Google Chrome Multiple Vulnerabilities-02 Feb2013 (Windows)
2013-02-04T00:00:00
ID OPENVAS:1361412562310803400 Type openvas Reporter Copyright (C) 2013 Greenbone Networks GmbH Modified 2020-04-21T00:00:00
Description
This host is installed with Google Chrome and is prone to multiple
vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
#
# Google Chrome Multiple Vulnerabilities-02 Feb2013 (Windows)
#
# Authors:
# Thanga Prakash S <tprakash@secpod.com>
#
# Copyright:
# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.803400");
script_version("2020-04-21T11:03:03+0000");
script_cve_id("CVE-2013-0839", "CVE-2013-0840", "CVE-2013-0841", "CVE-2013-0842");
script_bugtraq_id(57502);
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)");
script_tag(name:"creation_date", value:"2013-02-04 11:39:40 +0530 (Mon, 04 Feb 2013)");
script_name("Google Chrome Multiple Vulnerabilities-02 Feb2013 (Windows)");
script_xref(name:"URL", value:"http://secunia.com/advisories/51935");
script_xref(name:"URL", value:"http://securitytracker.com/id/1028030");
script_xref(name:"URL", value:"http://googlechromereleases.blogspot.in/2013/01/stable-channel-update_22.html");
script_copyright("Copyright (C) 2013 Greenbone Networks GmbH");
script_category(ACT_GATHER_INFO);
script_family("General");
script_dependencies("gb_google_chrome_detect_portable_win.nasl");
script_mandatory_keys("GoogleChrome/Win/Ver");
script_tag(name:"impact", value:"Successful exploitation will allow attackers to bypass certain security
restrictions, execute arbitrary code in the context of the browser or
cause a denial of service or possibly have unspecified other impact.");
script_tag(name:"affected", value:"Google Chrome versions prior to 24.0.1312.56 on Windows");
script_tag(name:"insight", value:"Multiple flaws due to
- Referring freed memory in canvas font handling.
- Missing URL validation when opening new windows.
- Unchecked array index in content blocking functionality.
- Not properly handling %00 characters in path-names.");
script_tag(name:"solution", value:"Upgrade to the Google Chrome 24.0.1312.56 or later.");
script_tag(name:"summary", value:"This host is installed with Google Chrome and is prone to multiple
vulnerabilities.");
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
chromeVer = get_kb_item("GoogleChrome/Win/Ver");
if(!chromeVer){
exit(0);
}
if(version_is_less(version:chromeVer, test_version:"24.0.1312.56")){
report = report_fixed_ver(installed_version:chromeVer, fixed_version:"24.0.1312.56");
security_message(port: 0, data: report);
}
{"id": "OPENVAS:1361412562310803400", "type": "openvas", "bulletinFamily": "scanner", "title": "Google Chrome Multiple Vulnerabilities-02 Feb2013 (Windows)", "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "published": "2013-02-04T00:00:00", "modified": "2020-04-21T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803400", "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "references": ["http://secunia.com/advisories/51935", "http://securitytracker.com/id/1028030", "http://googlechromereleases.blogspot.in/2013/01/stable-channel-update_22.html"], "cvelist": ["CVE-2013-0839", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0840"], "lastseen": "2020-04-23T19:05:34", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-0842", "CVE-2013-0841", "CVE-2013-0839", "CVE-2013-0840"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310803401", "OPENVAS:803400", "OPENVAS:803402", "OPENVAS:803401", "OPENVAS:1361412562310121030", "OPENVAS:1361412562310803402"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_8D03202C655911E2A38900262D5ED8EE.NASL", "GENTOO_GLSA-201309-16.NASL", "GOOGLE_CHROME_24_0_1312_56.NASL"]}, {"type": "freebsd", "idList": ["8D03202C-6559-11E2-A389-00262D5ED8EE"]}, {"type": "gentoo", "idList": ["GLSA-201309-16"]}], "modified": "2020-04-23T19:05:34", "rev": 2}, "score": {"value": 8.2, "vector": "NONE", "modified": "2020-04-23T19:05:34", "rev": 2}, "vulnersScore": 8.2}, "pluginID": "1361412562310803400", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-02 Feb2013 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803400\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\");\n script_bugtraq_id(57502);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 11:39:40 +0530 (Mon, 04 Feb 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Feb2013 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51935\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1028030\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/01/stable-channel-update_22.html\");\n\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service or possibly have unspecified other impact.\");\n script_tag(name:\"affected\", value:\"Google Chrome versions prior to 24.0.1312.56 on Windows\");\n script_tag(name:\"insight\", value:\"Multiple flaws due to\n\n - Referring freed memory in canvas font handling.\n\n - Missing URL validation when opening new windows.\n\n - Unchecked array index in content blocking functionality.\n\n - Not properly handling %00 characters in path-names.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 24.0.1312.56 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"24.0.1312.56\")){\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"24.0.1312.56\");\n security_message(port: 0, data: report);\n}\n", "naslFamily": "General"}
{"openvas": [{"lastseen": "2017-07-02T21:11:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0839", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0840"], "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2017-05-12T00:00:00", "published": "2013-02-04T00:00:00", "id": "OPENVAS:803400", "href": "http://plugins.openvas.org/nasl.php?oid=803400", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Feb2013 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_feb13_win.nasl 6115 2017-05-12 09:03:25Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities-02 Feb2013 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service or possibly have unspecified other impact.\n Impact Level: System/Application\";\n\ntag_affected = \"Google Chrome versions prior to 24.0.1312.56 on Windows\";\ntag_insight = \"Multiple flaws due to\n - Referring freed memory in canvas font handling.\n - Missing URL validation when opening new windows.\n - Unchecked array index in content blocking functionality.\n - Not properly handling %00 characters in path-names.\";\ntag_solution = \"Upgrade to the Google Chrome 24.0.1312.56 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803400);\n script_version(\"$Revision: 6115 $\");\n script_cve_id(\"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\");\n script_bugtraq_id(57502);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 11:39:40 +0530 (Mon, 04 Feb 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Feb2013 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51935\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1028030\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2013/01/stable-channel-update_22.html\");\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_require_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Versions prior to 24.0.1312.56\nif(version_is_less(version:chromeVer, test_version:\"24.0.1312.56\")){\n security_message(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0839", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0840"], "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2017-05-09T00:00:00", "published": "2013-02-04T00:00:00", "id": "OPENVAS:803401", "href": "http://plugins.openvas.org/nasl.php?oid=803401", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Feb2013 (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_feb13_lin.nasl 27542 2013-02-04 11:39:40Z feb$\n#\n# Google Chrome Multiple Vulnerabilities-02 Feb2013 (Linux)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service or possibly have unspecified other impact.\n Impact Level: System/Application\";\n\ntag_affected = \"Google Chrome versions prior to 24.0.1312.56 on Linux\";\ntag_insight = \"Multiple flaws due to\n - Referring freed memory in canvas font handling.\n - Missing URL validation when opening new windows.\n - Unchecked array index in content blocking functionality.\n - Not properly handling %00 characters in path-names.\";\ntag_solution = \"Upgrade to the Google Chrome 24.0.1312.56 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803401);\n script_version(\"$Revision: 6086 $\");\n script_cve_id(\"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\");\n script_bugtraq_id(57502);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-09 11:03:30 +0200 (Tue, 09 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 11:39:40 +0530 (Mon, 04 Feb 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Feb2013 (Linux)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51935\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1028030\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2013/01/stable-channel-update_22.html\");\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\", \"ssh_authorization_init.nasl\");\n script_require_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Versions prior to 24.0.1312.56\nif(version_is_less(version:chromeVer, test_version:\"24.0.1312.56\")){\n security_message(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-04-23T19:05:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0839", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0840"], "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2020-04-21T00:00:00", "published": "2013-02-04T00:00:00", "id": "OPENVAS:1361412562310803401", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803401", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Feb2013 (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_feb13_lin.nasl 27542 2013-02-04 11:39:40Z feb$\n#\n# Google Chrome Multiple Vulnerabilities-02 Feb2013 (Linux)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803401\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\");\n script_bugtraq_id(57502);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 11:39:40 +0530 (Mon, 04 Feb 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Feb2013 (Linux)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51935\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1028030\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/01/stable-channel-update_22.html\");\n\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service or possibly have unspecified other impact.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome versions prior to 24.0.1312.56 on Linux\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws due to\n\n - Referring freed memory in canvas font handling.\n\n - Missing URL validation when opening new windows.\n\n - Unchecked array index in content blocking functionality.\n\n - Not properly handling %00 characters in path-names.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 24.0.1312.56 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"24.0.1312.56\")){\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"24.0.1312.56\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:11:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0839", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0843", "CVE-2013-0840"], "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2017-05-12T00:00:00", "published": "2013-02-01T00:00:00", "id": "OPENVAS:803402", "href": "http://plugins.openvas.org/nasl.php?oid=803402", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Feb2013 (MAC OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_feb13_macosx.nasl 6115 2017-05-12 09:03:25Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities-02 Feb2013 (MAC OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service or possibly have unspecified other impact.\n Impact Level: System/Application\n\n Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service.\";\n\n\ntag_affected = \"Google Chrome version prior to 24.0.1312.56 on MAC OS X\";\ntag_insight = \"Multiple flaws due to\n - Referring freed memory in canvas font handling.\n - Missing URL validation when opening new windows.\n - Unchecked array index in content blocking functionality.\n - Not properly handling %00 characters in path-names.\";\ntag_solution = \"Upgrade to the Google Chrome 24.0.1312.56 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803402);\n script_version(\"$Revision: 6115 $\");\n script_cve_id(\"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\",\n \"CVE-2013-0842\", \"CVE-2013-0843\");\n script_bugtraq_id(57502);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-01 16:54:18 +0530 (Fri, 01 Feb 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Feb2013 (MAC OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51935\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1028030\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2013/01/stable-channel-update_22.html\");\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\", \"ssh_authorization_init.nasl\");\n script_require_keys(\"GoogleChrome/MacOSX/Version\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\n#Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Versions prior to 24.0.1312.56\nif(version_is_less(version:chromeVer, test_version:\"24.0.1312.56\")){\n security_message(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-04-23T19:05:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0839", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0843", "CVE-2013-0840"], "description": "This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "modified": "2020-04-21T00:00:00", "published": "2013-02-01T00:00:00", "id": "OPENVAS:1361412562310803402", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803402", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Feb2013 (MAC OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-02 Feb2013 (MAC OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803402\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\", \"CVE-2013-0843\");\n script_bugtraq_id(57502);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-02-01 16:54:18 +0530 (Fri, 01 Feb 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Feb2013 (MAC OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51935\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1028030\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/01/stable-channel-update_22.html\");\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 24.0.1312.56 on MAC OS X\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws due to\n\n - Referring freed memory in canvas font handling.\n\n - Missing URL validation when opening new windows.\n\n - Unchecked array index in content blocking functionality.\n\n - Not properly handling %00 characters in path-names.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 24.0.1312.56 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service or possibly have unspecified other impact.\n\n Successful exploitation will allow attackers to bypass certain security\n restrictions, execute arbitrary code in the context of the browser or\n cause a denial of service.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"24.0.1312.56\")){\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"24.0.1312.56\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5126", "CVE-2012-5136", "CVE-2013-0898", "CVE-2013-2882", "CVE-2013-0833", "CVE-2013-0891", "CVE-2013-2845", "CVE-2013-2901", "CVE-2013-2842", "CVE-2012-5130", "CVE-2013-0838", "CVE-2013-0917", "CVE-2013-2887", "CVE-2013-0924", "CVE-2013-0894", "CVE-2013-2902", "CVE-2013-2840", "CVE-2013-0832", "CVE-2013-2903", "CVE-2012-5133", "CVE-2013-0906", "CVE-2012-5127", "CVE-2013-2880", "CVE-2013-0904", "CVE-2013-2867", "CVE-2012-5125", "CVE-2013-0899", "CVE-2013-2849", "CVE-2013-2841", "CVE-2013-0834", "CVE-2013-2878", "CVE-2012-5139", "CVE-2013-0881", "CVE-2013-2874", "CVE-2013-0839", "CVE-2012-5117", "CVE-2013-0882", "CVE-2013-0841", "CVE-2012-5137", "CVE-2012-5122", "CVE-2013-0888", "CVE-2013-2853", "CVE-2012-5149", "CVE-2013-2876", "CVE-2013-2886", "CVE-2013-0889", "CVE-2012-5151", "CVE-2013-0884", "CVE-2013-0837", "CVE-2013-2848", "CVE-2013-0922", "CVE-2013-2846", "CVE-2013-0842", "CVE-2012-5146", "CVE-2013-2865", "CVE-2012-5132", "CVE-2013-0879", "CVE-2013-2904", "CVE-2013-0887", "CVE-2013-0890", "CVE-2013-2884", "CVE-2013-0925", "CVE-2013-0908", "CVE-2013-2870", "CVE-2013-0923", "CVE-2012-5145", "CVE-2013-0895", "CVE-2013-0836", "CVE-2013-0919", "CVE-2013-2877", "CVE-2012-5124", "CVE-2012-5143", "CVE-2013-0830", "CVE-2012-5140", "CVE-2013-2837", "CVE-2013-2856", "CVE-2012-5118", "CVE-2013-0880", "CVE-2013-0892", "CVE-2013-2875", "CVE-2013-0926", "CVE-2013-2847", "CVE-2013-0918", "CVE-2013-2881", "CVE-2012-5152", "CVE-2013-2861", "CVE-2013-2869", "CVE-2013-0902", "CVE-2013-2855", "CVE-2013-0835", "CVE-2012-5116", "CVE-2013-0920", "CVE-2012-5128", "CVE-2013-0900", "CVE-2013-2838", "CVE-2013-2863", "CVE-2012-5147", "CVE-2012-5141", "CVE-2013-2900", "CVE-2013-2844", "CVE-2013-2839", "CVE-2013-0910", "CVE-2013-0840", "CVE-2013-0909", "CVE-2013-0893", "CVE-2012-5154", "CVE-2013-0907", "CVE-2013-2862", "CVE-2013-2871", "CVE-2013-0897", "CVE-2013-2836", "CVE-2013-0828", "CVE-2013-2905", "CVE-2012-5120", "CVE-2013-0916", "CVE-2012-5123", "CVE-2013-0903", "CVE-2013-0912", "CVE-2013-2868", "CVE-2013-0911", "CVE-2013-0905", "CVE-2013-2859", "CVE-2013-0885", "CVE-2013-2879", "CVE-2013-2858", "CVE-2012-5135", "CVE-2012-5148", "CVE-2013-0829", "CVE-2013-0831", "CVE-2012-5144", "CVE-2013-0883", "CVE-2012-5150", "CVE-2013-2843", "CVE-2013-2860", "CVE-2013-0896", "CVE-2012-5138", "CVE-2013-2857", "CVE-2012-5153", "CVE-2012-5121", "CVE-2013-2883", "CVE-2012-5142", "CVE-2013-0921", "CVE-2013-2885"], "description": "Gentoo Linux Local Security Checks GLSA 201309-16", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121030", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121030", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201309-16", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201309-16.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121030\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:25:53 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201309-16\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201309-16\");\n script_cve_id(\"CVE-2012-5116\", \"CVE-2012-5117\", \"CVE-2012-5118\", \"CVE-2012-5120\", \"CVE-2012-5121\", \"CVE-2012-5122\", \"CVE-2012-5123\", \"CVE-2012-5124\", \"CVE-2012-5125\", \"CVE-2012-5126\", \"CVE-2012-5127\", \"CVE-2012-5128\", \"CVE-2012-5130\", \"CVE-2012-5132\", \"CVE-2012-5133\", \"CVE-2012-5135\", \"CVE-2012-5136\", \"CVE-2012-5137\", \"CVE-2012-5138\", \"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\", \"CVE-2012-5143\", \"CVE-2012-5144\", \"CVE-2012-5145\", \"CVE-2012-5146\", \"CVE-2012-5147\", \"CVE-2012-5148\", \"CVE-2012-5149\", \"CVE-2012-5150\", \"CVE-2012-5151\", \"CVE-2012-5152\", \"CVE-2012-5153\", \"CVE-2012-5154\", \"CVE-2013-0828\", \"CVE-2013-0829\", \"CVE-2013-0830\", \"CVE-2013-0831\", \"CVE-2013-0832\", \"CVE-2013-0833\", \"CVE-2013-0834\", \"CVE-2013-0835\", \"CVE-2013-0836\", \"CVE-2013-0837\", \"CVE-2013-0838\", \"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\", \"CVE-2013-0879\", \"CVE-2013-0880\", \"CVE-2013-0881\", \"CVE-2013-0882\", \"CVE-2013-0883\", \"CVE-2013-0884\", \"CVE-2013-0885\", \"CVE-2013-0887\", \"CVE-2013-0888\", \"CVE-2013-0889\", \"CVE-2013-0890\", \"CVE-2013-0891\", \"CVE-2013-0892\", \"CVE-2013-0893\", \"CVE-2013-0894\", \"CVE-2013-0895\", \"CVE-2013-0896\", \"CVE-2013-0897\", \"CVE-2013-0898\", \"CVE-2013-0899\", \"CVE-2013-0900\", \"CVE-2013-0902\", \"CVE-2013-0903\", \"CVE-2013-0904\", \"CVE-2013-0905\", \"CVE-2013-0906\", \"CVE-2013-0907\", \"CVE-2013-0908\", \"CVE-2013-0909\", \"CVE-2013-0910\", \"CVE-2013-0911\", \"CVE-2013-0912\", \"CVE-2013-0916\", \"CVE-2013-0917\", \"CVE-2013-0918\", \"CVE-2013-0919\", \"CVE-2013-0920\", \"CVE-2013-0921\", \"CVE-2013-0922\", \"CVE-2013-0923\", \"CVE-2013-0924\", \"CVE-2013-0925\", \"CVE-2013-0926\", \"CVE-2013-2836\", \"CVE-2013-2837\", \"CVE-2013-2838\", \"CVE-2013-2839\", \"CVE-2013-2840\", \"CVE-2013-2841\", \"CVE-2013-2842\", \"CVE-2013-2843\", \"CVE-2013-2844\", \"CVE-2013-2845\", \"CVE-2013-2846\", \"CVE-2013-2847\", \"CVE-2013-2848\", \"CVE-2013-2849\", \"CVE-2013-2853\", \"CVE-2013-2855\", \"CVE-2013-2856\", \"CVE-2013-2857\", \"CVE-2013-2858\", \"CVE-2013-2859\", \"CVE-2013-2860\", \"CVE-2013-2861\", \"CVE-2013-2862\", \"CVE-2013-2863\", \"CVE-2013-2865\", \"CVE-2013-2867\", \"CVE-2013-2868\", \"CVE-2013-2869\", \"CVE-2013-2870\", \"CVE-2013-2871\", \"CVE-2013-2874\", \"CVE-2013-2875\", \"CVE-2013-2876\", \"CVE-2013-2877\", \"CVE-2013-2878\", \"CVE-2013-2879\", \"CVE-2013-2880\", \"CVE-2013-2881\", \"CVE-2013-2882\", \"CVE-2013-2883\", \"CVE-2013-2884\", \"CVE-2013-2885\", \"CVE-2013-2886\", \"CVE-2013-2887\", \"CVE-2013-2900\", \"CVE-2013-2901\", \"CVE-2013-2902\", \"CVE-2013-2903\", \"CVE-2013-2904\", \"CVE-2013-2905\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201309-16\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 29.0.1457.57\"), vulnerable: make_list(\"lt 29.0.1457.57\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/v8\", unaffected: make_list(\"ge 3.18.5.14\"), vulnerable: make_list(\"lt 3.18.5.14\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-07T10:47:04", "description": "Google Chrome Releases reports :\n\n[151008] High CVE-2013-0839: Use-after-free in canvas font handling.\nCredit to Atte Kettunen of OUSPG.\n\n[170532] Medium CVE-2013-0840: Missing URL validation when opening new\nwindows.\n\n[169770] High CVE-2013-0841: Unchecked array index in content\nblocking. Credit to Google Chrome Security Team (Chris Evans).\n\n[166867] Medium CVE-2013-0842: Problems with NULL characters embedded\nin paths. Credit to Google Chrome Security Team (Juri Aedla).", "edition": 21, "published": "2013-01-24T00:00:00", "title": "FreeBSD : chromium -- multiple vulnerabilities (8d03202c-6559-11e2-a389-00262d5ed8ee)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0839", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0840"], "modified": "2013-01-24T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:chromium"], "id": "FREEBSD_PKG_8D03202C655911E2A38900262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/nessus/63674", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2016 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63674);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (8d03202c-6559-11e2-a389-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n[151008] High CVE-2013-0839: Use-after-free in canvas font handling.\nCredit to Atte Kettunen of OUSPG.\n\n[170532] Medium CVE-2013-0840: Missing URL validation when opening new\nwindows.\n\n[169770] High CVE-2013-0841: Unchecked array index in content\nblocking. Credit to Google Chrome Security Team (Chris Evans).\n\n[166867] Medium CVE-2013-0842: Problems with NULL characters embedded\nin paths. Credit to Google Chrome Security Team (Juri Aedla).\"\n );\n # http://googlechromereleases.blogspot.nl/search/label/Stable%20updates\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bdc75d6a\"\n );\n # http://www.freebsd.org/ports/portaudit/8d03202c-6559-11e2-a389-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dbbf3838\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<24.0.1312.56\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:05:19", "description": "The version of Google Chrome installed on the remote host is earlier\nthan 24.0.1312.56 and is, therefore, affected by the following\nvulnerabilities :\n\n - A use-after-free vulnerability exists related to font\n handling and canvas. (CVE-2013-0839)\n\n - An error exists related to URL validation and the\n opening of new browser windows. (CVE-2013-0840)\n\n - An array index is not properly checked in relation to\n content blocking. (CVE-2013-0841)\n\n - An unspecified error exists related to handling null\n characters in embedded paths. (CVE-2013-0842)\n\nSuccessful exploitation of some of these issues could lead to an\napplication crash or even allow arbitrary code execution, subject to the\nuser's privileges.", "edition": 27, "published": "2013-01-22T00:00:00", "title": "Google Chrome < 24.0.1312.56 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0839", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0840"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_24_0_1312_56.NASL", "href": "https://www.tenable.com/plugins/nessus/63645", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63645);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2013-0839\",\n \"CVE-2013-0840\",\n \"CVE-2013-0841\",\n \"CVE-2013-0842\"\n );\n script_bugtraq_id(\n 59680,\n 59681,\n 59682,\n 59683\n );\n\n script_name(english:\"Google Chrome < 24.0.1312.56 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version number of Google Chrome\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is earlier\nthan 24.0.1312.56 and is, therefore, affected by the following\nvulnerabilities :\n\n - A use-after-free vulnerability exists related to font\n handling and canvas. (CVE-2013-0839)\n\n - An error exists related to URL validation and the\n opening of new browser windows. (CVE-2013-0840)\n\n - An array index is not properly checked in relation to\n content blocking. (CVE-2013-0841)\n\n - An unspecified error exists related to handling null\n characters in embedded paths. (CVE-2013-0842)\n\nSuccessful exploitation of some of these issues could lead to an\napplication crash or even allow arbitrary code execution, subject to the\nuser's privileges.\");\n # https://chromereleases.googleblog.com/2013/01/stable-channel-update_22.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b913533e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 24.0.1312.56 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0842\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\n\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\ngoogle_chrome_check_version(installs:installs, fix:'24.0.1312.56', severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:54:49", "description": "The remote host is affected by the vulnerability described in GLSA-201309-16\n(Chromium, V8: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and V8. Please\n review the CVE identifiers and release notes referenced below for\n details.\n \nImpact :\n\n A context-dependent attacker could entice a user to open a specially\n crafted website or JavaScript program using Chromium or V8, possibly\n resulting in the execution of arbitrary code with the privileges of the\n process or a Denial of Service condition. Furthermore, a remote attacker\n may be able to bypass security restrictions or have other, unspecified,\n impact.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2013-09-25T00:00:00", "title": "GLSA-201309-16 : Chromium, V8: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5126", "CVE-2012-5136", "CVE-2013-0898", "CVE-2013-2882", "CVE-2013-0833", "CVE-2013-0891", "CVE-2013-2845", "CVE-2013-2901", "CVE-2013-2842", "CVE-2012-5130", "CVE-2013-0838", "CVE-2013-0917", "CVE-2013-2887", "CVE-2013-0924", "CVE-2013-0894", "CVE-2013-2902", "CVE-2013-2840", "CVE-2013-0832", "CVE-2013-2903", "CVE-2012-5133", "CVE-2013-0906", "CVE-2012-5127", "CVE-2013-2880", "CVE-2013-0904", "CVE-2013-2867", "CVE-2012-5125", "CVE-2013-0899", "CVE-2013-2849", "CVE-2013-2841", "CVE-2013-0834", "CVE-2013-2878", "CVE-2012-5139", "CVE-2013-0881", "CVE-2013-2874", "CVE-2013-0839", "CVE-2012-5117", "CVE-2013-0882", "CVE-2013-0841", "CVE-2012-5137", "CVE-2012-5122", "CVE-2013-0888", "CVE-2013-2853", "CVE-2012-5149", "CVE-2013-2876", "CVE-2013-2886", "CVE-2013-0889", "CVE-2012-5151", "CVE-2013-0884", "CVE-2013-0837", "CVE-2013-2848", "CVE-2013-0922", "CVE-2013-2846", "CVE-2013-0842", "CVE-2012-5146", "CVE-2013-2865", "CVE-2012-5132", "CVE-2013-0879", "CVE-2013-2904", "CVE-2013-0887", "CVE-2013-0890", "CVE-2013-2884", "CVE-2013-0925", "CVE-2013-0908", "CVE-2013-2870", "CVE-2013-0923", "CVE-2012-5145", "CVE-2013-0895", "CVE-2013-0836", "CVE-2013-0919", "CVE-2013-2877", "CVE-2012-5124", "CVE-2012-5143", "CVE-2013-0830", "CVE-2012-5140", "CVE-2013-2837", "CVE-2013-2856", "CVE-2012-5118", "CVE-2013-0880", "CVE-2013-0892", "CVE-2013-2875", "CVE-2013-0926", "CVE-2013-2847", "CVE-2013-0918", "CVE-2013-2881", "CVE-2012-5152", "CVE-2013-2861", "CVE-2013-2869", "CVE-2013-0902", "CVE-2013-2855", "CVE-2013-0835", "CVE-2012-5116", "CVE-2013-0920", "CVE-2012-5128", "CVE-2013-0900", "CVE-2013-2838", "CVE-2013-2863", "CVE-2012-5147", "CVE-2012-5141", "CVE-2013-2900", "CVE-2013-2844", "CVE-2013-2839", "CVE-2013-0910", "CVE-2013-0840", "CVE-2013-0909", "CVE-2013-0893", "CVE-2012-5154", "CVE-2013-0907", "CVE-2013-2862", "CVE-2013-2871", "CVE-2013-0897", "CVE-2013-2836", "CVE-2013-0828", "CVE-2013-2905", "CVE-2012-5120", "CVE-2013-0916", "CVE-2012-5123", "CVE-2013-0903", "CVE-2013-0912", "CVE-2013-2868", "CVE-2013-0911", "CVE-2013-0905", "CVE-2013-2859", "CVE-2013-0885", "CVE-2013-2879", "CVE-2013-2858", "CVE-2012-5135", "CVE-2012-5148", "CVE-2013-0829", "CVE-2013-0831", "CVE-2012-5144", "CVE-2013-0883", "CVE-2012-5150", "CVE-2013-2843", "CVE-2013-2860", "CVE-2013-0896", "CVE-2012-5138", "CVE-2013-2857", "CVE-2012-5153", "CVE-2012-5121", "CVE-2013-2883", "CVE-2012-5142", "CVE-2013-0921", "CVE-2013-2885"], "modified": "2013-09-25T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:v8", "p-cpe:/a:gentoo:linux:chromium"], "id": "GENTOO_GLSA-201309-16.NASL", "href": "https://www.tenable.com/plugins/nessus/70112", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201309-16.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70112);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-5116\", \"CVE-2012-5117\", \"CVE-2012-5118\", \"CVE-2012-5120\", \"CVE-2012-5121\", \"CVE-2012-5122\", \"CVE-2012-5123\", \"CVE-2012-5124\", \"CVE-2012-5125\", \"CVE-2012-5126\", \"CVE-2012-5127\", \"CVE-2012-5128\", \"CVE-2012-5130\", \"CVE-2012-5132\", \"CVE-2012-5133\", \"CVE-2012-5135\", \"CVE-2012-5136\", \"CVE-2012-5137\", \"CVE-2012-5138\", \"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\", \"CVE-2012-5143\", \"CVE-2012-5144\", \"CVE-2012-5145\", \"CVE-2012-5146\", \"CVE-2012-5147\", \"CVE-2012-5148\", \"CVE-2012-5149\", \"CVE-2012-5150\", \"CVE-2012-5151\", \"CVE-2012-5152\", \"CVE-2012-5153\", \"CVE-2012-5154\", \"CVE-2013-0828\", \"CVE-2013-0829\", \"CVE-2013-0830\", \"CVE-2013-0831\", \"CVE-2013-0832\", \"CVE-2013-0833\", \"CVE-2013-0834\", \"CVE-2013-0835\", \"CVE-2013-0836\", \"CVE-2013-0837\", \"CVE-2013-0838\", \"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\", \"CVE-2013-0879\", \"CVE-2013-0880\", \"CVE-2013-0881\", \"CVE-2013-0882\", \"CVE-2013-0883\", \"CVE-2013-0884\", \"CVE-2013-0885\", \"CVE-2013-0887\", \"CVE-2013-0888\", \"CVE-2013-0889\", \"CVE-2013-0890\", \"CVE-2013-0891\", \"CVE-2013-0892\", \"CVE-2013-0893\", \"CVE-2013-0894\", \"CVE-2013-0895\", \"CVE-2013-0896\", \"CVE-2013-0897\", \"CVE-2013-0898\", \"CVE-2013-0899\", \"CVE-2013-0900\", \"CVE-2013-0902\", \"CVE-2013-0903\", \"CVE-2013-0904\", \"CVE-2013-0905\", \"CVE-2013-0906\", \"CVE-2013-0907\", \"CVE-2013-0908\", \"CVE-2013-0909\", \"CVE-2013-0910\", \"CVE-2013-0911\", \"CVE-2013-0912\", \"CVE-2013-0916\", \"CVE-2013-0917\", \"CVE-2013-0918\", \"CVE-2013-0919\", \"CVE-2013-0920\", \"CVE-2013-0921\", \"CVE-2013-0922\", \"CVE-2013-0923\", \"CVE-2013-0924\", \"CVE-2013-0925\", \"CVE-2013-0926\", \"CVE-2013-2836\", \"CVE-2013-2837\", \"CVE-2013-2838\", \"CVE-2013-2839\", \"CVE-2013-2840\", \"CVE-2013-2841\", \"CVE-2013-2842\", \"CVE-2013-2843\", \"CVE-2013-2844\", \"CVE-2013-2845\", \"CVE-2013-2846\", \"CVE-2013-2847\", \"CVE-2013-2848\", \"CVE-2013-2849\", \"CVE-2013-2853\", \"CVE-2013-2855\", \"CVE-2013-2856\", \"CVE-2013-2857\", \"CVE-2013-2858\", \"CVE-2013-2859\", \"CVE-2013-2860\", \"CVE-2013-2861\", \"CVE-2013-2862\", \"CVE-2013-2863\", \"CVE-2013-2865\", \"CVE-2013-2867\", \"CVE-2013-2868\", \"CVE-2013-2869\", \"CVE-2013-2870\", \"CVE-2013-2871\", \"CVE-2013-2874\", \"CVE-2013-2875\", \"CVE-2013-2876\", \"CVE-2013-2877\", \"CVE-2013-2878\", \"CVE-2013-2879\", \"CVE-2013-2880\", \"CVE-2013-2881\", \"CVE-2013-2882\", \"CVE-2013-2883\", \"CVE-2013-2884\", \"CVE-2013-2885\", \"CVE-2013-2886\", \"CVE-2013-2887\", \"CVE-2013-2900\", \"CVE-2013-2901\", \"CVE-2013-2902\", \"CVE-2013-2903\", \"CVE-2013-2904\", \"CVE-2013-2905\");\n script_bugtraq_id(56413, 56684, 56741, 56903, 58318, 58388, 58723, 58724, 58725, 58727, 58728, 58729, 58730, 58731, 58732, 58733, 58734, 59326, 59327, 59328, 59330, 59331, 59332, 59334, 59336, 59337, 59338, 59339, 59340, 59342, 59343, 59344, 59345, 59346, 59347, 59349, 59351, 59413, 59414, 59415, 59416, 59417, 59418, 59419, 59420, 59422, 59423, 59425, 59427, 59428, 59429, 59430, 59431, 59433, 59435, 59436, 59437, 59438, 59515, 59516, 59518, 59520, 59521, 59522, 59523, 59524, 59680, 59681, 59682, 59683, 60062, 60063, 60064, 60065, 60066, 60067, 60068, 60069, 60070, 60071, 60072, 60073, 60074, 60076, 60395, 60396, 60397, 60398, 60399, 60400, 60401, 60403, 60404, 60405, 61046, 61047, 61049, 61050, 61051, 61052, 61054, 61055, 61057, 61059, 61060, 61061, 61547, 61548, 61549, 61550, 61551, 61552, 61885, 61886, 61887, 61888, 61889, 61890, 61891);\n script_xref(name:\"GLSA\", value:\"201309-16\");\n\n script_name(english:\"GLSA-201309-16 : Chromium, V8: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201309-16\n(Chromium, V8: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and V8. Please\n review the CVE identifiers and release notes referenced below for\n details.\n \nImpact :\n\n A context-dependent attacker could entice a user to open a specially\n crafted website or JavaScript program using Chromium or V8, possibly\n resulting in the execution of arbitrary code with the privileges of the\n process or a Denial of Service condition. Furthermore, a remote attacker\n may be able to bypass security restrictions or have other, unspecified,\n impact.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b9b0b08\"\n );\n # https://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f59319e\"\n );\n # https://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ee73f07e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201309-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-29.0.1457.57'\n All V8 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.18.5.14'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:v8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 29.0.1457.57\"), vulnerable:make_list(\"lt 29.0.1457.57\"))) flag++;\nif (qpkg_check(package:\"dev-lang/v8\", unaffected:make_list(\"ge 3.18.5.14\"), vulnerable:make_list(\"lt 3.18.5.14\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium / V8\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2016-09-26T17:24:33", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0839", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0840"], "edition": 1, "description": "\nGoogle Chrome Releases reports:\n\n[151008] High CVE-2013-0839: Use-after-free in canvas font\n\t handling. Credit to Atte Kettunen of OUSPG.\n[170532] Medium CVE-2013-0840: Missing URL validation when opening\n\t new windows.\n[169770] High CVE-2013-0841: Unchecked array index in content\n\t blocking. Credit to Google Chrome Security Team (Chris Evans).\n[166867] Medium CVE-2013-0842: Problems with NULL characters\n\t embedded in paths. Credit to Google Chrome Security Team (J\u00c3\u00bcri\n\t Aedla).\n\n", "modified": "2013-01-22T00:00:00", "published": "2013-01-22T00:00:00", "href": "https://vuxml.freebsd.org/freebsd/8d03202c-6559-11e2-a389-00262d5ed8ee.html", "id": "8D03202C-6559-11E2-A389-00262D5ED8EE", "title": "chromium -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2020-12-09T19:52:37", "description": "Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors.", "edition": 5, "cvss3": {}, "published": "2013-01-24T21:55:00", "title": "CVE-2013-0842", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0842"], "modified": "2017-09-19T01:35:00", "cpe": ["cpe:/a:google:chrome:24.0.1312.53", "cpe:/a:google:chrome:24.0.1283.0", "cpe:/a:google:chrome:24.0.1272.1", "cpe:/a:google:chrome:24.0.1279.0", "cpe:/a:google:chrome:24.0.1294.0", "cpe:/a:google:chrome:24.0.1312.9", "cpe:/a:google:chrome:24.0.1312.33", "cpe:/a:google:chrome:24.0.1276.1", "cpe:/a:google:chrome:24.0.1312.29", "cpe:/a:google:chrome:24.0.1312.4", "cpe:/a:google:chrome:24.0.1288.0", "cpe:/a:google:chrome:24.0.1312.15", "cpe:/a:google:chrome:24.0.1312.41", "cpe:/a:google:chrome:24.0.1312.32", "cpe:/a:google:chrome:24.0.1295.0", "cpe:/a:google:chrome:24.0.1274.0", "cpe:/a:google:chrome:24.0.1305.0", "cpe:/a:google:chrome:24.0.1289.1", "cpe:/a:google:chrome:24.0.1290.0", "cpe:/a:google:chrome:24.0.1281.3", "cpe:/a:google:chrome:24.0.1304.1", "cpe:/a:google:chrome:24.0.1312.37", "cpe:/a:google:chrome:24.0.1312.19", "cpe:/a:google:chrome:24.0.1286.0", "cpe:/a:google:chrome:24.0.1312.24", "cpe:/a:google:chrome:24.0.1312.6", "cpe:/a:google:chrome:24.0.1312.49", "cpe:/a:google:chrome:24.0.1312.38", "cpe:/a:google:chrome:24.0.1278.0", "cpe:/a:google:chrome:24.0.1312.7", "cpe:/a:google:chrome:24.0.1289.0", "cpe:/a:google:chrome:24.0.1286.1", "cpe:/a:google:chrome:24.0.1285.1", "cpe:/a:google:chrome:24.0.1312.18", "cpe:/a:google:chrome:24.0.1284.2", "cpe:/a:google:chrome:24.0.1312.36", "cpe:/a:google:chrome:24.0.1312.31", "cpe:/a:google:chrome:24.0.1312.52", "cpe:/a:google:chrome:24.0.1306.1", "cpe:/a:google:chrome:24.0.1312.12", "cpe:/a:google:chrome:24.0.1291.0", "cpe:/a:google:chrome:24.0.1292.0", "cpe:/a:google:chrome:24.0.1312.34", "cpe:/a:google:chrome:24.0.1312.42", "cpe:/a:google:chrome:24.0.1312.25", "cpe:/a:google:chrome:24.0.1280.0", "cpe:/a:google:chrome:24.0.1312.47", "cpe:/a:google:chrome:24.0.1276.0", "cpe:/a:google:chrome:24.0.1312.16", "cpe:/a:google:chrome:24.0.1296.0", "cpe:/a:google:chrome:24.0.1299.0", "cpe:/a:google:chrome:24.0.1287.0", "cpe:/a:google:chrome:24.0.1312.45", "cpe:/a:google:chrome:24.0.1312.44", "cpe:/a:google:chrome:24.0.1305.1", "cpe:/a:google:chrome:24.0.1312.51", "cpe:/a:google:chrome:24.0.1312.54", "cpe:/a:google:chrome:24.0.1312.11", "cpe:/a:google:chrome:24.0.1293.0", "cpe:/a:google:chrome:24.0.1302.0", "cpe:/a:google:chrome:24.0.1312.55", "cpe:/a:google:chrome:24.0.1312.26", "cpe:/a:google:chrome:24.0.1301.2", "cpe:/a:google:chrome:24.0.1284.1", "cpe:/a:google:chrome:24.0.1312.40", "cpe:/a:google:chrome:24.0.1301.0", "cpe:/a:google:chrome:24.0.1309.0", "cpe:/a:google:chrome:24.0.1288.1", "cpe:/a:google:chrome:24.0.1312.39", "cpe:/a:google:chrome:24.0.1277.0", "cpe:/a:google:chrome:24.0.1311.1", "cpe:/a:google:chrome:24.0.1307.0", "cpe:/a:google:chrome:24.0.1312.35", "cpe:/a:google:chrome:24.0.1311.0", "cpe:/a:google:chrome:24.0.1312.21", "cpe:/a:google:chrome:24.0.1312.43", "cpe:/a:google:chrome:24.0.1312.23", "cpe:/a:google:chrome:24.0.1305.2", "cpe:/a:google:chrome:24.0.1282.0", "cpe:/a:google:chrome:24.0.1312.13", "cpe:/a:google:chrome:24.0.1275.0", "cpe:/a:google:chrome:24.0.1300.0", "cpe:/a:google:chrome:24.0.1298.0", "cpe:/a:google:chrome:24.0.1312.17", "cpe:/a:google:chrome:24.0.1305.3", "cpe:/a:google:chrome:24.0.1312.50", "cpe:/a:google:chrome:24.0.1305.4", "cpe:/a:google:chrome:24.0.1307.1", "cpe:/a:google:chrome:24.0.1312.14", "cpe:/a:google:chrome:24.0.1312.30", "cpe:/a:google:chrome:24.0.1303.0", "cpe:/a:google:chrome:24.0.1312.22", "cpe:/a:google:chrome:24.0.1306.0", "cpe:/a:google:chrome:24.0.1312.28", "cpe:/a:google:chrome:24.0.1312.10", "cpe:/a:google:chrome:24.0.1281.1", "cpe:/a:google:chrome:24.0.1287.1", "cpe:/a:google:chrome:24.0.1312.1", "cpe:/a:google:chrome:24.0.1312.48", "cpe:/a:google:chrome:24.0.1284.0", "cpe:/a:google:chrome:24.0.1310.0", "cpe:/a:google:chrome:24.0.1304.0", "cpe:/a:google:chrome:24.0.1281.2", "cpe:/a:google:chrome:24.0.1312.20", "cpe:/a:google:chrome:24.0.1285.0", "cpe:/a:google:chrome:24.0.1308.0", "cpe:/a:google:chrome:24.0.1273.0", "cpe:/a:google:chrome:24.0.1312.46", "cpe:/a:google:chrome:24.0.1297.0", "cpe:/a:google:chrome:24.0.1272.0", "cpe:/a:google:chrome:24.0.1285.2", "cpe:/a:google:chrome:24.0.1312.27", "cpe:/a:google:chrome:24.0.1281.0", "cpe:/a:google:chrome:24.0.1312.5", "cpe:/a:google:chrome:24.0.1312.0", "cpe:/a:google:chrome:24.0.1312.8"], "id": "CVE-2013-0842", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0842", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:google:chrome:24.0.1278.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.34:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1287.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.32:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.44:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.23:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.26:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1288.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1275.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1306.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1287.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1311.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.43:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.27:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.24:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1282.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1309.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1301.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.7:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1304.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.17:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.53:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1280.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.47:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.51:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.46:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1274.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.45:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1299.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1306.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.30:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1303.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1273.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1311.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1307.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1308.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1302.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.36:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1276.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.49:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1283.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1290.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1297.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1294.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1304.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1288.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1289.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1295.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.33:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1310.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1286.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1307.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1298.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1279.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.55:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1286.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1292.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.40:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1276.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.37:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1293.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.54:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1301.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1272.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1291.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1296.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.48:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1277.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1289.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1300.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1272.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:37", "description": "Google Chrome before 24.0.1312.56 does not validate URLs during the opening of new windows, which has unspecified impact and remote attack vectors.", "edition": 5, "cvss3": {}, "published": "2013-01-24T21:55:00", "title": "CVE-2013-0840", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0840"], "modified": "2017-09-19T01:35:00", "cpe": ["cpe:/a:google:chrome:24.0.1312.53", "cpe:/a:google:chrome:24.0.1283.0", "cpe:/a:google:chrome:24.0.1272.1", "cpe:/a:google:chrome:24.0.1279.0", "cpe:/a:google:chrome:24.0.1294.0", "cpe:/a:google:chrome:24.0.1312.9", "cpe:/a:google:chrome:24.0.1312.33", "cpe:/a:google:chrome:24.0.1276.1", "cpe:/a:google:chrome:24.0.1312.29", "cpe:/a:google:chrome:24.0.1312.4", "cpe:/a:google:chrome:24.0.1288.0", "cpe:/a:google:chrome:24.0.1312.15", "cpe:/a:google:chrome:24.0.1312.41", "cpe:/a:google:chrome:24.0.1312.32", "cpe:/a:google:chrome:24.0.1295.0", "cpe:/a:google:chrome:24.0.1274.0", "cpe:/a:google:chrome:24.0.1305.0", "cpe:/a:google:chrome:24.0.1289.1", "cpe:/a:google:chrome:24.0.1290.0", "cpe:/a:google:chrome:24.0.1281.3", "cpe:/a:google:chrome:24.0.1304.1", "cpe:/a:google:chrome:24.0.1312.37", "cpe:/a:google:chrome:24.0.1312.19", "cpe:/a:google:chrome:24.0.1286.0", "cpe:/a:google:chrome:24.0.1312.24", "cpe:/a:google:chrome:24.0.1312.6", "cpe:/a:google:chrome:24.0.1312.49", "cpe:/a:google:chrome:24.0.1312.38", "cpe:/a:google:chrome:24.0.1278.0", "cpe:/a:google:chrome:24.0.1312.7", "cpe:/a:google:chrome:24.0.1289.0", "cpe:/a:google:chrome:24.0.1286.1", "cpe:/a:google:chrome:24.0.1285.1", "cpe:/a:google:chrome:24.0.1312.18", "cpe:/a:google:chrome:24.0.1284.2", "cpe:/a:google:chrome:24.0.1312.36", "cpe:/a:google:chrome:24.0.1312.31", "cpe:/a:google:chrome:24.0.1312.52", "cpe:/a:google:chrome:24.0.1306.1", "cpe:/a:google:chrome:24.0.1312.12", "cpe:/a:google:chrome:24.0.1291.0", "cpe:/a:google:chrome:24.0.1292.0", "cpe:/a:google:chrome:24.0.1312.34", "cpe:/a:google:chrome:24.0.1312.42", "cpe:/a:google:chrome:24.0.1312.25", "cpe:/a:google:chrome:24.0.1280.0", "cpe:/a:google:chrome:24.0.1312.47", "cpe:/a:google:chrome:24.0.1276.0", "cpe:/a:google:chrome:24.0.1312.16", "cpe:/a:google:chrome:24.0.1296.0", "cpe:/a:google:chrome:24.0.1299.0", "cpe:/a:google:chrome:24.0.1287.0", "cpe:/a:google:chrome:24.0.1312.45", "cpe:/a:google:chrome:24.0.1312.44", "cpe:/a:google:chrome:24.0.1305.1", "cpe:/a:google:chrome:24.0.1312.51", "cpe:/a:google:chrome:24.0.1312.54", "cpe:/a:google:chrome:24.0.1312.11", "cpe:/a:google:chrome:24.0.1293.0", "cpe:/a:google:chrome:24.0.1302.0", "cpe:/a:google:chrome:24.0.1312.55", "cpe:/a:google:chrome:24.0.1312.26", "cpe:/a:google:chrome:24.0.1301.2", "cpe:/a:google:chrome:24.0.1284.1", "cpe:/a:google:chrome:24.0.1312.40", "cpe:/a:google:chrome:24.0.1301.0", "cpe:/a:google:chrome:24.0.1309.0", "cpe:/a:google:chrome:24.0.1288.1", "cpe:/a:google:chrome:24.0.1312.39", "cpe:/a:google:chrome:24.0.1277.0", "cpe:/a:google:chrome:24.0.1311.1", "cpe:/a:google:chrome:24.0.1307.0", "cpe:/a:google:chrome:24.0.1312.35", "cpe:/a:google:chrome:24.0.1311.0", "cpe:/a:google:chrome:24.0.1312.21", "cpe:/a:google:chrome:24.0.1312.43", "cpe:/a:google:chrome:24.0.1312.23", "cpe:/a:google:chrome:24.0.1305.2", "cpe:/a:google:chrome:24.0.1282.0", "cpe:/a:google:chrome:24.0.1312.13", "cpe:/a:google:chrome:24.0.1275.0", "cpe:/a:google:chrome:24.0.1300.0", "cpe:/a:google:chrome:24.0.1298.0", "cpe:/a:google:chrome:24.0.1312.17", "cpe:/a:google:chrome:24.0.1305.3", "cpe:/a:google:chrome:24.0.1312.50", "cpe:/a:google:chrome:24.0.1305.4", "cpe:/a:google:chrome:24.0.1307.1", "cpe:/a:google:chrome:24.0.1312.14", "cpe:/a:google:chrome:24.0.1312.30", "cpe:/a:google:chrome:24.0.1303.0", "cpe:/a:google:chrome:24.0.1312.22", "cpe:/a:google:chrome:24.0.1306.0", "cpe:/a:google:chrome:24.0.1312.28", "cpe:/a:google:chrome:24.0.1312.10", "cpe:/a:google:chrome:24.0.1281.1", "cpe:/a:google:chrome:24.0.1287.1", "cpe:/a:google:chrome:24.0.1312.1", "cpe:/a:google:chrome:24.0.1312.48", "cpe:/a:google:chrome:24.0.1284.0", "cpe:/a:google:chrome:24.0.1310.0", "cpe:/a:google:chrome:24.0.1304.0", "cpe:/a:google:chrome:24.0.1281.2", "cpe:/a:google:chrome:24.0.1312.20", "cpe:/a:google:chrome:24.0.1285.0", "cpe:/a:google:chrome:24.0.1308.0", "cpe:/a:google:chrome:24.0.1273.0", "cpe:/a:google:chrome:24.0.1312.46", "cpe:/a:google:chrome:24.0.1297.0", "cpe:/a:google:chrome:24.0.1272.0", "cpe:/a:google:chrome:24.0.1285.2", "cpe:/a:google:chrome:24.0.1312.27", "cpe:/a:google:chrome:24.0.1281.0", "cpe:/a:google:chrome:24.0.1312.5", "cpe:/a:google:chrome:24.0.1312.0", "cpe:/a:google:chrome:24.0.1312.8"], "id": "CVE-2013-0840", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0840", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:google:chrome:24.0.1278.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.34:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1287.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.32:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.44:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.23:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.26:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1288.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1275.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1306.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1287.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1311.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.43:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.27:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.24:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1282.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1309.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1301.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.7:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1304.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.17:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.53:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1280.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.47:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.51:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.46:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1274.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.45:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1299.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1306.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.30:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1303.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1273.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1311.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1307.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1308.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1302.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.36:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1276.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.49:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1283.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1290.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1297.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1294.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1304.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1288.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1289.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1295.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.33:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1310.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1286.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1307.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1298.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1279.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.55:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1286.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1292.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.40:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1276.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.37:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1293.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.54:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1301.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1272.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1291.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1296.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.48:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1277.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1289.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1300.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1272.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:37", "description": "Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of fonts in CANVAS elements.", "edition": 5, "cvss3": {}, "published": "2013-01-24T21:55:00", "title": "CVE-2013-0839", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0839"], "modified": "2017-09-19T01:35:00", "cpe": ["cpe:/a:google:chrome:24.0.1312.53", "cpe:/a:google:chrome:24.0.1283.0", "cpe:/a:google:chrome:24.0.1272.1", "cpe:/a:google:chrome:24.0.1279.0", "cpe:/a:google:chrome:24.0.1294.0", "cpe:/a:google:chrome:24.0.1312.9", "cpe:/a:google:chrome:24.0.1312.33", "cpe:/a:google:chrome:24.0.1276.1", "cpe:/a:google:chrome:24.0.1312.29", "cpe:/a:google:chrome:24.0.1312.4", "cpe:/a:google:chrome:24.0.1288.0", "cpe:/a:google:chrome:24.0.1312.15", "cpe:/a:google:chrome:24.0.1312.41", "cpe:/a:google:chrome:24.0.1312.32", "cpe:/a:google:chrome:24.0.1295.0", "cpe:/a:google:chrome:24.0.1274.0", "cpe:/a:google:chrome:24.0.1305.0", "cpe:/a:google:chrome:24.0.1289.1", "cpe:/a:google:chrome:24.0.1290.0", "cpe:/a:google:chrome:24.0.1281.3", "cpe:/a:google:chrome:24.0.1304.1", "cpe:/a:google:chrome:24.0.1312.37", "cpe:/a:google:chrome:24.0.1312.19", "cpe:/a:google:chrome:24.0.1286.0", "cpe:/a:google:chrome:24.0.1312.24", "cpe:/a:google:chrome:24.0.1312.6", "cpe:/a:google:chrome:24.0.1312.49", "cpe:/a:google:chrome:24.0.1312.38", "cpe:/a:google:chrome:24.0.1278.0", "cpe:/a:google:chrome:24.0.1312.7", "cpe:/a:google:chrome:24.0.1289.0", "cpe:/a:google:chrome:24.0.1286.1", "cpe:/a:google:chrome:24.0.1285.1", "cpe:/a:google:chrome:24.0.1312.18", "cpe:/a:google:chrome:24.0.1284.2", "cpe:/a:google:chrome:24.0.1312.36", "cpe:/a:google:chrome:24.0.1312.31", "cpe:/a:google:chrome:24.0.1312.52", "cpe:/a:google:chrome:24.0.1306.1", "cpe:/a:google:chrome:24.0.1312.12", "cpe:/a:google:chrome:24.0.1291.0", "cpe:/a:google:chrome:24.0.1292.0", "cpe:/a:google:chrome:24.0.1312.34", "cpe:/a:google:chrome:24.0.1312.42", "cpe:/a:google:chrome:24.0.1312.25", "cpe:/a:google:chrome:24.0.1280.0", "cpe:/a:google:chrome:24.0.1312.47", "cpe:/a:google:chrome:24.0.1276.0", "cpe:/a:google:chrome:24.0.1312.16", "cpe:/a:google:chrome:24.0.1296.0", "cpe:/a:google:chrome:24.0.1299.0", "cpe:/a:google:chrome:24.0.1287.0", "cpe:/a:google:chrome:24.0.1312.45", "cpe:/a:google:chrome:24.0.1312.44", "cpe:/a:google:chrome:24.0.1305.1", "cpe:/a:google:chrome:24.0.1312.51", "cpe:/a:google:chrome:24.0.1312.54", "cpe:/a:google:chrome:24.0.1312.11", "cpe:/a:google:chrome:24.0.1293.0", "cpe:/a:google:chrome:24.0.1302.0", "cpe:/a:google:chrome:24.0.1312.55", "cpe:/a:google:chrome:24.0.1312.26", "cpe:/a:google:chrome:24.0.1301.2", "cpe:/a:google:chrome:24.0.1284.1", "cpe:/a:google:chrome:24.0.1312.40", "cpe:/a:google:chrome:24.0.1301.0", "cpe:/a:google:chrome:24.0.1309.0", "cpe:/a:google:chrome:24.0.1288.1", "cpe:/a:google:chrome:24.0.1312.39", "cpe:/a:google:chrome:24.0.1277.0", "cpe:/a:google:chrome:24.0.1311.1", "cpe:/a:google:chrome:24.0.1307.0", "cpe:/a:google:chrome:24.0.1312.35", "cpe:/a:google:chrome:24.0.1311.0", "cpe:/a:google:chrome:24.0.1312.21", "cpe:/a:google:chrome:24.0.1312.43", "cpe:/a:google:chrome:24.0.1312.23", "cpe:/a:google:chrome:24.0.1305.2", "cpe:/a:google:chrome:24.0.1282.0", "cpe:/a:google:chrome:24.0.1312.13", "cpe:/a:google:chrome:24.0.1275.0", "cpe:/a:google:chrome:24.0.1300.0", "cpe:/a:google:chrome:24.0.1298.0", "cpe:/a:google:chrome:24.0.1312.17", "cpe:/a:google:chrome:24.0.1305.3", "cpe:/a:google:chrome:24.0.1312.50", "cpe:/a:google:chrome:24.0.1305.4", "cpe:/a:google:chrome:24.0.1307.1", "cpe:/a:google:chrome:24.0.1312.14", "cpe:/a:google:chrome:24.0.1312.30", "cpe:/a:google:chrome:24.0.1303.0", "cpe:/a:google:chrome:24.0.1312.22", "cpe:/a:google:chrome:24.0.1306.0", "cpe:/a:google:chrome:24.0.1312.28", "cpe:/a:google:chrome:24.0.1312.10", "cpe:/a:google:chrome:24.0.1281.1", "cpe:/a:google:chrome:24.0.1287.1", "cpe:/a:google:chrome:24.0.1312.1", "cpe:/a:google:chrome:24.0.1312.48", "cpe:/a:google:chrome:24.0.1284.0", "cpe:/a:google:chrome:24.0.1310.0", "cpe:/a:google:chrome:24.0.1304.0", "cpe:/a:google:chrome:24.0.1281.2", "cpe:/a:google:chrome:24.0.1312.20", "cpe:/a:google:chrome:24.0.1285.0", "cpe:/a:google:chrome:24.0.1308.0", "cpe:/a:google:chrome:24.0.1273.0", "cpe:/a:google:chrome:24.0.1312.46", "cpe:/a:google:chrome:24.0.1297.0", "cpe:/a:google:chrome:24.0.1272.0", "cpe:/a:google:chrome:24.0.1285.2", "cpe:/a:google:chrome:24.0.1312.27", "cpe:/a:google:chrome:24.0.1281.0", "cpe:/a:google:chrome:24.0.1312.5", "cpe:/a:google:chrome:24.0.1312.0", "cpe:/a:google:chrome:24.0.1312.8"], "id": "CVE-2013-0839", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0839", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:24.0.1278.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.34:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1287.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.32:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.44:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.23:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.26:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1288.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1275.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1306.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1287.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1311.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.43:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.27:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.24:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1282.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1309.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1301.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.7:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1304.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.17:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.53:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1280.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.47:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.51:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.46:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1274.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.45:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1299.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1306.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.30:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1303.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1273.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1311.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1307.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1308.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1302.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.36:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1276.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.49:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1283.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1290.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1297.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1294.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1304.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1288.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1289.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1295.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.33:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1310.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1286.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1307.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1298.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1279.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.55:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1286.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1292.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.40:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1276.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.37:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1293.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.54:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1301.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1272.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1291.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1296.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.48:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1277.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1289.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1300.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1272.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:37", "description": "Array index error in the content-blocking functionality in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.", "edition": 5, "cvss3": {}, "published": "2013-01-24T21:55:00", "title": "CVE-2013-0841", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0841"], "modified": "2017-09-19T01:35:00", "cpe": ["cpe:/a:google:chrome:24.0.1312.53", "cpe:/a:google:chrome:24.0.1283.0", "cpe:/a:google:chrome:24.0.1272.1", "cpe:/a:google:chrome:24.0.1279.0", "cpe:/a:google:chrome:24.0.1294.0", "cpe:/a:google:chrome:24.0.1312.9", "cpe:/a:google:chrome:24.0.1312.33", "cpe:/a:google:chrome:24.0.1276.1", "cpe:/a:google:chrome:24.0.1312.29", "cpe:/a:google:chrome:24.0.1312.4", "cpe:/a:google:chrome:24.0.1288.0", "cpe:/a:google:chrome:24.0.1312.15", "cpe:/a:google:chrome:24.0.1312.41", "cpe:/a:google:chrome:24.0.1312.32", "cpe:/a:google:chrome:24.0.1295.0", "cpe:/a:google:chrome:24.0.1274.0", "cpe:/a:google:chrome:24.0.1305.0", "cpe:/a:google:chrome:24.0.1289.1", "cpe:/a:google:chrome:24.0.1290.0", "cpe:/a:google:chrome:24.0.1281.3", "cpe:/a:google:chrome:24.0.1304.1", "cpe:/a:google:chrome:24.0.1312.37", "cpe:/a:google:chrome:24.0.1312.19", "cpe:/a:google:chrome:24.0.1286.0", "cpe:/a:google:chrome:24.0.1312.24", "cpe:/a:google:chrome:24.0.1312.6", "cpe:/a:google:chrome:24.0.1312.49", "cpe:/a:google:chrome:24.0.1312.38", "cpe:/a:google:chrome:24.0.1278.0", "cpe:/a:google:chrome:24.0.1312.7", "cpe:/a:google:chrome:24.0.1289.0", "cpe:/a:google:chrome:24.0.1286.1", "cpe:/a:google:chrome:24.0.1285.1", "cpe:/a:google:chrome:24.0.1312.18", "cpe:/a:google:chrome:24.0.1284.2", "cpe:/a:google:chrome:24.0.1312.36", "cpe:/a:google:chrome:24.0.1312.31", "cpe:/a:google:chrome:24.0.1312.52", "cpe:/a:google:chrome:24.0.1306.1", "cpe:/a:google:chrome:24.0.1312.12", "cpe:/a:google:chrome:24.0.1291.0", "cpe:/a:google:chrome:24.0.1292.0", "cpe:/a:google:chrome:24.0.1312.34", "cpe:/a:google:chrome:24.0.1312.42", "cpe:/a:google:chrome:24.0.1312.25", "cpe:/a:google:chrome:24.0.1280.0", "cpe:/a:google:chrome:24.0.1312.47", "cpe:/a:google:chrome:24.0.1276.0", "cpe:/a:google:chrome:24.0.1312.16", "cpe:/a:google:chrome:24.0.1296.0", "cpe:/a:google:chrome:24.0.1299.0", "cpe:/a:google:chrome:24.0.1287.0", "cpe:/a:google:chrome:24.0.1312.45", "cpe:/a:google:chrome:24.0.1312.44", "cpe:/a:google:chrome:24.0.1305.1", "cpe:/a:google:chrome:24.0.1312.51", "cpe:/a:google:chrome:24.0.1312.54", "cpe:/a:google:chrome:24.0.1312.11", "cpe:/a:google:chrome:24.0.1293.0", "cpe:/a:google:chrome:24.0.1302.0", "cpe:/a:google:chrome:24.0.1312.55", "cpe:/a:google:chrome:24.0.1312.26", "cpe:/a:google:chrome:24.0.1301.2", "cpe:/a:google:chrome:24.0.1284.1", "cpe:/a:google:chrome:24.0.1312.40", "cpe:/a:google:chrome:24.0.1301.0", "cpe:/a:google:chrome:24.0.1309.0", "cpe:/a:google:chrome:24.0.1288.1", "cpe:/a:google:chrome:24.0.1312.39", "cpe:/a:google:chrome:24.0.1277.0", "cpe:/a:google:chrome:24.0.1311.1", "cpe:/a:google:chrome:24.0.1307.0", "cpe:/a:google:chrome:24.0.1312.35", "cpe:/a:google:chrome:24.0.1311.0", "cpe:/a:google:chrome:24.0.1312.21", "cpe:/a:google:chrome:24.0.1312.43", "cpe:/a:google:chrome:24.0.1312.23", "cpe:/a:google:chrome:24.0.1305.2", "cpe:/a:google:chrome:24.0.1282.0", "cpe:/a:google:chrome:24.0.1312.13", "cpe:/a:google:chrome:24.0.1275.0", "cpe:/a:google:chrome:24.0.1300.0", "cpe:/a:google:chrome:24.0.1298.0", "cpe:/a:google:chrome:24.0.1312.17", "cpe:/a:google:chrome:24.0.1305.3", "cpe:/a:google:chrome:24.0.1312.50", "cpe:/a:google:chrome:24.0.1305.4", "cpe:/a:google:chrome:24.0.1307.1", "cpe:/a:google:chrome:24.0.1312.14", "cpe:/a:google:chrome:24.0.1312.30", "cpe:/a:google:chrome:24.0.1303.0", "cpe:/a:google:chrome:24.0.1312.22", "cpe:/a:google:chrome:24.0.1306.0", "cpe:/a:google:chrome:24.0.1312.28", "cpe:/a:google:chrome:24.0.1312.10", "cpe:/a:google:chrome:24.0.1281.1", "cpe:/a:google:chrome:24.0.1287.1", "cpe:/a:google:chrome:24.0.1312.1", "cpe:/a:google:chrome:24.0.1312.48", "cpe:/a:google:chrome:24.0.1284.0", "cpe:/a:google:chrome:24.0.1310.0", "cpe:/a:google:chrome:24.0.1304.0", "cpe:/a:google:chrome:24.0.1281.2", "cpe:/a:google:chrome:24.0.1312.20", "cpe:/a:google:chrome:24.0.1285.0", "cpe:/a:google:chrome:24.0.1308.0", "cpe:/a:google:chrome:24.0.1273.0", "cpe:/a:google:chrome:24.0.1312.46", "cpe:/a:google:chrome:24.0.1297.0", "cpe:/a:google:chrome:24.0.1272.0", "cpe:/a:google:chrome:24.0.1285.2", "cpe:/a:google:chrome:24.0.1312.27", "cpe:/a:google:chrome:24.0.1281.0", "cpe:/a:google:chrome:24.0.1312.5", "cpe:/a:google:chrome:24.0.1312.0", "cpe:/a:google:chrome:24.0.1312.8"], "id": "CVE-2013-0841", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0841", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:24.0.1278.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.34:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1287.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.32:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.44:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.23:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.26:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1288.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1275.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1306.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1287.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1311.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.43:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.27:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.24:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1282.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1309.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1301.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.7:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1304.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.17:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.53:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1280.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.47:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.51:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.46:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1281.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1274.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.45:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1299.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1306.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.30:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1303.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1273.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1311.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1307.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1308.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1302.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.36:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1276.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.49:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1283.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1285.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1290.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1297.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1294.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1284.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1304.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1288.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1289.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1295.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.33:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1310.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1286.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1307.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1298.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1279.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.55:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1286.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1292.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.40:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1276.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.37:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1293.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1305.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.54:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1301.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1272.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1291.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1296.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.48:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1277.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1289.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1300.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1272.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:24.0.1312.1:*:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2016-09-06T19:46:03", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5126", "CVE-2012-5136", "CVE-2013-0898", "CVE-2013-2882", "CVE-2013-0833", "CVE-2013-0891", "CVE-2013-2845", "CVE-2013-2901", "CVE-2013-2842", "CVE-2012-5130", "CVE-2013-0838", "CVE-2013-0917", "CVE-2013-2887", "CVE-2013-0924", "CVE-2013-0894", "CVE-2013-2902", "CVE-2013-2840", "CVE-2013-0832", "CVE-2013-2903", "CVE-2012-5133", "CVE-2013-0906", "CVE-2012-5127", "CVE-2013-2880", "CVE-2013-0904", "CVE-2013-2867", "CVE-2012-5125", "CVE-2013-0899", "CVE-2013-2849", "CVE-2013-2841", "CVE-2013-0834", "CVE-2013-2878", "CVE-2012-5139", "CVE-2013-0881", "CVE-2013-2874", "CVE-2013-0839", "CVE-2012-5117", "CVE-2013-0882", "CVE-2013-0841", "CVE-2012-5137", "CVE-2012-5122", "CVE-2013-0888", "CVE-2013-2853", "CVE-2012-5149", "CVE-2013-2876", "CVE-2013-2886", "CVE-2013-0889", "CVE-2012-5151", "CVE-2013-0884", "CVE-2013-0837", "CVE-2013-2848", "CVE-2013-0922", "CVE-2013-2846", "CVE-2013-0842", "CVE-2012-5146", "CVE-2013-2865", "CVE-2012-5132", "CVE-2013-0879", "CVE-2013-2904", "CVE-2013-0887", "CVE-2013-0890", "CVE-2013-2884", "CVE-2013-0925", "CVE-2013-0908", "CVE-2013-2870", "CVE-2013-0923", "CVE-2012-5145", "CVE-2013-0895", "CVE-2013-0836", "CVE-2013-0919", "CVE-2013-2877", "CVE-2012-5124", "CVE-2012-5143", "CVE-2013-0830", "CVE-2012-5140", "CVE-2013-2837", "CVE-2013-2856", "CVE-2012-5118", "CVE-2013-0880", "CVE-2013-0892", "CVE-2013-2875", "CVE-2013-0926", "CVE-2013-2847", "CVE-2013-0918", "CVE-2013-2881", "CVE-2012-5152", "CVE-2013-2861", "CVE-2013-2869", "CVE-2013-0902", "CVE-2013-2855", "CVE-2013-0835", "CVE-2012-5116", "CVE-2013-0920", "CVE-2012-5128", "CVE-2013-0900", "CVE-2013-2838", "CVE-2013-2863", "CVE-2012-5147", "CVE-2012-5141", "CVE-2013-2900", "CVE-2013-2844", "CVE-2013-2839", "CVE-2013-0910", "CVE-2013-0840", "CVE-2013-0909", "CVE-2013-0893", "CVE-2012-5154", "CVE-2013-0907", "CVE-2013-2862", "CVE-2013-2871", "CVE-2013-0897", "CVE-2013-2836", "CVE-2013-0828", "CVE-2013-2905", "CVE-2012-5120", "CVE-2013-0916", "CVE-2012-5123", "CVE-2013-0903", "CVE-2013-0912", "CVE-2013-2868", "CVE-2013-0911", "CVE-2013-0905", "CVE-2013-2859", "CVE-2013-0885", "CVE-2013-2879", "CVE-2013-2858", "CVE-2012-5135", "CVE-2012-5148", "CVE-2013-0829", "CVE-2013-0831", "CVE-2012-5144", "CVE-2013-0883", "CVE-2012-5150", "CVE-2013-2843", "CVE-2013-2860", "CVE-2013-0896", "CVE-2012-5138", "CVE-2013-2857", "CVE-2012-5153", "CVE-2012-5121", "CVE-2013-2883", "CVE-2012-5142", "CVE-2013-0921", "CVE-2013-2885"], "description": "### Background\n\nChromium is an open-source web browser project. V8 is Google\u2019s open source JavaScript engine. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. \n\n### Impact\n\nA context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass security restrictions or have other, unspecified, impact. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-29.0.1457.57\"\n \n\nAll V8 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/v8-3.18.5.14\"", "edition": 1, "modified": "2013-09-25T00:00:00", "published": "2013-09-24T00:00:00", "id": "GLSA-201309-16", "href": "https://security.gentoo.org/glsa/201309-16", "type": "gentoo", "title": "Chromium, V8: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
