Google Chrome Webkit Remote Code Execution Vulnerability (Linux)
2013-05-28T00:00:00
ID OPENVAS:1361412562310803624 Type openvas Reporter Copyright (c) 2013 Greenbone Networks GmbH Modified 2018-10-12T00:00:00
Description
The host is installed with Google Chrome and is prone to remote
code execution vulnerability.
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_lin.nasl 11865 2018-10-12 10:03:43Z cfischer $
#
# Google Chrome Webkit Remote Code Execution Vulnerability (Linux)
#
# Authors:
# Arun Kallavi <karun@secpod.com>
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.803624");
script_version("$Revision: 11865 $");
script_cve_id("CVE-2013-0912");
script_bugtraq_id(58388);
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"last_modification", value:"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $");
script_tag(name:"creation_date", value:"2013-05-28 17:26:01 +0530 (Tue, 28 May 2013)");
script_name("Google Chrome Webkit Remote Code Execution Vulnerability (Linux)");
script_xref(name:"URL", value:"http://www.securelist.com/en/advisories/52534");
script_xref(name:"URL", value:"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html");
script_copyright("Copyright (c) 2013 Greenbone Networks GmbH");
script_category(ACT_GATHER_INFO);
script_family("General");
script_dependencies("gb_google_chrome_detect_lin.nasl");
script_mandatory_keys("Google-Chrome/Linux/Ver");
script_tag(name:"impact", value:"Successful exploitation will let the attackers to execute arbitrary code via
crafted SVG document.");
script_tag(name:"affected", value:"Google Chrome version prior to 25.0.1364.160 on Linux");
script_tag(name:"insight", value:"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'
function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.");
script_tag(name:"solution", value:"Upgrade to the Google Chrome 25.0.1364.160 or later.");
script_tag(name:"summary", value:"The host is installed with Google Chrome and is prone to remote
code execution vulnerability.");
script_tag(name:"qod_type", value:"executable_version");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"URL", value:"http://www.google.com/chrome");
exit(0);
}
include("version_func.inc");
chromeVer = get_kb_item("Google-Chrome/Linux/Ver");
if(!chromeVer){
exit(0);
}
if(version_is_less(version:chromeVer, test_version:"25.0.1364.160"))
{
security_message( port: 0, data: "The target host was found to be vulnerable" );
exit(0);
}
{"id": "OPENVAS:1361412562310803624", "bulletinFamily": "scanner", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (Linux)", "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "published": "2013-05-28T00:00:00", "modified": "2018-10-12T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803624", "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "references": ["http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html", "http://www.securelist.com/en/advisories/52534", "http://www.google.com/chrome"], "cvelist": ["CVE-2013-0912"], "type": "openvas", "lastseen": "2019-05-29T18:37:51", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2013-0912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "edition": 5, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "76ac0a177dd32015bd85e7e40f7f583a764a66fda75ff9a8ea3d25df4d60bd31", "hashmap": [{"hash": "549a3c2248b0631bd7826dbce06ab716", "key": "cvelist"}, {"hash": "4c129e6dc2ca5faf9698474f70054af7", "key": "published"}, {"hash": "6a49befd794cc8935ffaab9e413a9373", "key": "sourceData"}, {"hash": "db584b380508e86d754d2e774c57963c", "key": "href"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "37a4a0d343c0f6de1a322c471a087553", "key": "references"}, {"hash": "8edcdec75a6e569d796fa52fd1e3bfab", "key": "pluginID"}, {"hash": "1a99a5f9a50e5bac3b749d8558d5e46b", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "05be68d7b22f7156d4209f2b84401a60", "key": "description"}, {"hash": "36644b9f2245967df44eae3ae80797bc", "key": "title"}, {"hash": "880f1765cac6f927550c7bfacc926b72", "key": "modified"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803624", "id": "OPENVAS:1361412562310803624", "lastseen": "2018-09-17T13:38:16", "modified": "2018-09-15T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310803624", "published": "2013-05-28T00:00:00", "references": ["http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html", "http://www.securelist.com/en/advisories/52534"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_lin.nasl 11401 2018-09-15 08:45:50Z cfischer $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803624\");\n script_version(\"$Revision: 11401 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-15 10:45:50 +0200 (Sat, 15 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:26:01 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52534\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 25.0.1364.160 on Linux\");\n script_tag(name:\"insight\", value:\"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 25.0.1364.160 or later,\n For updates refer to http://www.google.com/chrome\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (Linux)", "type": "openvas", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 5, "lastseen": "2018-09-17T13:38:16"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2013-0912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "edition": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "20f87355054705fd5197f1acf869edfc993f1fbc1cb03ecdbc3219685c596297", "hashmap": [{"hash": "fb0c1b70a25b0ce97295e72719784ce0", "key": "sourceData"}, {"hash": "549a3c2248b0631bd7826dbce06ab716", "key": "cvelist"}, {"hash": "4c129e6dc2ca5faf9698474f70054af7", "key": "published"}, {"hash": "4fb7fd6149697e74d091717ea3f1ca84", "key": "modified"}, {"hash": "db584b380508e86d754d2e774c57963c", "key": "href"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "37a4a0d343c0f6de1a322c471a087553", "key": "references"}, {"hash": "8edcdec75a6e569d796fa52fd1e3bfab", "key": "pluginID"}, {"hash": "1a99a5f9a50e5bac3b749d8558d5e46b", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "05be68d7b22f7156d4209f2b84401a60", "key": "description"}, {"hash": "36644b9f2245967df44eae3ae80797bc", "key": "title"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803624", "id": "OPENVAS:1361412562310803624", "lastseen": "2018-04-06T11:22:16", "modified": "2018-04-06T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310803624", "published": "2013-05-28T00:00:00", "references": ["http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html", "http://www.securelist.com/en/advisories/52534"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_lin.nasl 9353 2018-04-06 07:14:20Z cfischer $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\n Impact Level: System/Application\";\n\ntag_affected = \"Google Chrome version prior to 25.0.1364.160 on Linux\";\ntag_insight = \"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\";\ntag_solution = \"Upgrade to the Google Chrome 25.0.1364.160 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803624\");\n script_version(\"$Revision: 9353 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:26:01 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\");\n script_xref(name : \"URL\" , value : \"http://www.securelist.com/en/advisories/52534\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 25.0.1364.160\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message(0);\n exit(0);\n}\n", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (Linux)", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2018-04-06T11:22:16"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2013-0912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "4ab23c2000f6b54e5aaa9a0ed62fcb8a984822253afd6720ae1fd7921409df3c", "hashmap": [{"hash": "549a3c2248b0631bd7826dbce06ab716", "key": "cvelist"}, {"hash": "4c129e6dc2ca5faf9698474f70054af7", "key": "published"}, {"hash": "db584b380508e86d754d2e774c57963c", "key": "href"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "37a4a0d343c0f6de1a322c471a087553", "key": "references"}, {"hash": "8edcdec75a6e569d796fa52fd1e3bfab", "key": "pluginID"}, {"hash": "1a99a5f9a50e5bac3b749d8558d5e46b", "key": "reporter"}, {"hash": "f9b3566a2b6e01db1c9454352d18c67f", "key": "sourceData"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6f586672e78b66cbe067ed44d52efefb", "key": "modified"}, {"hash": "05be68d7b22f7156d4209f2b84401a60", "key": "description"}, {"hash": "36644b9f2245967df44eae3ae80797bc", "key": "title"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803624", "id": "OPENVAS:1361412562310803624", "lastseen": "2018-09-01T23:55:53", "modified": "2018-08-21T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310803624", "published": "2013-05-28T00:00:00", "references": ["http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html", "http://www.securelist.com/en/advisories/52534"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_lin.nasl 11065 2018-08-21 09:49:00Z mmartin $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803624\");\n script_version(\"$Revision: 11065 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-21 11:49:00 +0200 (Tue, 21 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:26:01 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52534\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\n Impact Level: System/Application\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 25.0.1364.160 on Linux\");\n script_tag(name:\"insight\", value:\"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 25.0.1364.160 or later,\n For updates refer to http://www.google.com/chrome\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (Linux)", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-01T23:55:53"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2013-0912"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "941f38a9ad35797f23b0f8363eb107d79e64c21f5f1d3476bf4b5e7aa0a949c4", "hashmap": [{"hash": "549a3c2248b0631bd7826dbce06ab716", "key": "cvelist"}, {"hash": "4c129e6dc2ca5faf9698474f70054af7", "key": "published"}, {"hash": "db584b380508e86d754d2e774c57963c", "key": "href"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "37a4a0d343c0f6de1a322c471a087553", "key": "references"}, {"hash": "8edcdec75a6e569d796fa52fd1e3bfab", "key": "pluginID"}, {"hash": "1a99a5f9a50e5bac3b749d8558d5e46b", "key": "reporter"}, {"hash": "f9b3566a2b6e01db1c9454352d18c67f", "key": "sourceData"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6f586672e78b66cbe067ed44d52efefb", "key": "modified"}, {"hash": "05be68d7b22f7156d4209f2b84401a60", "key": "description"}, {"hash": "36644b9f2245967df44eae3ae80797bc", "key": "title"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803624", "id": "OPENVAS:1361412562310803624", "lastseen": "2018-08-30T19:24:23", "modified": "2018-08-21T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310803624", "published": "2013-05-28T00:00:00", "references": ["http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html", "http://www.securelist.com/en/advisories/52534"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_lin.nasl 11065 2018-08-21 09:49:00Z mmartin $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803624\");\n script_version(\"$Revision: 11065 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-21 11:49:00 +0200 (Tue, 21 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:26:01 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52534\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\n Impact Level: System/Application\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 25.0.1364.160 on Linux\");\n script_tag(name:\"insight\", value:\"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 25.0.1364.160 or later,\n For updates refer to http://www.google.com/chrome\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (Linux)", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:24:23"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2013-0912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "edition": 6, "enchantments": {"dependencies": {"modified": "2018-10-22T16:41:28", "references": [{"idList": ["54BED676-87CE-11E2-B528-00262D5ED8EE"], "type": "freebsd"}, {"idList": ["GLSA-201309-16"], "type": "gentoo"}, {"idList": ["CVE-2013-0912"], "type": "cve"}, {"idList": ["ZDI-13-064"], "type": "zdi"}, {"idList": ["OPENVAS:803604", "OPENVAS:803622", "OPENVAS:1361412562310803623", "OPENVAS:1361412562310803622", "OPENVAS:803623", "OPENVAS:1361412562310121030", "OPENVAS:803624", "OPENVAS:1361412562310803604"], "type": "openvas"}, {"idList": ["ITUNES_11_0_3_BANNER.NASL", "MACOSX_SAFARI6_0_4.NASL", "ITUNES_11_0_3.NASL", "GENTOO_GLSA-201309-16.NASL", "FREEBSD_PKG_54BED67687CE11E2B52800262D5ED8EE.NASL", "GOOGLE_CHROME_25_0_1364_160.NASL"], "type": "nessus"}, {"idList": ["SECURITYVULNS:VULN:13092", "SECURITYVULNS:DOC:29426", "SECURITYVULNS:VULN:12962", "SECURITYVULNS:DOC:29270", "SECURITYVULNS:DOC:29204"], "type": "securityvulns"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "dc77ea5626cacb4e8e6f8d13794844c4975d80336539a58776116611aecf9d5d", "hashmap": [{"hash": "549a3c2248b0631bd7826dbce06ab716", "key": "cvelist"}, {"hash": "9b317e74c02f21a90a0abe2e8182e9a7", "key": "sourceData"}, {"hash": "4c129e6dc2ca5faf9698474f70054af7", "key": "published"}, {"hash": "8be90a922e3fddc17514b9fd17f39e9b", "key": "modified"}, {"hash": "db584b380508e86d754d2e774c57963c", "key": "href"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "3e894e0d4566af86199f4b9df32e8498", "key": "references"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "8edcdec75a6e569d796fa52fd1e3bfab", "key": "pluginID"}, {"hash": "1a99a5f9a50e5bac3b749d8558d5e46b", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "05be68d7b22f7156d4209f2b84401a60", "key": "description"}, {"hash": "36644b9f2245967df44eae3ae80797bc", "key": "title"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803624", "id": "OPENVAS:1361412562310803624", "lastseen": "2018-10-22T16:41:28", "modified": "2018-10-12T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310803624", "published": "2013-05-28T00:00:00", "references": ["http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html", "http://www.securelist.com/en/advisories/52534", "http://www.google.com/chrome"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_lin.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803624\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:26:01 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52534\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 25.0.1364.160 on Linux\");\n script_tag(name:\"insight\", value:\"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 25.0.1364.160 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (Linux)", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 6, "lastseen": "2018-10-22T16:41:28"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "549a3c2248b0631bd7826dbce06ab716"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "description", "hash": "05be68d7b22f7156d4209f2b84401a60"}, {"key": "href", "hash": "db584b380508e86d754d2e774c57963c"}, {"key": "modified", "hash": "8be90a922e3fddc17514b9fd17f39e9b"}, {"key": "naslFamily", "hash": "0db377921f4ce762c62526131097968f"}, {"key": "pluginID", "hash": "8edcdec75a6e569d796fa52fd1e3bfab"}, {"key": "published", "hash": "4c129e6dc2ca5faf9698474f70054af7"}, {"key": "references", "hash": "3e894e0d4566af86199f4b9df32e8498"}, {"key": "reporter", "hash": "1a99a5f9a50e5bac3b749d8558d5e46b"}, {"key": "sourceData", "hash": "9b317e74c02f21a90a0abe2e8182e9a7"}, {"key": "title", "hash": "36644b9f2245967df44eae3ae80797bc"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "9edd9ec082cdb8b4c86c401f4f6754df70a00135f0fb7e6a04230b1612b8b6e3", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-0912"]}, {"type": "openvas", "idList": ["OPENVAS:803624", "OPENVAS:1361412562310803622", "OPENVAS:803623", "OPENVAS:1361412562310803604", "OPENVAS:803604", "OPENVAS:803622", "OPENVAS:1361412562310803623", "OPENVAS:1361412562310121030"]}, {"type": "nessus", "idList": ["GOOGLE_CHROME_25_0_1364_160.NASL", "FREEBSD_PKG_54BED67687CE11E2B52800262D5ED8EE.NASL", "MACOSX_SAFARI6_0_4.NASL", "ITUNES_11_0_3_BANNER.NASL", "ITUNES_11_0_3.NASL", "GENTOO_GLSA-201309-16.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29270", "SECURITYVULNS:DOC:29204", "SECURITYVULNS:VULN:12962", "SECURITYVULNS:DOC:29426", "SECURITYVULNS:VULN:13092"]}, {"type": "freebsd", "idList": ["54BED676-87CE-11E2-B528-00262D5ED8EE"]}, {"type": "zdi", "idList": ["ZDI-13-064"]}, {"type": "gentoo", "idList": ["GLSA-201309-16"]}], "modified": "2019-05-29T18:37:51"}, "score": {"value": 9.0, "vector": "NONE", "modified": "2019-05-29T18:37:51"}, "vulnersScore": 9.0}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_lin.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803624\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:26:01 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52534\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 25.0.1364.160 on Linux\");\n script_tag(name:\"insight\", value:\"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 25.0.1364.160 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "naslFamily": "General", "pluginID": "1361412562310803624", "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:13:00", "bulletinFamily": "NVD", "description": "WebKit in Google Chrome before 25.0.1364.160 allows remote attackers to execute arbitrary code via vectors that leverage \"type confusion.\"", "modified": "2017-09-19T01:35:00", "id": "CVE-2013-0912", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0912", "published": "2013-03-11T10:55:00", "title": "CVE-2013-0912", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2016-09-26T17:24:32", "bulletinFamily": "unix", "description": "\nGoogle Chrome Releases reports:\n\n[180763] High CVE-2013-0912: Type confusion in WebKit. Credit to\n\t Nils and Jon of MWR Labs.\n\n", "modified": "2013-03-07T00:00:00", "published": "2013-03-07T00:00:00", "href": "https://vuxml.freebsd.org/freebsd/54bed676-87ce-11e2-b528-00262d5ed8ee.html", "id": "54BED676-87CE-11E2-B528-00262D5ED8EE", "title": "chromium -- WebKit vulnerability", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "zdi": [{"lastseen": "2016-11-09T00:18:04", "bulletinFamily": "info", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the usage of static_cast. The issue lies in the ability to create an object that is a smaller size than it is treated after a static_cast. An attacker can leverage this vulnerability to execute code under the context of the current process.", "modified": "2013-11-09T00:00:00", "published": "2013-05-10T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-13-064", "id": "ZDI-13-064", "title": "(Pwn2Own) Google Chrome Type Confusion Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:18:48", "bulletinFamily": "scanner", "description": "The version of Apple Safari installed on the remote Mac OS X 10.7 or 10.8 host is earlier than 6.0.4. It is, therefore, affected by an arbitrary code execution vulnerability in WebKit related to handling SVG files that can be exploited by tricking a victim into visiting a specially crafted web page.", "modified": "2018-07-14T00:00:00", "id": "MACOSX_SAFARI6_0_4.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66000", "published": "2013-04-17T00:00:00", "title": "Mac OS X : Apple Safari < 6.0.4 SVG File Handling Arbitrary Code Execution", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66000);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2013-04-16-1\");\n\n script_name(english:\"Mac OS X : Apple Safari < 6.0.4 SVG File Handling Arbitrary Code Execution\");\n script_summary(english:\"Check the Safari SourceVersion\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains a web browser that is affected by a remote\ncode execution vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of Apple Safari installed on the remote Mac OS X 10.7 or\n10.8 host is earlier than 6.0.4. It is, therefore, affected by an\narbitrary code execution vulnerability in WebKit related to handling\nSVG files that can be exploited by tricking a victim into visiting a\nspecially crafted web page.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5701\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple Safari 6.0.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.[78]([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.7 / 10.8\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"6.0.4\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:18:40", "bulletinFamily": "scanner", "description": "Google Chrome Releases reports :\n\n[180763] High CVE-2013-0912: Type confusion in WebKit. Credit to Nils and Jon of MWR Labs.", "modified": "2013-06-21T00:00:00", "id": "FREEBSD_PKG_54BED67687CE11E2B52800262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=65170", "published": "2013-03-10T00:00:00", "title": "FreeBSD : chromium -- WebKit vulnerability (54bed676-87ce-11e2-b528-00262d5ed8ee)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65170);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:52:44 $\");\n\n script_cve_id(\"CVE-2013-0912\");\n\n script_name(english:\"FreeBSD : chromium -- WebKit vulnerability (54bed676-87ce-11e2-b528-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n[180763] High CVE-2013-0912: Type confusion in WebKit. Credit to Nils\nand Jon of MWR Labs.\"\n );\n # http://googlechromereleases.blogspot.nl/search/Stable%20Updates\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6bd43a3e\"\n );\n # http://www.freebsd.org/ports/portaudit/54bed676-87ce-11e2-b528-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?788109cd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<25.0.1364.160\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:18:38", "bulletinFamily": "scanner", "description": "The version of Google Chrome installed on the remote host is a version prior to 25.0.1364.160. It includes a vulnerable WebKit version that is affected by a type confusion issue that could allow remote code execution.", "modified": "2018-11-15T00:00:00", "id": "GOOGLE_CHROME_25_0_1364_160.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=65097", "published": "2013-03-08T00:00:00", "title": "Google Chrome < 25.0.1364.160 WebKit Type Confusion Code Execution", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65097);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/15 20:50:27\");\n\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n\n script_name(english:\"Google Chrome < 25.0.1364.160 WebKit Type Confusion Code Execution\");\n script_summary(english:\"Checks version number of Google Chrome\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by a code\nexecution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is a version\nprior to 25.0.1364.160. It includes a vulnerable WebKit version that is\naffected by a type confusion issue that could allow remote code\nexecution.\");\n # https://chromereleases.googleblog.com/2013/03/stable-channel-update_7.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ff430046\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Google Chrome 25.0.1364.160 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\n\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\ngoogle_chrome_check_version(installs:installs, fix:'25.0.1364.160', severity:SECURITY_WARNING);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:18:56", "bulletinFamily": "scanner", "description": "The version of Apple iTunes installed on the remote Windows host is older than 11.0.3. It therefore is potentially affected by several issues :\n\n - An error exists related to certificate validation that could allow disclosure of sensitive information and could allow the application to trust data from untrusted sources. (CVE-2013-1014)\n\n - The included version of WebKit contains several errors that could lead to memory corruption and possibly arbitrary code execution. The vendor notes one possible attack vector is a man-in-the-middle attack while the application browses the 'iTunes Store'.\n (CVE-2012-2824, CVE-2012-2857, CVE-2012-3748, CVE-2012-5112, CVE-2013-0879, CVE-2013-0912, CVE-2013-0948, CVE-2013-0949, CVE-2013-0950, CVE-2013-0951, CVE-2013-0952, CVE-2013-0953, CVE-2013-0954, CVE-2013-0955, CVE-2013-0956, CVE-2013-0958, CVE-2013-0959, CVE-2013-0960, CVE-2013-0961, CVE-2013-0991, CVE-2013-0992, CVE-2013-0993, CVE-2013-0994, CVE-2013-0995, CVE-2013-0996, CVE-2013-0997, CVE-2013-0998, CVE-2013-0999, CVE-2013-1000, CVE-2013-1001, CVE-2013-1002, CVE-2013-1003, CVE-2013-1004, CVE-2013-1005, CVE-2013-1006, CVE-2013-1007, CVE-2013-1008, CVE-2013-1010, CVE-2013-1011)", "modified": "2018-07-13T00:00:00", "id": "ITUNES_11_0_3.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66498", "published": "2013-05-17T00:00:00", "title": "Apple iTunes < 11.0.3 Multiple Vulnerabilities (credentialed check)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66498);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/13 15:08:46\");\n\n script_cve_id(\n \"CVE-2012-2824\",\n \"CVE-2012-2857\",\n \"CVE-2012-3748\",\n \"CVE-2012-5112\",\n \"CVE-2013-0879\",\n \"CVE-2013-0912\",\n \"CVE-2013-0948\",\n \"CVE-2013-0949\",\n \"CVE-2013-0950\",\n \"CVE-2013-0951\",\n \"CVE-2013-0952\",\n \"CVE-2013-0953\",\n \"CVE-2013-0954\",\n \"CVE-2013-0955\",\n \"CVE-2013-0956\",\n \"CVE-2013-0958\",\n \"CVE-2013-0959\",\n \"CVE-2013-0960\",\n \"CVE-2013-0961\",\n \"CVE-2013-0991\",\n \"CVE-2013-0992\",\n \"CVE-2013-0993\",\n \"CVE-2013-0994\",\n \"CVE-2013-0995\",\n \"CVE-2013-0996\",\n \"CVE-2013-0997\",\n \"CVE-2013-0998\",\n \"CVE-2013-0999\",\n \"CVE-2013-1000\",\n \"CVE-2013-1001\",\n \"CVE-2013-1002\",\n \"CVE-2013-1003\",\n \"CVE-2013-1004\",\n \"CVE-2013-1005\",\n \"CVE-2013-1006\",\n \"CVE-2013-1007\",\n \"CVE-2013-1008\",\n \"CVE-2013-1010\",\n \"CVE-2013-1011\",\n \"CVE-2013-1014\"\n );\n script_bugtraq_id(\n 54203,\n 54749,\n 55867,\n 56362,\n 57576,\n 57580,\n 57581,\n 57582,\n 57584,\n 57585,\n 57586,\n 57587,\n 57588,\n 57589,\n 57590,\n 58388,\n 58495,\n 58496,\n 59941,\n 59944,\n 59953,\n 59954,\n 59955,\n 59956,\n 59957,\n 59958,\n 59959,\n 59960,\n 59963,\n 59964,\n 59965,\n 59967,\n 59970,\n 59971,\n 59972,\n 59973,\n 59974,\n 59976,\n 59977\n );\n script_xref(name:\"EDB-ID\", value:\"28081\");\n\n script_name(english:\"Apple iTunes < 11.0.3 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks version of iTunes on Windows\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains an application that has multiple\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of Apple iTunes installed on the remote Windows host is\nolder than 11.0.3. It therefore is potentially affected by several\nissues :\n\n - An error exists related to certificate validation\n that could allow disclosure of sensitive information\n and could allow the application to trust data from\n untrusted sources. (CVE-2013-1014)\n\n - The included version of WebKit contains several errors\n that could lead to memory corruption and possibly\n arbitrary code execution. The vendor notes one possible\n attack vector is a man-in-the-middle attack while the\n application browses the 'iTunes Store'.\n (CVE-2012-2824, CVE-2012-2857, CVE-2012-3748,\n CVE-2012-5112, CVE-2013-0879, CVE-2013-0912,\n CVE-2013-0948, CVE-2013-0949, CVE-2013-0950,\n CVE-2013-0951, CVE-2013-0952, CVE-2013-0953,\n CVE-2013-0954, CVE-2013-0955, CVE-2013-0956,\n CVE-2013-0958, CVE-2013-0959, CVE-2013-0960,\n CVE-2013-0961, CVE-2013-0991, CVE-2013-0992,\n CVE-2013-0993, CVE-2013-0994, CVE-2013-0995,\n CVE-2013-0996, CVE-2013-0997, CVE-2013-0998,\n CVE-2013-0999, CVE-2013-1000, CVE-2013-1001,\n CVE-2013-1002, CVE-2013-1003, CVE-2013-1004,\n CVE-2013-1005, CVE-2013-1006, CVE-2013-1007,\n CVE-2013-1008, CVE-2013-1010, CVE-2013-1011)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-107/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-108/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-109/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5766\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/May/msg00000.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/526623/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 11.0.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"SMB/iTunes/Version\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nversion = get_kb_item_or_exit(\"SMB/iTunes/Version\");\nfixed_version = \"11.0.3.42\";\npath = get_kb_item_or_exit(\"SMB/iTunes/Path\");\n\nif (ver_compare(ver:version, fix:fixed_version) == -1)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : '+path+\n '\\n Installed version : '+version+\n '\\n Fixed version : '+fixed_version+'\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"iTunes\", version, path);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:18:56", "bulletinFamily": "scanner", "description": "The version of Apple iTunes on the remote host is prior to version 11.0.3. It is, therefore, affected by multiple vulnerabilities :\n\n - An error exists related to certificate validation. A man-in-the-middle attacker can exploit this to spoof HTTPS servers, which allows the disclosure of sensitive information or the application to trust data from untrusted sources. Note that this issue affects the application regardless of the operating system.\n (CVE-2013-1014)\n\n - The version of WebKit included in iTunes contains several errors that can lead to memory corruption and arbitrary code execution. The vendor states that one possible vector is a man-in-the-middle attack while the application browses the 'iTunes Store'. Please note that these vulnerabilities only affect the application when it is running on a Windows host.\n (CVE-2012-2824, CVE-2012-2857, CVE-2012-3748, CVE-2012-5112, CVE-2013-0879, CVE-2013-0912, CVE-2013-0948, CVE-2013-0949, CVE-2013-0950, CVE-2013-0951, CVE-2013-0952, CVE-2013-0953, CVE-2013-0954, CVE-2013-0955, CVE-2013-0956, CVE-2013-0958, CVE-2013-0959, CVE-2013-0960, CVE-2013-0961, CVE-2013-0991, CVE-2013-0992, CVE-2013-0993, CVE-2013-0994, CVE-2013-0995, CVE-2013-0996, CVE-2013-0997, CVE-2013-0998, CVE-2013-0999, CVE-2013-1000, CVE-2013-1001, CVE-2013-1002, CVE-2013-1003, CVE-2013-1004, CVE-2013-1005, CVE-2013-1006, CVE-2013-1007, CVE-2013-1008, CVE-2013-1010, CVE-2013-1011)", "modified": "2018-07-13T00:00:00", "id": "ITUNES_11_0_3_BANNER.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66499", "published": "2013-05-17T00:00:00", "title": "Apple iTunes < 11.0.3 Multiple Vulnerabilities (uncredentialed check)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66499);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/07/13 15:08:46\");\n\n script_cve_id(\n \"CVE-2012-2824\",\n \"CVE-2012-2857\",\n \"CVE-2012-3748\",\n \"CVE-2012-5112\",\n \"CVE-2013-0879\",\n \"CVE-2013-0912\",\n \"CVE-2013-0948\",\n \"CVE-2013-0949\",\n \"CVE-2013-0950\",\n \"CVE-2013-0951\",\n \"CVE-2013-0952\",\n \"CVE-2013-0953\",\n \"CVE-2013-0954\",\n \"CVE-2013-0955\",\n \"CVE-2013-0956\",\n \"CVE-2013-0958\",\n \"CVE-2013-0959\",\n \"CVE-2013-0960\",\n \"CVE-2013-0961\",\n \"CVE-2013-0991\",\n \"CVE-2013-0992\",\n \"CVE-2013-0993\",\n \"CVE-2013-0994\",\n \"CVE-2013-0995\",\n \"CVE-2013-0996\",\n \"CVE-2013-0997\",\n \"CVE-2013-0998\",\n \"CVE-2013-0999\",\n \"CVE-2013-1000\",\n \"CVE-2013-1001\",\n \"CVE-2013-1002\",\n \"CVE-2013-1003\",\n \"CVE-2013-1004\",\n \"CVE-2013-1005\",\n \"CVE-2013-1006\",\n \"CVE-2013-1007\",\n \"CVE-2013-1008\",\n \"CVE-2013-1010\",\n \"CVE-2013-1011\",\n \"CVE-2013-1014\"\n );\n script_bugtraq_id(\n 54203,\n 54749,\n 55867,\n 56362,\n 57576,\n 57580,\n 57581,\n 57582,\n 57584,\n 57585,\n 57586,\n 57587,\n 57588,\n 57589,\n 57590,\n 58388,\n 58495,\n 58496,\n 59941,\n 59944,\n 59953,\n 59954,\n 59955,\n 59956,\n 59957,\n 59958,\n 59959,\n 59960,\n 59963,\n 59964,\n 59965,\n 59967,\n 59970,\n 59971,\n 59972,\n 59973,\n 59974,\n 59976,\n 59977\n );\n script_xref(name:\"EDB-ID\", value:\"28081\");\n\n script_name(english:\"Apple iTunes < 11.0.3 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a multimedia application that has multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes on the remote host is prior to version\n11.0.3. It is, therefore, affected by multiple vulnerabilities :\n\n - An error exists related to certificate validation. A\n man-in-the-middle attacker can exploit this to spoof\n HTTPS servers, which allows the disclosure of sensitive\n information or the application to trust data from\n untrusted sources. Note that this issue affects the\n application regardless of the operating system.\n (CVE-2013-1014)\n\n - The version of WebKit included in iTunes contains\n several errors that can lead to memory corruption and\n arbitrary code execution. The vendor states that one\n possible vector is a man-in-the-middle attack while the\n application browses the 'iTunes Store'. Please note that\n these vulnerabilities only affect the application when\n it is running on a Windows host.\n (CVE-2012-2824, CVE-2012-2857, CVE-2012-3748,\n CVE-2012-5112, CVE-2013-0879, CVE-2013-0912,\n CVE-2013-0948, CVE-2013-0949, CVE-2013-0950,\n CVE-2013-0951, CVE-2013-0952, CVE-2013-0953,\n CVE-2013-0954, CVE-2013-0955, CVE-2013-0956,\n CVE-2013-0958, CVE-2013-0959, CVE-2013-0960,\n CVE-2013-0961, CVE-2013-0991, CVE-2013-0992,\n CVE-2013-0993, CVE-2013-0994, CVE-2013-0995,\n CVE-2013-0996, CVE-2013-0997, CVE-2013-0998,\n CVE-2013-0999, CVE-2013-1000, CVE-2013-1001,\n CVE-2013-1002, CVE-2013-1003, CVE-2013-1004,\n CVE-2013-1005, CVE-2013-1006, CVE-2013-1007,\n CVE-2013-1008, CVE-2013-1010, CVE-2013-1011)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-107/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-108/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-109/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5766\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/May/msg00000.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/526623/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 11.0.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type == 'AppleTV') audit(AUDIT_LISTEN_NOT_VULN, \"iTunes on AppleTV\", port, version);\n\nfixed_version = \"11.0.3\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:20:04", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201309-16 (Chromium, V8: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.\n Impact :\n\n A context-dependent attacker could entice a user to open a specially crafted website or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass security restrictions or have other, unspecified, impact.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-07-12T00:00:00", "id": "GENTOO_GLSA-201309-16.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=70112", "published": "2013-09-25T00:00:00", "title": "GLSA-201309-16 : Chromium, V8: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201309-16.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70112);\n script_version(\"1.26\");\n script_cvs_date(\"Date: 2018/07/12 15:01:52\");\n\n script_cve_id(\"CVE-2012-5116\", \"CVE-2012-5117\", \"CVE-2012-5118\", \"CVE-2012-5120\", \"CVE-2012-5121\", \"CVE-2012-5122\", \"CVE-2012-5123\", \"CVE-2012-5124\", \"CVE-2012-5125\", \"CVE-2012-5126\", \"CVE-2012-5127\", \"CVE-2012-5128\", \"CVE-2012-5130\", \"CVE-2012-5132\", \"CVE-2012-5133\", \"CVE-2012-5135\", \"CVE-2012-5136\", \"CVE-2012-5137\", \"CVE-2012-5138\", \"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\", \"CVE-2012-5143\", \"CVE-2012-5144\", \"CVE-2012-5145\", \"CVE-2012-5146\", \"CVE-2012-5147\", \"CVE-2012-5148\", \"CVE-2012-5149\", \"CVE-2012-5150\", \"CVE-2012-5151\", \"CVE-2012-5152\", \"CVE-2012-5153\", \"CVE-2012-5154\", \"CVE-2013-0828\", \"CVE-2013-0829\", \"CVE-2013-0830\", \"CVE-2013-0831\", \"CVE-2013-0832\", \"CVE-2013-0833\", \"CVE-2013-0834\", \"CVE-2013-0835\", \"CVE-2013-0836\", \"CVE-2013-0837\", \"CVE-2013-0838\", \"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\", \"CVE-2013-0879\", \"CVE-2013-0880\", \"CVE-2013-0881\", \"CVE-2013-0882\", \"CVE-2013-0883\", \"CVE-2013-0884\", \"CVE-2013-0885\", \"CVE-2013-0887\", \"CVE-2013-0888\", \"CVE-2013-0889\", \"CVE-2013-0890\", \"CVE-2013-0891\", \"CVE-2013-0892\", \"CVE-2013-0893\", \"CVE-2013-0894\", \"CVE-2013-0895\", \"CVE-2013-0896\", \"CVE-2013-0897\", \"CVE-2013-0898\", \"CVE-2013-0899\", \"CVE-2013-0900\", \"CVE-2013-0902\", \"CVE-2013-0903\", \"CVE-2013-0904\", \"CVE-2013-0905\", \"CVE-2013-0906\", \"CVE-2013-0907\", \"CVE-2013-0908\", \"CVE-2013-0909\", \"CVE-2013-0910\", \"CVE-2013-0911\", \"CVE-2013-0912\", \"CVE-2013-0916\", \"CVE-2013-0917\", \"CVE-2013-0918\", \"CVE-2013-0919\", \"CVE-2013-0920\", \"CVE-2013-0921\", \"CVE-2013-0922\", \"CVE-2013-0923\", \"CVE-2013-0924\", \"CVE-2013-0925\", \"CVE-2013-0926\", \"CVE-2013-2836\", \"CVE-2013-2837\", \"CVE-2013-2838\", \"CVE-2013-2839\", \"CVE-2013-2840\", \"CVE-2013-2841\", \"CVE-2013-2842\", \"CVE-2013-2843\", \"CVE-2013-2844\", \"CVE-2013-2845\", \"CVE-2013-2846\", \"CVE-2013-2847\", \"CVE-2013-2848\", \"CVE-2013-2849\", \"CVE-2013-2853\", \"CVE-2013-2855\", \"CVE-2013-2856\", \"CVE-2013-2857\", \"CVE-2013-2858\", \"CVE-2013-2859\", \"CVE-2013-2860\", \"CVE-2013-2861\", \"CVE-2013-2862\", \"CVE-2013-2863\", \"CVE-2013-2865\", \"CVE-2013-2867\", \"CVE-2013-2868\", \"CVE-2013-2869\", \"CVE-2013-2870\", \"CVE-2013-2871\", \"CVE-2013-2874\", \"CVE-2013-2875\", \"CVE-2013-2876\", \"CVE-2013-2877\", \"CVE-2013-2878\", \"CVE-2013-2879\", \"CVE-2013-2880\", \"CVE-2013-2881\", \"CVE-2013-2882\", \"CVE-2013-2883\", \"CVE-2013-2884\", \"CVE-2013-2885\", \"CVE-2013-2886\", \"CVE-2013-2887\", \"CVE-2013-2900\", \"CVE-2013-2901\", \"CVE-2013-2902\", \"CVE-2013-2903\", \"CVE-2013-2904\", \"CVE-2013-2905\");\n script_bugtraq_id(56413, 56684, 56741, 56903, 58318, 58388, 58723, 58724, 58725, 58727, 58728, 58729, 58730, 58731, 58732, 58733, 58734, 59326, 59327, 59328, 59330, 59331, 59332, 59334, 59336, 59337, 59338, 59339, 59340, 59342, 59343, 59344, 59345, 59346, 59347, 59349, 59351, 59413, 59414, 59415, 59416, 59417, 59418, 59419, 59420, 59422, 59423, 59425, 59427, 59428, 59429, 59430, 59431, 59433, 59435, 59436, 59437, 59438, 59515, 59516, 59518, 59520, 59521, 59522, 59523, 59524, 59680, 59681, 59682, 59683, 60062, 60063, 60064, 60065, 60066, 60067, 60068, 60069, 60070, 60071, 60072, 60073, 60074, 60076, 60395, 60396, 60397, 60398, 60399, 60400, 60401, 60403, 60404, 60405, 61046, 61047, 61049, 61050, 61051, 61052, 61054, 61055, 61057, 61059, 61060, 61061, 61547, 61548, 61549, 61550, 61551, 61552, 61885, 61886, 61887, 61888, 61889, 61890, 61891);\n script_xref(name:\"GLSA\", value:\"201309-16\");\n\n script_name(english:\"GLSA-201309-16 : Chromium, V8: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201309-16\n(Chromium, V8: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and V8. Please\n review the CVE identifiers and release notes referenced below for\n details.\n \nImpact :\n\n A context-dependent attacker could entice a user to open a specially\n crafted website or JavaScript program using Chromium or V8, possibly\n resulting in the execution of arbitrary code with the privileges of the\n process or a Denial of Service condition. Furthermore, a remote attacker\n may be able to bypass security restrictions or have other, unspecified,\n impact.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b9b0b08\"\n );\n # https://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f59319e\"\n );\n # https://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ee73f07e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201309-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-29.0.1457.57'\n All V8 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.18.5.14'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:v8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 29.0.1457.57\"), vulnerable:make_list(\"lt 29.0.1457.57\"))) flag++;\nif (qpkg_check(package:\"dev-lang/v8\", unaffected:make_list(\"ge 3.18.5.14\"), vulnerable:make_list(\"lt 3.18.5.14\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium / V8\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-02T21:11:13", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "modified": "2017-05-04T00:00:00", "published": "2013-05-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803622", "id": "OPENVAS:803622", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_win.nasl 6065 2017-05-04 09:03:08Z teissa $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\n Impact Level: System/Application\";\n\ntag_affected = \"Google Chrome version prior to 25.0.1364.160 on Windows\";\ntag_insight = \"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\";\ntag_solution = \"Upgrade to the Google Chrome 25.0.1364.160 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\";\n\nif(description)\n{\n script_id(803622);\n script_version(\"$Revision: 6065 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-04 11:03:08 +0200 (Thu, 04 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:11:04 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.securelist.com/en/advisories/52534\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 25.0.1364.160\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:54", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "modified": "2018-10-12T00:00:00", "published": "2013-05-28T00:00:00", "id": "OPENVAS:1361412562310803623", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803623", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (MAC OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_macosx.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (MAC OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803623\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:20:48 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (MAC OS X)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52534\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 25.0.1364.160 on MAC OS X\");\n script_tag(name:\"insight\", value:\"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 25.0.1364.160 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:11:08", "bulletinFamily": "scanner", "description": "The host is installed with Apple Safari web browser and is prone\n to remote code execution vulnerability.", "modified": "2017-05-11T00:00:00", "published": "2013-05-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803604", "id": "OPENVAS:803604", "title": "Apple Safari Webkit Remote Code Execution Vulnerability - May13 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_safari_webkit_remote_code_exec_vuln_macosx.nasl 6104 2017-05-11 09:03:48Z teissa $\n#\n# Apple Safari Webkit Remote Code Execution Vulnerability - May13 (Mac OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\n Impact Level: System/Application\";\n\ntag_affected = \"Apple Safari versions prior to 6.0.4 on Mac OS X\";\ntag_insight = \"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\";\ntag_solution = \"Upgrade to Apple Safari version 6.0.4 or later,\n For updates refer to http://www.apple.com/support/downloads\";\ntag_summary = \"The host is installed with Apple Safari web browser and is prone\n to remote code execution vulnerability.\";\n\nif(description)\n{\n script_id(803604);\n script_version(\"$Revision: 6104 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-11 11:03:48 +0200 (Thu, 11 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-27 18:02:13 +0530 (Mon, 27 May 2013)\");\n script_name(\"Apple Safari Webkit Remote Code Execution Vulnerability - May13 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5701\");\n script_xref(name : \"URL\" , value : \"http://prod.lists.apple.com/archives/security-announce/2013/Apr/msg00000.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nosName = \"\";\nosVer = \"\";\nsafVer = \"\";\n\n## Get the OS name\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\n## Get the OS Version\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\n## Check for the Mac OS X and Mac OS X Server\nif(\"Mac OS X\" >< osName)\n{\n ## Check the affected OS versions\n if(version_is_equal(version:osVer, test_version:\"10.7.5\")||\n version_is_equal(version:osVer, test_version:\"10.8.3\"))\n {\n ## Get version from KB\n safVer = get_kb_item(\"AppleSafari/MacOSX/Version\");\n if(!safVer){\n exit(0);\n }\n\n ## Grep for Apple Safari Versions prior to 6.0.4\n if(version_is_less(version:safVer, test_version:\"6.0.4\"))\n {\n security_message(0);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:58", "bulletinFamily": "scanner", "description": "The host is installed with Apple Safari web browser and is prone\n to remote code execution vulnerability.", "modified": "2018-10-12T00:00:00", "published": "2013-05-27T00:00:00", "id": "OPENVAS:1361412562310803604", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803604", "title": "Apple Safari Webkit Remote Code Execution Vulnerability - May13 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_safari_webkit_remote_code_exec_vuln_macosx.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Apple Safari Webkit Remote Code Execution Vulnerability - May13 (Mac OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803604\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-27 18:02:13 +0530 (Mon, 27 May 2013)\");\n script_name(\"Apple Safari Webkit Remote Code Execution Vulnerability - May13 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5701\");\n script_xref(name:\"URL\", value:\"http://prod.lists.apple.com/archives/security-announce/2013/Apr/msg00000.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\");\n script_tag(name:\"affected\", value:\"Apple Safari versions prior to 6.0.4 on Mac OS X\");\n script_tag(name:\"insight\", value:\"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\");\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 6.0.4 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Apple Safari web browser and is prone\n to remote code execution vulnerability.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.apple.com/support/downloads\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\nif(\"Mac OS X\" >< osName)\n{\n if(version_is_equal(version:osVer, test_version:\"10.7.5\")||\n version_is_equal(version:osVer, test_version:\"10.8.3\"))\n {\n safVer = get_kb_item(\"AppleSafari/MacOSX/Version\");\n if(!safVer){\n exit(0);\n }\n\n if(version_is_less(version:safVer, test_version:\"6.0.4\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:11:06", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "modified": "2017-05-12T00:00:00", "published": "2013-05-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803623", "id": "OPENVAS:803623", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (MAC OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_macosx.nasl 6115 2017-05-12 09:03:25Z teissa $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (MAC OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\n Impact Level: System/Application\";\n\ntag_affected = \"Google Chrome version prior to 25.0.1364.160 on MAC OS X\";\ntag_insight = \"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\";\ntag_solution = \"Upgrade to the Google Chrome 25.0.1364.160 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\";\n\nif(description)\n{\n script_id(803623);\n script_version(\"$Revision: 6115 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:20:48 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (MAC OS X)\");\n script_xref(name : \"URL\" , value : \"http://www.securelist.com/en/advisories/52534\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 25.0.1364.160\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:29", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "modified": "2018-10-12T00:00:00", "published": "2013-05-28T00:00:00", "id": "OPENVAS:1361412562310803622", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803622", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_win.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803622\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:11:04 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52534\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 25.0.1364.160 on Windows\");\n script_tag(name:\"insight\", value:\"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 25.0.1364.160 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:11:11", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.", "modified": "2017-05-12T00:00:00", "published": "2013-05-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803624", "id": "OPENVAS:803624", "title": "Google Chrome Webkit Remote Code Execution Vulnerability (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_webkit_remote_code_exec_vuln_lin.nasl 6115 2017-05-12 09:03:25Z teissa $\n#\n# Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attackers to execute arbitrary code via\n crafted SVG document.\n Impact Level: System/Application\";\n\ntag_affected = \"Google Chrome version prior to 25.0.1364.160 on Linux\";\ntag_insight = \"WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget'\n function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.\";\ntag_solution = \"Upgrade to the Google Chrome 25.0.1364.160 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"The host is installed with Google Chrome and is prone to remote\n code execution vulnerability.\";\n\nif(description)\n{\n script_id(803624);\n script_version(\"$Revision: 6115 $\");\n script_cve_id(\"CVE-2013-0912\");\n script_bugtraq_id(58388);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-28 17:26:01 +0530 (Tue, 28 May 2013)\");\n script_name(\"Google Chrome Webkit Remote Code Execution Vulnerability (Linux)\");\n script_xref(name : \"URL\" , value : \"http://www.securelist.com/en/advisories/52534\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2013/03/stable-channel-update_7.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 25.0.1364.160\nif(version_is_less(version:chromeVer, test_version:\"25.0.1364.160\"))\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:10", "bulletinFamily": "scanner", "description": "Gentoo Linux Local Security Checks GLSA 201309-16", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121030", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121030", "title": "Gentoo Security Advisory GLSA 201309-16", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201309-16.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121030\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:25:53 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201309-16\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201309-16\");\n script_cve_id(\"CVE-2012-5116\", \"CVE-2012-5117\", \"CVE-2012-5118\", \"CVE-2012-5120\", \"CVE-2012-5121\", \"CVE-2012-5122\", \"CVE-2012-5123\", \"CVE-2012-5124\", \"CVE-2012-5125\", \"CVE-2012-5126\", \"CVE-2012-5127\", \"CVE-2012-5128\", \"CVE-2012-5130\", \"CVE-2012-5132\", \"CVE-2012-5133\", \"CVE-2012-5135\", \"CVE-2012-5136\", \"CVE-2012-5137\", \"CVE-2012-5138\", \"CVE-2012-5139\", \"CVE-2012-5140\", \"CVE-2012-5141\", \"CVE-2012-5142\", \"CVE-2012-5143\", \"CVE-2012-5144\", \"CVE-2012-5145\", \"CVE-2012-5146\", \"CVE-2012-5147\", \"CVE-2012-5148\", \"CVE-2012-5149\", \"CVE-2012-5150\", \"CVE-2012-5151\", \"CVE-2012-5152\", \"CVE-2012-5153\", \"CVE-2012-5154\", \"CVE-2013-0828\", \"CVE-2013-0829\", \"CVE-2013-0830\", \"CVE-2013-0831\", \"CVE-2013-0832\", \"CVE-2013-0833\", \"CVE-2013-0834\", \"CVE-2013-0835\", \"CVE-2013-0836\", \"CVE-2013-0837\", \"CVE-2013-0838\", \"CVE-2013-0839\", \"CVE-2013-0840\", \"CVE-2013-0841\", \"CVE-2013-0842\", \"CVE-2013-0879\", \"CVE-2013-0880\", \"CVE-2013-0881\", \"CVE-2013-0882\", \"CVE-2013-0883\", \"CVE-2013-0884\", \"CVE-2013-0885\", \"CVE-2013-0887\", \"CVE-2013-0888\", \"CVE-2013-0889\", \"CVE-2013-0890\", \"CVE-2013-0891\", \"CVE-2013-0892\", \"CVE-2013-0893\", \"CVE-2013-0894\", \"CVE-2013-0895\", \"CVE-2013-0896\", \"CVE-2013-0897\", \"CVE-2013-0898\", \"CVE-2013-0899\", \"CVE-2013-0900\", \"CVE-2013-0902\", \"CVE-2013-0903\", \"CVE-2013-0904\", \"CVE-2013-0905\", \"CVE-2013-0906\", \"CVE-2013-0907\", \"CVE-2013-0908\", \"CVE-2013-0909\", \"CVE-2013-0910\", \"CVE-2013-0911\", \"CVE-2013-0912\", \"CVE-2013-0916\", \"CVE-2013-0917\", \"CVE-2013-0918\", \"CVE-2013-0919\", \"CVE-2013-0920\", \"CVE-2013-0921\", \"CVE-2013-0922\", \"CVE-2013-0923\", \"CVE-2013-0924\", \"CVE-2013-0925\", \"CVE-2013-0926\", \"CVE-2013-2836\", \"CVE-2013-2837\", \"CVE-2013-2838\", \"CVE-2013-2839\", \"CVE-2013-2840\", \"CVE-2013-2841\", \"CVE-2013-2842\", \"CVE-2013-2843\", \"CVE-2013-2844\", \"CVE-2013-2845\", \"CVE-2013-2846\", \"CVE-2013-2847\", \"CVE-2013-2848\", \"CVE-2013-2849\", \"CVE-2013-2853\", \"CVE-2013-2855\", \"CVE-2013-2856\", \"CVE-2013-2857\", \"CVE-2013-2858\", \"CVE-2013-2859\", \"CVE-2013-2860\", \"CVE-2013-2861\", \"CVE-2013-2862\", \"CVE-2013-2863\", \"CVE-2013-2865\", \"CVE-2013-2867\", \"CVE-2013-2868\", \"CVE-2013-2869\", \"CVE-2013-2870\", \"CVE-2013-2871\", \"CVE-2013-2874\", \"CVE-2013-2875\", \"CVE-2013-2876\", \"CVE-2013-2877\", \"CVE-2013-2878\", \"CVE-2013-2879\", \"CVE-2013-2880\", \"CVE-2013-2881\", \"CVE-2013-2882\", \"CVE-2013-2883\", \"CVE-2013-2884\", \"CVE-2013-2885\", \"CVE-2013-2886\", \"CVE-2013-2887\", \"CVE-2013-2900\", \"CVE-2013-2901\", \"CVE-2013-2902\", \"CVE-2013-2903\", \"CVE-2013-2904\", \"CVE-2013-2905\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201309-16\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 29.0.1457.57\"), vulnerable: make_list(\"lt 29.0.1457.57\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/v8\", unaffected: make_list(\"ge 3.18.5.14\"), vulnerable: make_list(\"lt 3.18.5.14\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:47", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2013-04-16-1 Safari 6.0.4\r\n\r\nSafari 6.0.4 is now available and addresses the following:\r\n\r\nWebKit\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.3\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An invalid cast issue existed in the handling of SVG\r\nfiles. This issue was addressed through improved type checking.\r\nCVE-ID\r\nCVE-2013-0912 : Nils and Jon from MWR Labs working with HP\r\nTippingPoint's Zero Day Initiative\r\n\r\n\r\nFor OS X Lion systems Safari 6.0.3 is available via\r\nthe Apple Software Update application.\r\n\r\nFor OS X Mountain Lion systems Safari 6.0.3 is included with\r\nOS X v10.8.3.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJRbOeOAAoJEPefwLHPlZEwksAP/Ri4p48A5xqlZjpsEjoHc6Zf\r\nrIm01xAyqsVUg85leD5NP+8yqvEFV52FEG1sONslOFbnRz62RPWZsOtPs0sIrfYR\r\nsvRiCdXrB9nHW6NkrtXuEAAzFZl1VQ5Wu5ojWJU5VNrcW+Idml0eV9ktp5V5mSH1\r\ndy+airv3xYGJt+35JttKTgKEPFLcU5uSxssEQb4SlTBDdCZFBV/+nbcDh0t1sapB\r\naS9iZnzbEh/mapMzkxMy7PBV3GGgu/bkTziSk5jV6G9WNaRUzKHrJgbIYkV1wDn0\r\nlom7tyozkU+1P/XRYOJsdk+8Z8b9Zy6eihsvMgnWh7vBqSRHO1v6MTkIgkNQe64i\r\nMQsmPbo3AuPq0EgKrUWHwO86OSy1J9lKiqsPCrGul05VhRAsTLTn1RiKAN20PsQH\r\nXQKog9Nfk1yNrL+ONSlYB13w56QKDzzXmwWFRHBrwfMxH/YDICDPkLJumsOSS0SL\r\nnuz9hfNCD7tKUg2/3JV2RVf94xa66Zli3j524VG54s19aBrUqx1cbqDBvAl9lyJY\r\nhCijZUklOGYI0RPbP86dv1NdUdBN5dOT2foqlrGQU83ppvTO1sNC8NNFe+81RhkV\r\nQXweNwnYMcW7183xz2Xenh4+oihzpg2dcn2FNlmu+utMMX7P+6ed9nYLbpR1FlEp\r\nz4SkKyISyJ+dYYK/o0J5\r\n=Vj0q\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2013-04-22T00:00:00", "published": "2013-04-22T00:00:00", "id": "SECURITYVULNS:DOC:29270", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29270", "title": "APPLE-SA-2013-04-16-1 Safari 6.0.4", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:50", "bulletinFamily": "software", "description": "Protection bypass, privilege escalation, code execution.", "modified": "2013-03-24T00:00:00", "published": "2013-03-24T00:00:00", "id": "SECURITYVULNS:VULN:12962", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12962", "title": "Apple iOS multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:47", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2013-03-19-1 iOS 6.1.3\r\n\r\niOS 6.1.3 is now available and addresses the following:\r\n\r\ndyld\r\nAvailable for: iPhone 3GS and later,\r\niPod touch (4th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute unsigned code\r\nDescription: A state management issue existed in the handling of\r\nMach-O executable files with overlapping segments. This issue was\r\naddressed by refusing to load an executable with overlapping\r\nsegments.\r\nCVE-ID\r\nCVE-2013-0977 : evad3rs\r\n\r\nKernel\r\nAvailable for: iPhone 3GS and later,\r\niPod touch (4th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to determine the address of\r\nstructures in the kernel\r\nDescription: An information disclosure issue existed in the ARM\r\nprefetch abort handler. This issue was addressed by panicking if the\r\nprefetch abort handler is not being called from an abort context.\r\nCVE-ID\r\nCVE-2013-0978 : evad3rs\r\n\r\nLockdown\r\nAvailable for: iPhone 3GS and later,\r\niPod touch (4th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to change permissions on arbitrary\r\nfiles\r\nDescription: When restoring from backup, lockdownd changed\r\npermissions on certain files even if the path to the file included a\r\nsymbolic link. This issue was addressed by not changing permissions\r\non any file with a symlink in its path.\r\nCVE-ID\r\nCVE-2013-0979 : evad3rs\r\n\r\nPasscode Lock\r\nAvailable for: iPhone 3GS and later,\r\niPod touch (4th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to the device may be able to\r\nbypass the screen lock\r\nDescription: A logic issue existed in the handling of emergency\r\ncalls from the lock screen. This issue was addressed through improved\r\nlock state management.\r\nCVE-ID\r\nCVE-2013-0980 : Christopher Heffley of theMedium.ca,\r\nvideosdebarraquito\r\n\r\nUSB\r\nAvailable for: iPhone 3GS and later,\r\niPod touch (4th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code in the\r\nkernel\r\nDescription: The IOUSBDeviceFamily driver used pipe object pointers\r\nthat came from userspace. This issue was addressed by performing\r\nadditional validation of pipe object pointers.\r\nCVE-ID\r\nCVE-2013-0981 : evad3rs\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS and later,\r\niPod touch (4th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An invalid cast issue existed in the handling of SVG\r\nfiles. This issue was addressed through improved type checking.\r\nCVE-ID\r\nCVE-2013-0912 : Nils and Jon from MWR Labs working with HP\r\nTippingPoint's Zero Day Initiative\r\n\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "6.1.3".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJRR36/AAoJEPefwLHPlZEwj+8P/j2CxTtGz790dpfS5+3k02AV\r\nJmdOZjAxzEtsc/j5XfpyGdvOBAfTEK+llt/tQ6C3dK+KlB9otDwvgz3K0DFls1fM\r\np0OVw4E6Ao2qfDG02eqGdPldYMejTxlH1AGs4mW6ZdfM2mAZLn+Bmm3dCkcJ2PGn\r\ns9bYZBQdnQySkd1/l6lc2dj5zpjmsWMtr0dLVyiq39jDA1E5oA+iAEJ45BT3mxeA\r\nSKn44+xhpVQATAz4H5tYaxQAFt9hmJbzkvH8VoMLzoJNSrodBjB9WPtLPX95P/eg\r\n88F2RshnpjrKnlWcbzzyEQWt7j2hxtjvJufGxdtOQXLIUp4wGlqQeTmCso/cqQPV\r\nUlLUbbRNr4et9wS2EWlYymywcIwtYlFlgslNiV9zzLWKo6Hv79oSr3KAYaI1kn48\r\nv1FS8OvZswQrsUwCb73WMVdh0RoEMPYPptkzB76ivk/KCcj+CUqC+fFm84JDTM4D\r\neS+dLkA+p2mdhYNCPkmbPTbSdSfOK4rKU90RHCvxq04b+8KM/iHA7xQ0rpibK6ba\r\nYa47zOgnRRzvFghYazasvC5LSPVsQolz+D5wWOMyL5iVWDXYhzFXJ2H45ZgmO73k\r\n+tcKHXKCSN9IdYmtEG/nOLiKCU6V7W9Sk42Sl6Eyb3cKhKgPtsaWUybHiDi8XjV8\r\noiKBfq9i2nsbqLTdlCIO\r\n=f4N8\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2013-03-24T00:00:00", "published": "2013-03-24T00:00:00", "id": "SECURITYVULNS:DOC:29204", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29204", "title": "APPLE-SA-2013-03-19-1 iOS 6.1.3", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:51", "bulletinFamily": "software", "description": "Certificate validation vulnerability, multiple memory corruptions.", "modified": "2013-05-27T00:00:00", "published": "2013-05-27T00:00:00", "id": "SECURITYVULNS:VULN:13092", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13092", "title": "Apple iTunes multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:48", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2013-05-16-1 iTunes 11.0.3\r\n\r\niTunes 11.0.3 is now available and addresses the following:\r\n\r\niTunes\r\nAvailable for: Mac OS X v10.6.8 or later, Windows 7, Vista,\r\nXP SP2 or later\r\nImpact: An attacker in a privileged network position may manipulate\r\nHTTPS server certificates, leading to the disclosure of sensitive\r\ninformation\r\nDescription: A certificate validation issue existed in iTunes. In\r\ncertain contexts, an active network attacker could present untrusted\r\ncertificates to iTunes and they would be accepted without warning.\r\nThis issue was resolved by improved certificate validation.\r\nCVE-ID\r\nCVE-2013-1014 : Christopher of ThinkSECURE Pte Ltd, Christopher\r\nHickstein of University of Minnesota\r\n\r\niTunes\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may lead to an unexpected application termination or\r\narbitrary code executionn\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2012-2824 : miaubiz\r\nCVE-2012-2857 : Arthur Gerkis\r\nCVE-2012-3748 : Joost Pol and Daan Keuper of Certified Secure working\r\nwith HP TippingPoint's Zero Day Initiative\r\nCVE-2012-5112 : Pinkie Pie working with Google's Pwnium 2 contest\r\nCVE-2013-0879 : Atte Kettunen of OUSPG\r\nCVE-2013-0912 : Nils and Jon from MWR Labs working with HP\r\nTippingPoint's Zero Day Initiative\r\nCVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0951 : Apple\r\nCVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the\r\nGoogle Chrome Security Team\r\nCVE-2013-0955 : Apple\r\nCVE-2013-0956 : Apple Product Security\r\nCVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0960 : Apple\r\nCVE-2013-0961 : wushi of team509 working with iDefense VCP\r\nCVE-2013-0991 : Jay Civelli of the Chromium development community\r\nCVE-2013-0992 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-0993 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0994 : David German of Google\r\nCVE-2013-0995 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0996 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0997 : Vitaliy Toropov working with HP TippingPoint's Zero\r\nDay Initiative\r\nCVE-2013-0998 : pa_kt working with HP TippingPoint's Zero Day\r\nInitiative\r\nCVE-2013-0999 : pa_kt working with HP TippingPoint's Zero Day\r\nInitiative\r\nCVE-2013-1000 : Fermin J. Serna of the Google Security Team\r\nCVE-2013-1001 : Ryan Humenick\r\nCVE-2013-1002 : Sergey Glazunov\r\nCVE-2013-1003 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1004 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1005 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1006 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1007 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1008 : Sergey Glazunov\r\nCVE-2013-1010 : miaubiz\r\nCVE-2013-1011 : Google Chrome Security Team (Inferno)\r\n\r\n\r\niTunes 11.0.3 may be obtained from:\r\nhttp://www.apple.com/itunes/download/\r\n\r\nFor OS X:\r\nThe download file is named: "iTunes11.0.3.dmg"\r\nIts SHA-1 digest is: 83f4afc5d3b5698c811c87c27b975824116bbf1d\r\n\r\nFor Windows XP / Vista / Windows 7:\r\nThe download file is named: "iTunesSetup.exe"\r\nIts SHA-1 digest is: 1e95101b584762b3c46ab597c115cd86bfd45d64\r\n\r\nFor 64-bit Windows XP / Vista / Windows 7:\r\nThe download file is named: "iTunes64Setup.exe"\r\nIts SHA-1 digest is: 6669044bd50c1f753c8412a02556a70be09fd9f8\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJRlQ9KAAoJEPefwLHPlZEwbhcP+QHZGEAVCTw4+Z5k67ninaCS\r\nBV11pa8iySzuv0XZ9Se+CsI37IT1P3bVqEw/A+1i989Q00kaGCBNyt9m65krxNVX\r\nEhFLB8IxCfZqpM4C8ENhOkrY05iOfLx/DW7ioYM9TGTckpb6ayKkUBHkqn+bY3Hq\r\nb9rVeulzPfNsm1QtNp9eRGAL5Kq8vgEAlrMebUF1vOQ8CvGoGNplk0xRBm3Wg0im\r\ngCal7A/fwp9OQUnmlUMeASgbX+Q94ytM6RbPVXwiL1ghTK4bO2LEW1PXdp58cWhv\r\nkNtqO8eOokMl6wwLI6T69GmyfvoL7p5FcDRvuLCtzf2R9j6JgkXYMamP2Mbpr4d3\r\nxlNS2slJQfyRVELnJOv8bxl7Fi2EpBQtUe4WRk7StNWf34kwAb7lWUd1amfIWNcp\r\nlZSojjpShrA7zz82FZxt3q79Tq7Y398FH7ObcJVCWdbCI89TsoBujkP/P6lcp6mz\r\nTnRVLZq6xWnWz1SUsvM5qBfb1LjUREvKDc1anWVaiqW2BJEF0Mc87hkyL5q6YrIv\r\nVyUFBT5cJIqAKUD7MzsUjDMIsyXALVyj9zh1lJ0+c8QdCjPetk8tUg6TCun0nw95\r\nnkFYZJcHDZVLzn8rC/GoE2x8CwhFwN8ATzeS/zV9vxTJ1sHBN+ewkez8i8YTIj+y\r\n9M/53y+vsPwrcmmXCS3o\r\n=eN5K\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2013-05-27T00:00:00", "published": "2013-05-27T00:00:00", "id": "SECURITYVULNS:DOC:29426", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29426", "title": "APPLE-SA-2013-05-16-1 iTunes 11.0.3", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:03", "bulletinFamily": "unix", "description": "### Background\n\nChromium is an open-source web browser project. V8 is Google\u2019s open source JavaScript engine. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. \n\n### Impact\n\nA context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass security restrictions or have other, unspecified, impact. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-29.0.1457.57\"\n \n\nAll V8 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/v8-3.18.5.14\"", "modified": "2013-09-25T00:00:00", "published": "2013-09-24T00:00:00", "id": "GLSA-201309-16", "href": "https://security.gentoo.org/glsa/201309-16", "type": "gentoo", "title": "Chromium, V8: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
