A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Please consult the bug listed at the top of this advisory to get the exact list of CVE numbers fixed for each release.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1006-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(50046);
script_version("1.16");
script_cvs_date("Date: 2019/09/19 12:54:26");
script_cve_id("CVE-2009-2797", "CVE-2009-2841", "CVE-2010-0046", "CVE-2010-0047", "CVE-2010-0048", "CVE-2010-0049", "CVE-2010-0050", "CVE-2010-0051", "CVE-2010-0052", "CVE-2010-0053", "CVE-2010-0054", "CVE-2010-0314", "CVE-2010-0647", "CVE-2010-0650", "CVE-2010-0651", "CVE-2010-0656", "CVE-2010-1386", "CVE-2010-1387", "CVE-2010-1389", "CVE-2010-1390", "CVE-2010-1391", "CVE-2010-1392", "CVE-2010-1393", "CVE-2010-1394", "CVE-2010-1395", "CVE-2010-1396", "CVE-2010-1397", "CVE-2010-1398", "CVE-2010-1400", "CVE-2010-1401", "CVE-2010-1402", "CVE-2010-1403", "CVE-2010-1404", "CVE-2010-1405", "CVE-2010-1406", "CVE-2010-1407", "CVE-2010-1408", "CVE-2010-1409", "CVE-2010-1410", "CVE-2010-1412", "CVE-2010-1414", "CVE-2010-1415", "CVE-2010-1416", "CVE-2010-1417", "CVE-2010-1418", "CVE-2010-1419", "CVE-2010-1421", "CVE-2010-1422", "CVE-2010-1664", "CVE-2010-1665", "CVE-2010-1758", "CVE-2010-1759", "CVE-2010-1760", "CVE-2010-1761", "CVE-2010-1762", "CVE-2010-1764", "CVE-2010-1766", "CVE-2010-1767", "CVE-2010-1770", "CVE-2010-1771", "CVE-2010-1772", "CVE-2010-1773", "CVE-2010-1774", "CVE-2010-1780", "CVE-2010-1781", "CVE-2010-1782", "CVE-2010-1783", "CVE-2010-1784", "CVE-2010-1785", "CVE-2010-1786", "CVE-2010-1787", "CVE-2010-1788", "CVE-2010-1790", "CVE-2010-1792", "CVE-2010-1793", "CVE-2010-1807", "CVE-2010-1812", "CVE-2010-1814", "CVE-2010-1815", "CVE-2010-2264", "CVE-2010-2647", "CVE-2010-2648", "CVE-2010-3113", "CVE-2010-3114", "CVE-2010-3115", "CVE-2010-3116", "CVE-2010-3248", "CVE-2010-3257", "CVE-2010-3259");
script_bugtraq_id(36339, 36996, 37925, 37948, 38177, 38372, 38373, 38684, 38685, 38686, 38687, 38688, 38689, 38690, 38691, 38692, 39804, 39808, 40644, 40646, 40647, 40649, 40650, 40653, 40654, 40655, 40656, 40657, 40658, 40659, 40660, 40661, 40662, 40663, 40665, 40666, 40667, 40668, 40669, 40670, 40671, 40672, 40675, 40697, 40698, 40705, 40707, 40710, 40714, 40726, 40727, 40732, 40750, 40753, 40754, 40756, 41051, 41053, 41572, 41573, 41575, 42034, 42035, 42036, 42037, 42038, 42041, 42042, 42043, 42044, 42046, 42049, 42494, 42500, 43047, 43077, 43079, 43081, 43083, 44199, 44200, 44201, 44203, 44204, 44206);
script_xref(name:"USN", value:"1006-1");
script_name(english:"Ubuntu 9.10 / 10.04 LTS / 10.10 : webkit vulnerabilities (USN-1006-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"A large number of security issues were discovered in the WebKit
browser and JavaScript engines. If a user were tricked into viewing a
malicious website, a remote attacker could exploit a variety of issues
related to web browser security, including cross-site scripting
attacks, denial of service attacks, and arbitrary code execution.
Please consult the bug listed at the top of this advisory to get the
exact list of CVE numbers fixed for each release.
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/1006-1/"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:'CANVAS');
script_cwe_id(94, 200, 264);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gir1.0-webkit-1.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwebkit-1.0-2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwebkit-1.0-2-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwebkit-1.0-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwebkit-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:webkit");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10");
script_set_attribute(attribute:"vuln_publication_date", value:"2009/09/10");
script_set_attribute(attribute:"patch_publication_date", value:"2010/10/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/10/20");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(9\.10|10\.04|10\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 9.10 / 10.04 / 10.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"9.10", pkgname:"libwebkit-1.0-2", pkgver:"1.2.5-0ubuntu0.9.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libwebkit-1.0-2-dbg", pkgver:"1.2.5-0ubuntu0.9.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libwebkit-1.0-common", pkgver:"1.2.5-0ubuntu0.9.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libwebkit-dev", pkgver:"1.2.5-0ubuntu0.9.10.1")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"gir1.0-webkit-1.0", pkgver:"1.2.5-0ubuntu0.10.04.1")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"libwebkit-1.0-2", pkgver:"1.2.5-0ubuntu0.10.04.1")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"libwebkit-1.0-2-dbg", pkgver:"1.2.5-0ubuntu0.10.04.1")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"libwebkit-1.0-common", pkgver:"1.2.5-0ubuntu0.10.04.1")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"libwebkit-dev", pkgver:"1.2.5-0ubuntu0.10.04.1")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"webkit", pkgver:"1.2.5-0ubuntu0.10.04.1")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"gir1.0-webkit-1.0", pkgver:"1.2.5-0ubuntu0.10.10.1")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"libwebkit-1.0-2", pkgver:"1.2.5-0ubuntu0.10.10.1")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"libwebkit-1.0-2-dbg", pkgver:"1.2.5-0ubuntu0.10.10.1")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"libwebkit-1.0-common", pkgver:"1.2.5-0ubuntu0.10.10.1")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"libwebkit-dev", pkgver:"1.2.5-0ubuntu0.10.10.1")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"webkit", pkgver:"1.2.5-0ubuntu0.10.10.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gir1.0-webkit-1.0 / libwebkit-1.0-2 / libwebkit-1.0-2-dbg / etc");
}
Vendor | Product | Version | CPE |
---|---|---|---|
canonical | ubuntu_linux | gir1.0-webkit-1.0 | p-cpe:/a:canonical:ubuntu_linux:gir1.0-webkit-1.0 |
canonical | ubuntu_linux | libwebkit-1.0-2 | p-cpe:/a:canonical:ubuntu_linux:libwebkit-1.0-2 |
canonical | ubuntu_linux | libwebkit-1.0-2-dbg | p-cpe:/a:canonical:ubuntu_linux:libwebkit-1.0-2-dbg |
canonical | ubuntu_linux | libwebkit-1.0-common | p-cpe:/a:canonical:ubuntu_linux:libwebkit-1.0-common |
canonical | ubuntu_linux | libwebkit-dev | p-cpe:/a:canonical:ubuntu_linux:libwebkit-dev |
canonical | ubuntu_linux | webkit | p-cpe:/a:canonical:ubuntu_linux:webkit |
canonical | ubuntu_linux | 10.04 | cpe:/o:canonical:ubuntu_linux:10.04:-:lts |
canonical | ubuntu_linux | 10.10 | cpe:/o:canonical:ubuntu_linux:10.10 |
canonical | ubuntu_linux | 9.10 | cpe:/o:canonical:ubuntu_linux:9.10 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2841
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0047
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0048
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0053
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0314
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0650
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0651
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0656
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1386
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1387
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1389
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1390
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1391
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1392
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1393
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1394
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1395
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1396
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1397
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1398
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1400
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1401
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1402
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1403
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1404
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1405
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1406
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1407
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1408
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1409
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1410
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1412
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1414
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1415
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1416
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1417
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1418
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1419
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1421
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1422
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1664
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1665
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1758
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1759
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1760
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1761
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1762
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1764
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1766
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1767
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1770
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1771
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1772
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1773
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1774
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1781
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1812
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2264
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3116
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3248
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3257
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3259
usn.ubuntu.com/1006-1/