The version of Microsoft Edge installed on the remote Windows host is prior to 97.0.1072.55. It is, therefore, affected by multiple vulnerabilities as referenced in the January 6, 2022 advisory.
Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0107)
Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0096)
Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. (CVE-2022-0097)
Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. (CVE-2022-0098)
Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.
(CVE-2022-0099)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(156545);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/06");
script_cve_id(
"CVE-2022-0096",
"CVE-2022-0097",
"CVE-2022-0098",
"CVE-2022-0099",
"CVE-2022-0100",
"CVE-2022-0101",
"CVE-2022-0102",
"CVE-2022-0103",
"CVE-2022-0104",
"CVE-2022-0105",
"CVE-2022-0106",
"CVE-2022-0107",
"CVE-2022-0108",
"CVE-2022-0109",
"CVE-2022-0110",
"CVE-2022-0111",
"CVE-2022-0112",
"CVE-2022-0113",
"CVE-2022-0114",
"CVE-2022-0115",
"CVE-2022-0116",
"CVE-2022-0117",
"CVE-2022-0118",
"CVE-2022-0120",
"CVE-2022-21929",
"CVE-2022-21930",
"CVE-2022-21931",
"CVE-2022-21954",
"CVE-2022-21970"
);
script_name(english:"Microsoft Edge (Chromium) < 97.0.1072.55 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"The remote host has an web browser installed that is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Microsoft Edge installed on the remote Windows host is prior to 97.0.1072.55. It is, therefore, affected
by multiple vulnerabilities as referenced in the January 6, 2022 advisory.
- Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker
who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted
HTML page. (CVE-2022-0107)
- Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially
exploit heap corruption via a crafted HTML page. (CVE-2022-0096)
- Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who
convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox
via a crafted HTML page. (CVE-2022-0097)
- Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker
who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific
user gestures. (CVE-2022-0098)
- Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a
user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.
(CVE-2022-0099)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#january-6-2022
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?10ad4694");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0096");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0097");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0098");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0099");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0100");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0101");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0102");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0103");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0104");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0105");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0106");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0107");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0108");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0109");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0110");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0111");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0112");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0113");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0114");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0115");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0116");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0117");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0118");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0120");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21929");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21930");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21931");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21954");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21970");
script_set_attribute(attribute:"solution", value:
"Upgrade to Microsoft Edge version 97.0.1072.55 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-21970");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-0097");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/01/04");
script_set_attribute(attribute:"patch_publication_date", value:"2022/01/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/01/06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:edge");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("microsoft_edge_chromium_installed.nbin");
script_require_keys("installed_sw/Microsoft Edge (Chromium)", "SMB/Registry/Enumerated");
exit(0);
}
include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');
var app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);
var constraints = [
{ 'fixed_version' : '97.0.1072.55' }
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0097
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0098
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0099
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0100
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0101
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0102
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0103
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0104
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0106
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0116
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0117
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0118
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0120
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21929
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21930
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21931
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21954
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21970
www.nessus.org/u?10ad4694
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0096
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0097
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0098
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0099
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0100
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0101
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0102
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0103
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0104
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0105
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0106
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0107
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0108
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0109
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0110
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0111
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0112
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0113
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0114
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0115
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0116
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0117
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0118
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0120
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21929
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21930
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21931
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21954
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21970