON
Related for MICROSOFT_EDGE_CHROMIUM_108_0_1462_54.NASL
nessus10kaspersky3openvas6osv1freebsd1mageia1chrome1debian1redos1debiancve5veracode5prion5mscve5cve5ubuntucve5alpinelinux2altlinux1gentoo2