Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)
2014-06-19T00:00:00
ID OPENVAS:1361412562310804642 Type openvas Reporter Copyright (C) 2014 Greenbone Networks GmbH Modified 2019-07-17T00:00:00
Description
The host is installed with Google Chrome and is prone to multiple
vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
#
# Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)
#
# Authors:
# Shakeel <bshakeel@secpod.com>
#
# Copyright:
# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
CPE = "cpe:/a:google:chrome";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.804642");
script_version("2019-07-17T08:15:16+0000");
script_cve_id("CVE-2014-3154", "CVE-2014-3155", "CVE-2014-3156", "CVE-2014-3157");
script_bugtraq_id(67977, 67980, 67981, 67972);
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"last_modification", value:"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)");
script_tag(name:"creation_date", value:"2014-06-19 10:51:54 +0530 (Thu, 19 Jun 2014)");
script_name("Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)");
script_tag(name:"summary", value:"The host is installed with Google Chrome and is prone to multiple
vulnerabilities.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"The flaws are due to,
- A use-after-free error in the 'ChildThread::Shutdown' function in
content/child/child_thread.cc script related to the filesystem API.
- An out-of-bounds read flaw in SPDY related to reentrancy.
- An overflow condition related to bitmap handling in the clipboard code.
- An overflow condition in the 'FFmpegVideoDecoder::GetVideoBuffer' function
in media/filters/ffmpeg_video_decoder.cc script.");
script_tag(name:"impact", value:"Successful exploitation will allow remote attackers to conduct a denial of
service and possibly have other unspecified impact.");
script_tag(name:"affected", value:"Google Chrome version prior to 35.0.1916.153 on Windows.");
script_tag(name:"solution", value:"Upgrade to Google Chrome 35.0.1916.153 or later.");
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"URL", value:"http://secunia.com/advisories/58585");
script_xref(name:"URL", value:"http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html");
script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
script_category(ACT_GATHER_INFO);
script_family("General");
script_dependencies("gb_google_chrome_detect_portable_win.nasl");
script_mandatory_keys("GoogleChrome/Win/Ver");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if(!chromeVer = get_app_version(cpe:CPE)){
exit(0);
}
if(version_is_less(version:chromeVer, test_version:"35.0.1916.153"))
{
security_message( port: 0, data: "The target host was found to be vulnerable" );
exit(0);
}
{"id": "OPENVAS:1361412562310804642", "bulletinFamily": "scanner", "title": "Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "published": "2014-06-19T00:00:00", "modified": "2019-07-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804642", "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "references": ["http://secunia.com/advisories/58585", "http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html"], "cvelist": ["CVE-2014-3155", "CVE-2014-3154", "CVE-2014-3157", "CVE-2014-3156"], "type": "openvas", "lastseen": "2019-07-19T22:14:33", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2014-3155", "CVE-2014-3154", "CVE-2014-3157", "CVE-2014-3156"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "edition": 10, "enchantments": {"dependencies": {"modified": "2019-05-29T18:37:30", "references": [{"idList": ["DEBIAN:DSA-2959-1:1CB57"], "type": "debian"}, {"idList": ["USN-2298-1"], "type": "ubuntu"}, {"idList": ["FREEBSD_PKG_0B0FB9B0F0FB11E39BCD000C6E25E3E9.NASL", "UBUNTU_USN-2298-1.NASL", "GOOGLE_CHROME_35_0_1916_153.NASL", "GENTOO_GLSA-201408-16.NASL", "MACOSX_GOOGLE_CHROME_35_0_1916_153.NASL", "OPENSUSE-2014-483.NASL", "DEBIAN_DSA-2959.NASL"], "type": "nessus"}, {"idList": ["KLA10006"], "type": "kaspersky"}, {"idList": ["CVE-2014-3155", "CVE-2014-3154", "CVE-2014-3157", "CVE-2014-3156"], "type": "cve"}, {"idList": ["THREATPOST:385A2DBEF150588EB8AE2CBAA2FFB293"], "type": "threatpost"}, {"idList": ["GLSA-201408-16"], "type": "gentoo"}, {"idList": ["OPENSUSE-SU-2014:0982-1"], "type": "suse"}, {"idList": ["0B0FB9B0-F0FB-11E3-9BCD-000C6E25E3E9"], "type": "freebsd"}, {"idList": ["OPENVAS:1361412562310702959", "OPENVAS:1361412562310121260", "OPENVAS:1361412562310804643", "OPENVAS:702959", "OPENVAS:1361412562310804644", "OPENVAS:1361412562310850604", "OPENVAS:1361412562310841913"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:30878", "SECURITYVULNS:VULN:13842"], "type": "securityvulns"}]}, "score": {"modified": "2019-05-29T18:37:30", "value": 8.0, "vector": "NONE"}}, "hash": "ddf2a2dfe18e5f3d59ac6c5e50fe10f71ccc31688590704a20f5c061f7e7a24a", "hashmap": [{"hash": "3c68fc4016d057c632b6c14d725d0bef", "key": "href"}, {"hash": "8be90a922e3fddc17514b9fd17f39e9b", "key": "modified"}, {"hash": "5bf65d55ed4c8cee228a27684d65ca59", "key": "sourceData"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "eca015c71a509e6bc3eea2690d1dc8eb", "key": "description"}, {"hash": "15039ad299956ad4fa135292ec90270f", "key": "title"}, {"hash": "06df9aea2d851c3b10ab498f59f0777d", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "da599da905e5b6481c0c752e41c2f4e6", "key": "cvelist"}, {"hash": "eba6b3157fc673bf4dc92aa426dbbcde", "key": "published"}, {"hash": "2aa948983dd41a0295e7cd7cea653f6a", "key": "pluginID"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "f9be525aaf3b6ed64c4c8a35ce93678a", "key": "references"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804642", "id": "OPENVAS:1361412562310804642", "lastseen": "2019-05-29T18:37:30", "modified": "2018-10-12T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310804642", "published": "2014-06-19T00:00:00", "references": ["http://secunia.com/advisories/58585", "http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html", "http://www.google.com/chrome"], "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_jun14_win.nasl 11867 2018-10-12 10:48:11Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804642\");\n script_version(\"$Revision: 11867 $\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_bugtraq_id(67977, 67980, 67981, 67972);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:48:11 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-19 10:51:54 +0530 (Thu, 19 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaws are due to,\n\n - A use-after-free error in the 'ChildThread::Shutdown' function in\ncontent/child/child_thread.cc script related to the filesystem API.\n\n - An out-of-bounds read flaw in SPDY related to reentrancy.\n\n - An overflow condition related to bitmap handling in the clipboard code.\n\n - An overflow condition in the 'FFmpegVideoDecoder::GetVideoBuffer' function\nin media/filters/ffmpeg_video_decoder.cc script.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct a denial of\nservice and possibly have other unspecified impact.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 35.0.1916.153 on Windows.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome 35.0.1916.153 or later.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/58585\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.153\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "title": "Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)", "type": "openvas", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 10, "lastseen": "2019-05-29T18:37:30"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2014-3155", "CVE-2014-3154", "CVE-2014-3157", "CVE-2014-3156"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "edition": 1, "enchantments": {}, "hash": "a0e20c8e3e9331ca43313edbd37c2f4a0316a05c7783cdb08a3c7d1f443fef93", "hashmap": [{"hash": "3c68fc4016d057c632b6c14d725d0bef", "key": "href"}, {"hash": "5a592a834a2105be379fb9faf52cb189", "key": "sourceData"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "2336ff143518456e3ec0dbb8b73b622b", "key": "modified"}, {"hash": "eca015c71a509e6bc3eea2690d1dc8eb", "key": "description"}, {"hash": "15039ad299956ad4fa135292ec90270f", "key": "title"}, {"hash": "c1122c12d3862ee6096cc5d3a494723a", "key": "references"}, {"hash": "06df9aea2d851c3b10ab498f59f0777d", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "da599da905e5b6481c0c752e41c2f4e6", "key": "cvelist"}, {"hash": "eba6b3157fc673bf4dc92aa426dbbcde", "key": "published"}, {"hash": "2aa948983dd41a0295e7cd7cea653f6a", "key": "pluginID"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804642", "id": "OPENVAS:1361412562310804642", "lastseen": "2017-07-02T21:09:29", "modified": "2016-06-15T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310804642", "published": "2014-06-19T00:00:00", "references": ["http://secunia.com/advisories/58585", "http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html"], "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_jun14_win.nasl 3522 2016-06-15 12:39:54Z benallard $\n#\n# Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804642\");\n script_version(\"$Revision: 3522 $\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_bugtraq_id(67977, 67980, 67981, 67972);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-06-15 14:39:54 +0200 (Wed, 15 Jun 2016) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-19 10:51:54 +0530 (Thu, 19 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\");\n\n tag_summary =\n\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\";\n\n tag_vuldetect =\n\"Get the installed version with the help of detect NVT and check the version\nis vulnerable or not.\";\n\n tag_insight =\n\"The flaws are due to,\n- A use-after-free error in the 'ChildThread::Shutdown' function in\ncontent/child/child_thread.cc script related to the filesystem API.\n- An out-of-bounds read flaw in SPDY related to reentrancy.\n- An overflow condition related to bitmap handling in the clipboard code.\n- An overflow condition in the 'FFmpegVideoDecoder::GetVideoBuffer' function\nin media/filters/ffmpeg_video_decoder.cc script.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to conduct a denial of\nservice and possibly have other unspecified impact.\n\nImpact Level: System/Application\";\n\n tag_affected =\n\"Google Chrome version prior to 35.0.1916.153 on Windows.\";\n\n tag_solution =\n\"Upgrade to Google Chrome 35.0.1916.153 or later,\nFor updates refer to http://www.google.com/chrome\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/58585\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_summary(\"Check the vulnerable version of Google Chrome on Windows\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get version\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\n## Grep for vulnerable version\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.153\"))\n{\n security_message(0);\n exit(0);\n}\n", "title": "Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:09:29"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2014-3155", "CVE-2014-3154", "CVE-2014-3157", "CVE-2014-3156"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "edition": 6, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "e7f9273018a61b5d9d5c9168aae5aed09eba12b9c4db9b8f8f12b353f1b18d5e", "hashmap": [{"hash": "3c68fc4016d057c632b6c14d725d0bef", "key": "href"}, {"hash": "bd57e174bdfb275db3e35a30f0710ab2", "key": "sourceData"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "eca015c71a509e6bc3eea2690d1dc8eb", "key": "description"}, {"hash": "15039ad299956ad4fa135292ec90270f", "key": "title"}, {"hash": "c1122c12d3862ee6096cc5d3a494723a", "key": "references"}, {"hash": "05bc9af1e1d97520101f265d84a0740e", "key": "modified"}, {"hash": "06df9aea2d851c3b10ab498f59f0777d", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "da599da905e5b6481c0c752e41c2f4e6", "key": "cvelist"}, {"hash": "eba6b3157fc673bf4dc92aa426dbbcde", "key": "published"}, {"hash": "2aa948983dd41a0295e7cd7cea653f6a", "key": "pluginID"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804642", "id": "OPENVAS:1361412562310804642", "lastseen": "2018-09-04T13:34:38", "modified": "2018-09-03T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310804642", "published": "2014-06-19T00:00:00", "references": ["http://secunia.com/advisories/58585", "http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html"], "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_jun14_win.nasl 11186 2018-09-03 09:12:42Z mmartin $\n#\n# Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804642\");\n script_version(\"$Revision: 11186 $\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_bugtraq_id(67977, 67980, 67981, 67972);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-03 11:12:42 +0200 (Mon, 03 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-19 10:51:54 +0530 (Thu, 19 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaws are due to,\n- A use-after-free error in the 'ChildThread::Shutdown' function in\ncontent/child/child_thread.cc script related to the filesystem API.\n- An out-of-bounds read flaw in SPDY related to reentrancy.\n- An overflow condition related to bitmap handling in the clipboard code.\n- An overflow condition in the 'FFmpegVideoDecoder::GetVideoBuffer' function\nin media/filters/ffmpeg_video_decoder.cc script.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct a denial of\nservice and possibly have other unspecified impact.\n\nImpact Level: System/Application\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 35.0.1916.153 on Windows.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome 35.0.1916.153 or later,\nFor updates refer to http://www.google.com/chrome\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/58585\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.153\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "title": "Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 6, "lastseen": "2018-09-04T13:34:38"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2014-3155", "CVE-2014-3154", "CVE-2014-3157", "CVE-2014-3156"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "06e5a5ce89c8343374c61fa4f54def6c6f6181673659e6518f601bae3c162955", "hashmap": [{"hash": "3c68fc4016d057c632b6c14d725d0bef", "key": "href"}, {"hash": "972127e56bbc7305ccf432db040aca2f", "key": "modified"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "eca015c71a509e6bc3eea2690d1dc8eb", "key": "description"}, {"hash": "cef9d6a29b5400ccc5a39ce64d7cab32", "key": "sourceData"}, {"hash": "15039ad299956ad4fa135292ec90270f", "key": "title"}, {"hash": "c1122c12d3862ee6096cc5d3a494723a", "key": "references"}, {"hash": "06df9aea2d851c3b10ab498f59f0777d", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "da599da905e5b6481c0c752e41c2f4e6", "key": "cvelist"}, {"hash": "eba6b3157fc673bf4dc92aa426dbbcde", "key": "published"}, {"hash": "2aa948983dd41a0295e7cd7cea653f6a", "key": "pluginID"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804642", "id": "OPENVAS:1361412562310804642", "lastseen": "2018-08-30T19:23:51", "modified": "2018-06-08T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310804642", "published": "2014-06-19T00:00:00", "references": ["http://secunia.com/advisories/58585", "http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html"], "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_jun14_win.nasl 10133 2018-06-08 11:13:34Z asteins $\n#\n# Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804642\");\n script_version(\"$Revision: 10133 $\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_bugtraq_id(67977, 67980, 67981, 67972);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-06-08 13:13:34 +0200 (Fri, 08 Jun 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-19 10:51:54 +0530 (Thu, 19 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\");\n\n\n script_tag(name : \"summary\" , value : \"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name : \"vuldetect\" , value : \"Checks if a vulnerable version is present on the target host.\");\n script_tag(name : \"insight\" , value : \"The flaws are due to,\n- A use-after-free error in the 'ChildThread::Shutdown' function in\ncontent/child/child_thread.cc script related to the filesystem API.\n- An out-of-bounds read flaw in SPDY related to reentrancy.\n- An overflow condition related to bitmap handling in the clipboard code.\n- An overflow condition in the 'FFmpegVideoDecoder::GetVideoBuffer' function\nin media/filters/ffmpeg_video_decoder.cc script.\");\n script_tag(name : \"impact\" , value : \"Successful exploitation will allow remote attackers to conduct a denial of\nservice and possibly have other unspecified impact.\n\nImpact Level: System/Application\");\n script_tag(name : \"affected\" , value : \"Google Chrome version prior to 35.0.1916.153 on Windows.\");\n script_tag(name : \"solution\" , value : \"Upgrade to Google Chrome 35.0.1916.153 or later,\nFor updates refer to http://www.google.com/chrome\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/58585\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.153\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "title": "Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:23:51"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2014-3155", "CVE-2014-3154", "CVE-2014-3157", "CVE-2014-3156"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "3417af42d637062e456784bf9e4f99329a8b1242b435dc0ee19f3a30ad646a32", "hashmap": [{"hash": "3c68fc4016d057c632b6c14d725d0bef", "key": "href"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "972127e56bbc7305ccf432db040aca2f", "key": "modified"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "eca015c71a509e6bc3eea2690d1dc8eb", "key": "description"}, {"hash": "cef9d6a29b5400ccc5a39ce64d7cab32", "key": "sourceData"}, {"hash": "15039ad299956ad4fa135292ec90270f", "key": "title"}, {"hash": "c1122c12d3862ee6096cc5d3a494723a", "key": "references"}, {"hash": "06df9aea2d851c3b10ab498f59f0777d", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "da599da905e5b6481c0c752e41c2f4e6", "key": "cvelist"}, {"hash": "eba6b3157fc673bf4dc92aa426dbbcde", "key": "published"}, {"hash": "2aa948983dd41a0295e7cd7cea653f6a", "key": "pluginID"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804642", "id": "OPENVAS:1361412562310804642", "lastseen": "2018-06-08T18:59:43", "modified": "2018-06-08T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310804642", "published": "2014-06-19T00:00:00", "references": ["http://secunia.com/advisories/58585", "http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html"], "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_jun14_win.nasl 10133 2018-06-08 11:13:34Z asteins $\n#\n# Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804642\");\n script_version(\"$Revision: 10133 $\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_bugtraq_id(67977, 67980, 67981, 67972);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-06-08 13:13:34 +0200 (Fri, 08 Jun 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-19 10:51:54 +0530 (Thu, 19 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\");\n\n\n script_tag(name : \"summary\" , value : \"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name : \"vuldetect\" , value : \"Checks if a vulnerable version is present on the target host.\");\n script_tag(name : \"insight\" , value : \"The flaws are due to,\n- A use-after-free error in the 'ChildThread::Shutdown' function in\ncontent/child/child_thread.cc script related to the filesystem API.\n- An out-of-bounds read flaw in SPDY related to reentrancy.\n- An overflow condition related to bitmap handling in the clipboard code.\n- An overflow condition in the 'FFmpegVideoDecoder::GetVideoBuffer' function\nin media/filters/ffmpeg_video_decoder.cc script.\");\n script_tag(name : \"impact\" , value : \"Successful exploitation will allow remote attackers to conduct a denial of\nservice and possibly have other unspecified impact.\n\nImpact Level: System/Application\");\n script_tag(name : \"affected\" , value : \"Google Chrome version prior to 35.0.1916.153 on Windows.\");\n script_tag(name : \"solution\" , value : \"Upgrade to Google Chrome 35.0.1916.153 or later,\nFor updates refer to http://www.google.com/chrome\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/58585\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.153\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "title": "Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-06-08T18:59:43"}], "edition": 11, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "da599da905e5b6481c0c752e41c2f4e6"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "description", "hash": "eca015c71a509e6bc3eea2690d1dc8eb"}, {"key": "href", "hash": "3c68fc4016d057c632b6c14d725d0bef"}, {"key": "modified", "hash": "8f5ddcbd5741e493175c00b4f2cc7c1d"}, {"key": "naslFamily", "hash": "0db377921f4ce762c62526131097968f"}, {"key": "pluginID", "hash": "2aa948983dd41a0295e7cd7cea653f6a"}, {"key": "published", "hash": "eba6b3157fc673bf4dc92aa426dbbcde"}, {"key": "references", "hash": "c1122c12d3862ee6096cc5d3a494723a"}, {"key": "reporter", "hash": "06df9aea2d851c3b10ab498f59f0777d"}, {"key": "sourceData", "hash": "0219535a5f11182073242dcb47b4ac1f"}, {"key": "title", "hash": "15039ad299956ad4fa135292ec90270f"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "bd43a5653c5f973c105879d9c37a520807cfd7eae1f3cba60492232c4189c88a", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-3154", "CVE-2014-3155", "CVE-2014-3157", "CVE-2014-3156"]}, {"type": "openvas", "idList": ["OPENVAS:702959", "OPENVAS:1361412562310804643", "OPENVAS:1361412562310804644", "OPENVAS:1361412562310702959", "OPENVAS:1361412562310850604", "OPENVAS:1361412562310841913", "OPENVAS:1361412562310121260"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2959.NASL", "FREEBSD_PKG_0B0FB9B0F0FB11E39BCD000C6E25E3E9.NASL", "GOOGLE_CHROME_35_0_1916_153.NASL", "MACOSX_GOOGLE_CHROME_35_0_1916_153.NASL", "OPENSUSE-2014-483.NASL", "UBUNTU_USN-2298-1.NASL", "GENTOO_GLSA-201408-16.NASL"]}, {"type": "kaspersky", "idList": ["KLA10006"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30878", "SECURITYVULNS:VULN:13842"]}, {"type": "freebsd", "idList": ["0B0FB9B0-F0FB-11E3-9BCD-000C6E25E3E9"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2959-1:1CB57"]}, {"type": "threatpost", "idList": ["THREATPOST:385A2DBEF150588EB8AE2CBAA2FFB293"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0982-1"]}, {"type": "ubuntu", "idList": ["USN-2298-1"]}, {"type": "gentoo", "idList": ["GLSA-201408-16"]}], "modified": "2019-07-19T22:14:33"}, "score": {"value": 8.2, "vector": "NONE", "modified": "2019-07-19T22:14:33"}, "vulnersScore": 8.2}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804642\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_bugtraq_id(67977, 67980, 67981, 67972);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2014-06-19 10:51:54 +0530 (Thu, 19 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 02 June14 (Windows)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaws are due to,\n\n - A use-after-free error in the 'ChildThread::Shutdown' function in\ncontent/child/child_thread.cc script related to the filesystem API.\n\n - An out-of-bounds read flaw in SPDY related to reentrancy.\n\n - An overflow condition related to bitmap handling in the clipboard code.\n\n - An overflow condition in the 'FFmpegVideoDecoder::GetVideoBuffer' function\nin media/filters/ffmpeg_video_decoder.cc script.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct a denial of\nservice and possibly have other unspecified impact.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 35.0.1916.153 on Windows.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome 35.0.1916.153 or later.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/58585\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.153\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "naslFamily": "General", "pluginID": "1361412562310804642", "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:13:45", "bulletinFamily": "NVD", "description": "net/spdy/spdy_write_queue.cc in the SPDY implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging incorrect queue maintenance.\nPer http://cwe.mitre.org/data/definitions/125.html:\n\"CWE-125: Out-of-bounds Read\"", "modified": "2017-12-29T02:29:00", "id": "CVE-2014-3155", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3155", "published": "2014-06-11T10:57:00", "title": "CVE-2014-3155", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:13:45", "bulletinFamily": "NVD", "description": "Use-after-free vulnerability in the ChildThread::Shutdown function in content/child/child_thread.cc in the filesystem API in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a Blink shutdown.\nPer http://cwe.mitre.org/data/definitions/416.html:\n\"CWE-416: Use After Free\"", "modified": "2017-12-29T02:29:00", "id": "CVE-2014-3154", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3154", "published": "2014-06-11T10:57:00", "title": "CVE-2014-3154", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:13:45", "bulletinFamily": "NVD", "description": "Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library.", "modified": "2017-12-29T02:29:00", "id": "CVE-2014-3157", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3157", "published": "2014-06-11T10:57:00", "title": "CVE-2014-3157", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:13:45", "bulletinFamily": "NVD", "description": "Buffer overflow in the clipboard implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unexpected bitmap data, related to content/renderer/renderer_clipboard_client.cc and content/renderer/webclipboard_impl.cc.", "modified": "2017-12-29T02:29:00", "id": "CVE-2014-3156", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3156", "published": "2014-06-11T10:57:00", "title": "CVE-2014-3156", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2019-02-21T01:21:54", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\n - CVE-2014-3154 Collin Payne discovered a use-after-free issue in the filesystem API.\n\n - CVE-2014-3155 James March, Daniel Sommermann, and Alan Frindell discovered several out-of-bounds read issues in the SPDY protocol implementation.\n\n - CVE-2014-3156 Atte Kettunen discovered a buffer overflow issue in bitmap handling in the clipboard implementation.\n\n - CVE-2014-3157 A heap-based buffer overflow issue was discovered in chromium's ffmpeg media filter.\n\nIn addition, this version corrects a regression in the previous update. Support for older i386 processors had been dropped. This functionality is now restored.", "modified": "2018-11-10T00:00:00", "id": "DEBIAN_DSA-2959.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76057", "published": "2014-06-16T00:00:00", "title": "Debian DSA-2959-1 : chromium-browser - security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2959. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76057);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:36\");\n\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_bugtraq_id(67972, 67977, 67980, 67981);\n script_xref(name:\"DSA\", value:\"2959\");\n\n script_name(english:\"Debian DSA-2959-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2014-3154\n Collin Payne discovered a use-after-free issue in the\n filesystem API.\n\n - CVE-2014-3155\n James March, Daniel Sommermann, and Alan Frindell\n discovered several out-of-bounds read issues in the SPDY\n protocol implementation.\n\n - CVE-2014-3156\n Atte Kettunen discovered a buffer overflow issue in\n bitmap handling in the clipboard implementation.\n\n - CVE-2014-3157\n A heap-based buffer overflow issue was discovered in\n chromium's ffmpeg media filter.\n\nIn addition, this version corrects a regression in the previous\nupdate. Support for older i386 processors had been dropped. This\nfunctionality is now restored.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-3154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-3155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-3156\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-3157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-2959\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 35.0.1916.153-1~deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"chromium\", reference:\"35.0.1916.153-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser\", reference:\"35.0.1916.153-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-dbg\", reference:\"35.0.1916.153-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-inspector\", reference:\"35.0.1916.153-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-l10n\", reference:\"35.0.1916.153-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-dbg\", reference:\"35.0.1916.153-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-inspector\", reference:\"35.0.1916.153-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-l10n\", reference:\"35.0.1916.153-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:21:16", "bulletinFamily": "scanner", "description": "The version of Google Chrome installed on the remote Mac OS X host is a version prior to 35.0.1916.153. It is, therefore, affected by the following vulnerabilities :\n\n - Use-after-free errors exist in the file system API.\n (CVE-2014-3154)\n\n - An out-of-bounds read error exists related to SPDY.\n (CVE-2014-3155)\n\n - A buffer overflow error exits related to the clipboard.\n (CVE-2014-3156)\n\n - A heap overflow error exists related to media handling.\n (CVE-2014-3157)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "modified": "2018-07-14T00:00:00", "id": "MACOSX_GOOGLE_CHROME_35_0_1916_153.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74435", "published": "2014-06-11T00:00:00", "title": "Google Chrome < 35.0.1916.153 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74435);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2014-3154\",\n \"CVE-2014-3155\",\n \"CVE-2014-3156\",\n \"CVE-2014-3157\"\n );\n script_bugtraq_id(67972, 67977, 67980, 67981);\n\n script_name(english:\"Google Chrome < 35.0.1916.153 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version number of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is\na version prior to 35.0.1916.153. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - Use-after-free errors exist in the file system API.\n (CVE-2014-3154)\n\n - An out-of-bounds read error exists related to SPDY.\n (CVE-2014-3155)\n\n - A buffer overflow error exits related to the clipboard.\n (CVE-2014-3156)\n\n - A heap overflow error exists related to media handling.\n (CVE-2014-3157)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://googlechromereleases.blogspot.ca/2014/06/stable-channel-update.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cbd2754b\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Google Chrome 35.0.1916.153 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'35.0.1916.153', severity:SECURITY_WARNING, xss:FALSE);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:21:16", "bulletinFamily": "scanner", "description": "The version of Google Chrome installed on the remote host is a version prior to 35.0.1916.153. It is, therefore, affected by the following vulnerabilities :\n\n - Use-after-free errors exist in the file system API.\n (CVE-2014-3154)\n\n - An out-of-bounds read error exists related to SPDY.\n (CVE-2014-3155)\n\n - A buffer overflow error exits related to the clipboard.\n (CVE-2014-3156)\n\n - A heap overflow error exists related to media handling.\n (CVE-2014-3157)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "modified": "2018-07-12T00:00:00", "id": "GOOGLE_CHROME_35_0_1916_153.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74434", "published": "2014-06-11T00:00:00", "title": "Google Chrome < 35.0.1916.153 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74434);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\n\n script_cve_id(\n \"CVE-2014-3154\",\n \"CVE-2014-3155\",\n \"CVE-2014-3156\",\n \"CVE-2014-3157\"\n );\n script_bugtraq_id(67972, 67977, 67980, 67981);\n\n script_name(english:\"Google Chrome < 35.0.1916.153 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version number of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is a version\nprior to 35.0.1916.153. It is, therefore, affected by the following\nvulnerabilities :\n\n - Use-after-free errors exist in the file system API.\n (CVE-2014-3154)\n\n - An out-of-bounds read error exists related to SPDY.\n (CVE-2014-3155)\n\n - A buffer overflow error exits related to the clipboard.\n (CVE-2014-3156)\n\n - A heap overflow error exists related to media handling.\n (CVE-2014-3157)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://googlechromereleases.blogspot.ca/2014/06/stable-channel-update.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cbd2754b\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Google Chrome 35.0.1916.153 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'35.0.1916.153', severity:SECURITY_WARNING, xss:FALSE);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:21:17", "bulletinFamily": "scanner", "description": "Google Chrome Releases reports :\n\n4 security fixes in this release, including :\n\n- [369525] High CVE-2014-3154: Use-after-free in filesystem api.\nCredit to Collin Payne.\n\n- [369539] High CVE-2014-3155: Out-if-bounds read in SPDY. Credit to James March, Daniel Sommermann and Alan Frindell of Facebook.\n\n- [369621] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen of OUSPG.\n\n- [368980] CVE-2014-3157: Heap overflow in media.", "modified": "2014-07-26T00:00:00", "id": "FREEBSD_PKG_0B0FB9B0F0FB11E39BCD000C6E25E3E9.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74479", "published": "2014-06-12T00:00:00", "title": "FreeBSD : chromium -- multiple vulnerabilities (0b0fb9b0-f0fb-11e3-9bcd-000c6e25e3e9)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2014 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74479);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2014/07/26 00:30:55 $\");\n\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (0b0fb9b0-f0fb-11e3-9bcd-000c6e25e3e9)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n4 security fixes in this release, including :\n\n- [369525] High CVE-2014-3154: Use-after-free in filesystem api.\nCredit to Collin Payne.\n\n- [369539] High CVE-2014-3155: Out-if-bounds read in SPDY. Credit to\nJames March, Daniel Sommermann and Alan Frindell of Facebook.\n\n- [369621] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit\nto Atte Kettunen of OUSPG.\n\n- [368980] CVE-2014-3157: Heap overflow in media.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://googlechromereleases.blogspot.nl\"\n );\n # http://www.freebsd.org/ports/portaudit/0b0fb9b0-f0fb-11e3-9bcd-000c6e25e3e9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ba709c12\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<35.0.1916.153\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:22:16", "bulletinFamily": "scanner", "description": "Chromium was updated to version 36.0.1985.125. New Functionality :\n\n - Rich Notifications Improvements\n\n - An Updated Incognito / Guest NTP design\n\n - The addition of a Browser crash recovery bubble\n\n - Chrome App Launcher for Linux\n\n - Lots of under the hood changes for stability and performance Security Fixes (bnc#887952,bnc#887955) :\n\n - CVE-2014-3160: Same-Origin-Policy bypass in SVG\n\n - CVE-2014-3162: Various fixes from internal audits, fuzzing and other initiatives and 24 more fixes for which no description was given. Packaging changes :\n\n - Switch to newer method to retrieve toolchain packages.\n Dropping the three naclsdk_*tgz files. Everything is now included in the toolchain_linux_x86.tar.bz2 tarball\n\n - Add Courgette.tar.xz as that the build process now requires some files from Courgette in order to build succesfully. This does not mean that Courgette is build/delivered.\n\nIncludes also an update to Chromium 35.0.1916.153 Security fixes (bnc#882264,bnc#882264,bnc#882265,bnc#882263) :\n\n - CVE-2014-3154: Use-after-free in filesystem api\n\n - CVE-2014-3155: Out-of-bounds read in SPDY\n\n - CVE-2014-3156: Buffer overflow in clipboard\n\n - CVE-2014-3157: Heap overflow in media", "modified": "2018-11-10T00:00:00", "id": "OPENSUSE-2014-483.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77127", "published": "2014-08-12T00:00:00", "title": "openSUSE Security Update : chromium (openSUSE-SU-2014:0982-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-483.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77127);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/10 11:50:02\");\n\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\", \"CVE-2014-3160\", \"CVE-2014-3162\");\n script_bugtraq_id(67972, 67977, 67980, 67981, 68677);\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-SU-2014:0982-1)\");\n script_summary(english:\"Check for the openSUSE-2014-483 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to version 36.0.1985.125. New Functionality :\n\n - Rich Notifications Improvements\n\n - An Updated Incognito / Guest NTP design\n\n - The addition of a Browser crash recovery bubble\n\n - Chrome App Launcher for Linux\n\n - Lots of under the hood changes for stability and\n performance Security Fixes (bnc#887952,bnc#887955) :\n\n - CVE-2014-3160: Same-Origin-Policy bypass in SVG\n\n - CVE-2014-3162: Various fixes from internal audits,\n fuzzing and other initiatives and 24 more fixes for\n which no description was given. Packaging changes :\n\n - Switch to newer method to retrieve toolchain packages.\n Dropping the three naclsdk_*tgz files. Everything is now\n included in the toolchain_linux_x86.tar.bz2 tarball\n\n - Add Courgette.tar.xz as that the build process now\n requires some files from Courgette in order to build\n succesfully. This does not mean that Courgette is\n build/delivered.\n\nIncludes also an update to Chromium 35.0.1916.153 Security fixes\n(bnc#882264,bnc#882264,bnc#882265,bnc#882263) :\n\n - CVE-2014-3154: Use-after-free in filesystem api\n\n - CVE-2014-3155: Out-of-bounds read in SPDY\n\n - CVE-2014-3156: Buffer overflow in clipboard\n\n - CVE-2014-3157: Heap overflow in media\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=882263\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=882264\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=882265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=887952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=887955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-08/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromedriver-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromedriver-debuginfo-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-debuginfo-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-debugsource-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-desktop-gnome-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-desktop-kde-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-ffmpegsumo-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-ffmpegsumo-debuginfo-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-suid-helper-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-suid-helper-debuginfo-36.0.1985.125-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-36.0.1985.125-41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-debuginfo-36.0.1985.125-41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-36.0.1985.125-41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debuginfo-36.0.1985.125-41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debugsource-36.0.1985.125-41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-gnome-36.0.1985.125-41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-kde-36.0.1985.125-41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-36.0.1985.125-41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-debuginfo-36.0.1985.125-41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-suid-helper-36.0.1985.125-41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-suid-helper-debuginfo-36.0.1985.125-41.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:22:09", "bulletinFamily": "scanner", "description": "A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1730)\n\nA type confusion bug was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1731)\n\nMultiple security issues including memory safety bugs were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1735, CVE-2014-3162)\n\nMultiple use-after-free issues were discovered in the WebSockets implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1740)\n\nMultiple integer overflows were discovered in CharacterData implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1741)\n\nMultiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1742, CVE-2014-1743)\n\nAn integer overflow bug was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1744)\n\nAn out-of-bounds read was discovered in Chromium. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2014-1746)\n\nIt was discovered that Blink allowed scrollbar painting to extend in to the parent frame in some circumstances. An attacker could potentially exploit this to conduct clickjacking attacks via UI redress. (CVE-2014-1748)\n\nAn integer underflow was discovered in Blink. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3152)\n\nA use-after-free was discovered in Chromium. If a use were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3154)\n\nA security issue was discovered in the SPDY implementation. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-3155)\n\nA heap overflow was discovered in Chromium. If a use were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3157)\n\nIt was discovered that Blink did not enforce security rules for subresource loading in SVG images. If a user opened a site that embedded a specially crafted image, an attacker could exploit this to log page views. (CVE-2014-3160)\n\nIt was discovered that the SpeechInput feature in Blink could be activated without consent or any visible indication. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to eavesdrop on the user. (CVE-2014-3803).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-2298-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76756", "published": "2014-07-24T00:00:00", "title": "Ubuntu 14.04 LTS : oxide-qt vulnerabilities (USN-2298-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2298-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76756);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-1730\", \"CVE-2014-1731\", \"CVE-2014-1735\", \"CVE-2014-1740\", \"CVE-2014-1741\", \"CVE-2014-1742\", \"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1746\", \"CVE-2014-1748\", \"CVE-2014-3152\", \"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3157\", \"CVE-2014-3160\", \"CVE-2014-3162\", \"CVE-2014-3803\");\n script_bugtraq_id(67082, 67374, 67375, 67376, 67517, 67572, 67582, 67972, 67977, 67980, 68677);\n script_xref(name:\"USN\", value:\"2298-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : oxide-qt vulnerabilities (USN-2298-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A type confusion bug was discovered in V8. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash, or\nexecute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-1730)\n\nA type confusion bug was discovered in Blink. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via renderer\ncrash, or execute arbitrary code with the privileges of the sandboxed\nrender process. (CVE-2014-1731)\n\nMultiple security issues including memory safety bugs were discovered\nin Chromium. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit these to cause a denial\nof service via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-1735,\nCVE-2014-3162)\n\nMultiple use-after-free issues were discovered in the WebSockets\nimplementation. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit these to cause\na denial of service via application crash or execute arbitrary code\nwith the privileges of the user invoking the program. (CVE-2014-1740)\n\nMultiple integer overflows were discovered in CharacterData\nimplementation. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit these to cause\na denial of service via renderer crash or execute arbitrary code with\nthe privileges of the sandboxed render process. (CVE-2014-1741)\n\nMultiple use-after-free issues were discovered in Blink. If a user\nwere tricked in to opening a specially crafted website, an attacker\ncould potentially exploit these to cause a denial of service via\nrenderer crash or execute arbitrary code with the privileges of the\nsandboxed render process. (CVE-2014-1742, CVE-2014-1743)\n\nAn integer overflow bug was discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash or execute arbitrary code with the privileges of the user\ninvoking the program. (CVE-2014-1744)\n\nAn out-of-bounds read was discovered in Chromium. If a user were\ntricked in to opening a specially crafter website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash. (CVE-2014-1746)\n\nIt was discovered that Blink allowed scrollbar painting to extend in\nto the parent frame in some circumstances. An attacker could\npotentially exploit this to conduct clickjacking attacks via UI\nredress. (CVE-2014-1748)\n\nAn integer underflow was discovered in Blink. If a user were tricked\nin to opening a specially crafter website, an attacker could\npotentially exploit this to cause a denial of service via renderer\ncrash or execute arbitrary code with the privileges of the sandboxed\nrender process. (CVE-2014-3152)\n\nA use-after-free was discovered in Chromium. If a use were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash or\nexecute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-3154)\n\nA security issue was discovered in the SPDY implementation. An\nattacker could potentially exploit this to cause a denial of service\nvia application crash or execute arbitrary code with the privileges of\nthe user invoking the program. (CVE-2014-3155)\n\nA heap overflow was discovered in Chromium. If a use were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash or\nexecute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-3157)\n\nIt was discovered that Blink did not enforce security rules for\nsubresource loading in SVG images. If a user opened a site that\nembedded a specially crafted image, an attacker could exploit this to\nlog page views. (CVE-2014-3160)\n\nIt was discovered that the SpeechInput feature in Blink could be\nactivated without consent or any visible indication. If a user were\ntricked in to opening a specially crafted website, an attacker could\nexploit this to eavesdrop on the user. (CVE-2014-3803).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2298-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected liboxideqtcore0, oxideqt-codecs and / or\noxideqt-codecs-extra packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.0.4-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"oxideqt-codecs\", pkgver:\"1.0.4-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"oxideqt-codecs-extra\", pkgver:\"1.0.4-0ubuntu0.14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liboxideqtcore0 / oxideqt-codecs / oxideqt-codecs-extra\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2019-02-21T01:22:21", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201408-16 (Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could conduct a number of attacks which include: cross site scripting attacks, bypassing of sandbox protection, potential execution of arbitrary code with the privileges of the process, or cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-07-12T00:00:00", "id": "GENTOO_GLSA-201408-16.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77460", "published": "2014-08-30T00:00:00", "title": "GLSA-201408-16 : Chromium: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201408-16.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77460);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2014-0538\", \"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\", \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\", \"CVE-2014-1715\", \"CVE-2014-1716\", \"CVE-2014-1717\", \"CVE-2014-1718\", \"CVE-2014-1719\", \"CVE-2014-1720\", \"CVE-2014-1721\", \"CVE-2014-1722\", \"CVE-2014-1723\", \"CVE-2014-1724\", \"CVE-2014-1725\", \"CVE-2014-1726\", \"CVE-2014-1727\", \"CVE-2014-1728\", \"CVE-2014-1729\", \"CVE-2014-1730\", \"CVE-2014-1731\", \"CVE-2014-1732\", \"CVE-2014-1733\", \"CVE-2014-1734\", \"CVE-2014-1735\", \"CVE-2014-1740\", \"CVE-2014-1741\", \"CVE-2014-1742\", \"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\", \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\", \"CVE-2014-3160\", \"CVE-2014-3162\", \"CVE-2014-3165\", \"CVE-2014-3166\", \"CVE-2014-3167\", \"CVE-2014-3168\", \"CVE-2014-3169\", \"CVE-2014-3170\", \"CVE-2014-3171\", \"CVE-2014-3172\", \"CVE-2014-3173\", \"CVE-2014-3174\", \"CVE-2014-3175\", \"CVE-2014-3176\", \"CVE-2014-3177\");\n script_bugtraq_id(66120, 66239, 66243, 66249, 66252, 66704, 67082, 67374, 67375, 67376, 67517, 67572, 67972, 67977, 67980, 67981, 68677, 69192, 69201, 69202, 69203, 69398, 69400, 69401, 69402, 69403, 69405, 69406, 69407);\n script_xref(name:\"GLSA\", value:\"201408-16\");\n\n script_name(english:\"GLSA-201408-16 : Chromium: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201408-16\n(Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could conduct a number of attacks which include: cross\n site scripting attacks, bypassing of sandbox protection, potential\n execution of arbitrary code with the privileges of the process, or cause\n a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201408-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-37.0.2062.94'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 37.0.2062.94\"), vulnerable:make_list(\"lt 37.0.2062.94\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-28T10:48:55", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2014-3154 \nCollin Payne discovered a use-after-free issue in the filesystem API.\n\nCVE-2014-3155 \nJames March, Daniel Sommermann, and Alan Frindell discovered several\nout-of-bounds read issues in the SPDY protocol implementation.\n\nCVE-2014-3156 \nAtte Kettunen discovered a buffer overflow issue in bitmap handling\nin the clipboard implementation.\n\nCVE-2014-3157 \nA heap-based buffer overflow issue was discovered in chromium's\nffmpeg media filter.\n\nIn addition, this version corrects a regression in the previous update.\nSupport for older i386 processors had been dropped. This functionality\nis now restored.", "modified": "2017-07-13T00:00:00", "published": "2014-06-14T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=702959", "id": "OPENVAS:702959", "title": "Debian Security Advisory DSA 2959-1 (chromium-browser - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2959.nasl 6715 2017-07-13 09:57:40Z teissa $\n# Auto-generated from advisory DSA 2959-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"chromium-browser on Debian Linux\";\ntag_insight = \"Chromium is an open-source browser project that aims to build a safer, faster,\nand more stable way for all Internet users to experience the web.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 35.0.1916.153-1~deb7u1.\n\nFor the testing (jessie) and unstable (sid) distribution, these problems\nhave been fixed in version 35.0.1916.153-1.\n\nWe recommend that you upgrade your chromium-browser packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2014-3154 \nCollin Payne discovered a use-after-free issue in the filesystem API.\n\nCVE-2014-3155 \nJames March, Daniel Sommermann, and Alan Frindell discovered several\nout-of-bounds read issues in the SPDY protocol implementation.\n\nCVE-2014-3156 \nAtte Kettunen discovered a buffer overflow issue in bitmap handling\nin the clipboard implementation.\n\nCVE-2014-3157 \nA heap-based buffer overflow issue was discovered in chromium's\nffmpeg media filter.\n\nIn addition, this version corrects a regression in the previous update.\nSupport for older i386 processors had been dropped. This functionality\nis now restored.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702959);\n script_version(\"$Revision: 6715 $\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_name(\"Debian Security Advisory DSA 2959-1 (chromium-browser - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-13 11:57:40 +0200 (Thu, 13 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-06-14 00:00:00 +0200 (Sat, 14 Jun 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2959.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-07-19T22:14:37", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2014-06-19T00:00:00", "id": "OPENVAS:1361412562310804643", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804643", "title": "Google Chrome Multiple Vulnerabilities - 02 June14 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities - 02 June14 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804643\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_bugtraq_id(67977, 67980, 67981, 67972);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2014-06-19 11:03:39 +0530 (Thu, 19 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 02 June14 (Mac OS X)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaws are due to,\n\n - A use-after-free error in the 'ChildThread::Shutdown' function in\ncontent/child/child_thread.cc script related to the filesystem API.\n\n - An out-of-bounds read flaw in SPDY related to reentrancy.\n\n - An overflow condition related to bitmap handling in the clipboard code.\n\n - An overflow condition in the 'FFmpegVideoDecoder::GetVideoBuffer' function\nin media/filters/ffmpeg_video_decoder.cc script.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct a denial of\nservice and possibly have other unspecified impact.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 35.0.1916.153 on Mac OS X.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome 35.0.1916.153 or later.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/58585\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.153\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:33", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2014-3154\nCollin Payne discovered a use-after-free issue in the filesystem API.\n\nCVE-2014-3155\nJames March, Daniel Sommermann, and Alan Frindell discovered several\nout-of-bounds read issues in the SPDY protocol implementation.\n\nCVE-2014-3156\nAtte Kettunen discovered a buffer overflow issue in bitmap handling\nin the clipboard implementation.\n\nCVE-2014-3157\nA heap-based buffer overflow issue was discovered in chromium", "modified": "2019-03-19T00:00:00", "published": "2014-06-14T00:00:00", "id": "OPENVAS:1361412562310702959", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702959", "title": "Debian Security Advisory DSA 2959-1 (chromium-browser - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2959.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 2959-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702959\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_name(\"Debian Security Advisory DSA 2959-1 (chromium-browser - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-14 00:00:00 +0200 (Sat, 14 Jun 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2959.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 35.0.1916.153-1~deb7u1.\n\nFor the testing (jessie) and unstable (sid) distribution, these problems\nhave been fixed in version 35.0.1916.153-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2014-3154\nCollin Payne discovered a use-after-free issue in the filesystem API.\n\nCVE-2014-3155\nJames March, Daniel Sommermann, and Alan Frindell discovered several\nout-of-bounds read issues in the SPDY protocol implementation.\n\nCVE-2014-3156\nAtte Kettunen discovered a buffer overflow issue in bitmap handling\nin the clipboard implementation.\n\nCVE-2014-3157\nA heap-based buffer overflow issue was discovered in chromium's\nffmpeg media filter.\n\nIn addition, this version corrects a regression in the previous update.\nSupport for older i386 processors had been dropped. This functionality\nis now restored.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"35.0.1916.153-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:14:23", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2014-06-19T00:00:00", "id": "OPENVAS:1361412562310804644", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804644", "title": "Google Chrome Multiple Vulnerabilities - 02 June14 (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities - 02 June14 (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804644\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\");\n script_bugtraq_id(67977, 67980, 67981, 67972);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2014-06-19 11:03:39 +0530 (Thu, 19 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 02 June14 (Linux)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaws are due to,\n\n - A use-after-free error in the 'ChildThread::Shutdown' function in\ncontent/child/child_thread.cc script related to the filesystem API.\n\n - An out-of-bounds read flaw in SPDY related to reentrancy.\n\n - An overflow condition related to bitmap handling in the clipboard code.\n\n - An overflow condition in the 'FFmpegVideoDecoder::GetVideoBuffer' function\nin media/filters/ffmpeg_video_decoder.cc script.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct a denial of\nservice and possibly have other unspecified impact.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 35.0.1916.153 on Linux.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome 35.0.1916.153 or later.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/58585\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/06/stable-channel-update.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.153\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:09", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2014-08-11T00:00:00", "id": "OPENVAS:1361412562310850604", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850604", "title": "SuSE Update for chromium openSUSE-SU-2014:0982-1 (chromium)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2014_0982_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for chromium openSUSE-SU-2014:0982-1 (chromium)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850604\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-11 12:26:07 +0200 (Mon, 11 Aug 2014)\");\n script_cve_id(\"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\",\n \"CVE-2014-3160\", \"CVE-2014-3162\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SuSE Update for chromium openSUSE-SU-2014:0982-1 (chromium)\");\n script_tag(name:\"affected\", value:\"chromium on openSUSE 13.1, openSUSE 12.3\");\n script_tag(name:\"insight\", value:\"Chromium was updated to version 36.0.1985.125. New Functionality:\n\n * Rich Notifications Improvements\n\n * An Updated Incognito / Guest NTP design\n\n * The addition of a Browser crash recovery bubble\n\n * Chrome App Launcher for Linux\n\n * Lots of under the hood changes for stability and performance\n\n Security Fixes (bnc#887952, bnc#887955):\n\n * CVE-2014-3160: Same-Origin-Policy bypass in SVG\n\n * CVE-2014-3162: Various fixes from internal audits, fuzzing and other\n initiatives and 24 more fixes for which no description was given.\n\n Packaging changes:\n\n * Switch to newer method to retrieve toolchain packages. Dropping the\n three naclsdk_*tgz files. Everything is now included in the\n toolchain_linux_x86.tar.bz2 tarball\n\n * Add Courgette.tar.xz as that the build process now requires some files\n from Courgette in order to build successfully. This does not mean that\n Courgette is build/delivered.\n\n Includes also an update to Chromium 35.0.1916.153 Security fixes\n (bnc#882264, bnc#882264, bnc#882265, bnc#882263):\n\n * CVE-2014-3154: Use-after-free in filesystem api\n\n * CVE-2014-3155: Out-of-bounds read in SPDY\n\n * CVE-2014-3156: Buffer overflow in clipboard\n\n * CVE-2014-3157: Heap overflow in media\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2014:0982_1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE12\\.3|openSUSE13\\.1)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE12.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~36.0.1985.125~1.50.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~36.0.1985.125~41.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:29", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2014-07-28T00:00:00", "id": "OPENVAS:1361412562310841913", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841913", "title": "Ubuntu Update for oxide-qt USN-2298-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2298_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for oxide-qt USN-2298-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841913\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:39:33 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2014-1730\", \"CVE-2014-1731\", \"CVE-2014-1735\", \"CVE-2014-3162\",\n \"CVE-2014-1740\", \"CVE-2014-1741\", \"CVE-2014-1742\", \"CVE-2014-1743\",\n \"CVE-2014-1744\", \"CVE-2014-1746\", \"CVE-2014-1748\", \"CVE-2014-3152\",\n \"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3157\", \"CVE-2014-3160\",\n \"CVE-2014-3803\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Ubuntu Update for oxide-qt USN-2298-1\");\n\n script_tag(name:\"affected\", value:\"oxide-qt on Ubuntu 14.04 LTS\");\n script_tag(name:\"insight\", value:\"A type confusion bug was discovered in V8. If a user were\ntricked in to opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash, or execute\narbitrary code with the privileges of the sandboxed render process.\n(CVE-2014-1730)\n\nA type confusion bug was discovered in Blink. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash, or execute arbitrary\ncode with the privileges of the sandboxed render process. (CVE-2014-1731)\n\nMultiple security issues including memory safety bugs were discovered in\nChromium. If a user were tricked in to opening a specially crafted website,\nan attacker could potentially exploit these to cause a denial of service via\napplication crash or execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2014-1735, CVE-2014-3162)\n\nMultiple use-after-free issues were discovered in the WebSockets\nimplementation. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit these to cause a denial of\nservice via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-1740)\n\nMultiple integer overflows were discovered in CharacterData\nimplementation. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit these to cause a denial of\nservice via renderer crash or execute arbitrary code with the privileges\nof the sandboxed render process. (CVE-2014-1741)\n\nMultiple use-after-free issues were discovered in Blink. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service via renderer crash\nor execute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-1742, CVE-2014-1743)\n\nAn integer overflow bug was discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash or execute arbitrary code with the privileges of the user invoking\nthe program. (CVE-2014-1744)\n\nAn out-of-bounds read was discovered in Chromium. If a user were tricked\nin to opening a specially crafter website, an attacker could potentially\nexploit this to cause a denial of service via application crash.\n(CVE-2014-1746)\n\nIt was discovered that Blink allowed scrollbar painting to extend in to\nthe parent frame in some circumstances. An attacker could potentially\nexploit ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2298-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2298-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'oxide-qt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.0.4-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:i386\", ver:\"1.0.4-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:i386\", ver:\"1.0.4-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:31", "bulletinFamily": "scanner", "description": "Gentoo Linux Local Security Checks GLSA 201408-16", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121260", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121260", "title": "Gentoo Security Advisory GLSA 201408-16", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201408-16.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121260\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:27:47 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201408-16\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201408-16\");\n script_cve_id(\"CVE-2014-1741\", \"CVE-2014-0538\", \"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\", \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\", \"CVE-2014-1715\", \"CVE-2014-1716\", \"CVE-2014-1717\", \"CVE-2014-1718\", \"CVE-2014-1719\", \"CVE-2014-1720\", \"CVE-2014-1721\", \"CVE-2014-1722\", \"CVE-2014-1723\", \"CVE-2014-1724\", \"CVE-2014-1725\", \"CVE-2014-1726\", \"CVE-2014-1727\", \"CVE-2014-1728\", \"CVE-2014-1729\", \"CVE-2014-1730\", \"CVE-2014-1731\", \"CVE-2014-1732\", \"CVE-2014-1733\", \"CVE-2014-1734\", \"CVE-2014-1735\", \"CVE-2014-1740\", \"CVE-2014-1742\", \"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\", \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\", \"CVE-2014-3160\", \"CVE-2014-3162\", \"CVE-2014-3165\", \"CVE-2014-3166\", \"CVE-2014-3167\", \"CVE-2014-3168\", \"CVE-2014-3169\", \"CVE-2014-3170\", \"CVE-2014-3171\", \"CVE-2014-3172\", \"CVE-2014-3173\", \"CVE-2014-3174\", \"CVE-2014-3175\", \"CVE-2014-3176\", \"CVE-2014-3177\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201408-16\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 37.0.2062.94\"), vulnerable: make_list(\"lt 37.0.2062.94\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:52", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2959-1 security@debian.org\r\nhttp://www.debian.org/security/ Michael Gilbert\r\nJune 14, 2014 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : chromium-browser\r\nCVE ID : CVE-2014-3154 CVE-2014-3155 CVE-2014-3156 CVE-2014-3157\r\n\r\nSeveral vulnerabilities have been discovered in the chromium web browser.\r\n\r\nCVE-2014-3154\r\n\r\n Collin Payne discovered a use-after-free issue in the filesystem API.\r\n\r\nCVE-2014-3155\r\n\r\n James March, Daniel Sommermann, and Alan Frindell discovered several\r\n out-of-bounds read issues in the SPDY protocol implementation.\r\n\r\nCVE-2014-3156\r\n\r\n Atte Kettunen discovered a buffer overflow issue in bitmap handling\r\n in the clipboard implementation.\r\n\r\nCVE-2014-3157\r\n\r\n A heap-based buffer overflow issue was discovered in chromium's\r\n ffmpeg media filter.\r\n\r\nIn addition, this version corrects a regression in the previous update.\r\nSupport for older i386 processors had been dropped. This functionality\r\nis now restored.\r\n\r\nFor the stable distribution (wheezy), these problems have been fixed in\r\nversion 35.0.1916.153-1~deb7u1.\r\n\r\nFor the testing (jessie) and unstable (sid) distribution, these problems\r\nhave been fixed in version 35.0.1916.153-1.\r\n\r\nWe recommend that you upgrade your chromium-browser packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQQcBAEBCgAGBQJTnIzkAAoJELjWss0C1vRzk20f/3xH0L9p4hHsEb1i2nwj3U4R\r\nY88r+2XDp+foO5sR7PTLVm6xmO0LbdfNzJLghysP/8w4Kd62/nYjDZ0IsuNedJdk\r\nk0ezzA6u+CHNK5QY2v6hjBgxvX0CFmstnF1+BMGSTG5Gd53cPpxlrQ/Xhsztxa0i\r\nweC0s7dArKY0O1wJcruog0ayvlzl/c4+1s+Kha7T84F2aTMGQ1Ul678TvjH0r5/K\r\nlRClxYPn3i6ETb2p5YA3thsgmb8qhIkC/S2mNirG0T5ghb2KJ9UuJRINikeTjCNe\r\n/dRKG6dZiYBb1QUkWI/oAwUdyzjho3ua7oOyt6wLqCeq6/QTw869qOUBaDa4LhHr\r\nYhC9lSggMs+4MM06Xlo2/4Rgm17tnU+T6ceoB4iVFjt3s1A1parPX1/IQESDTVoQ\r\nyAViCXH/R6wvER5i5B7dZ5MJ4u3K629l6cW6rRBQ8fhG2njjcUDnqhgRIgyiBZ6/\r\nWC9naPaYcA+fBTvq71iVk6IBLVG8/azccB4l2o73A99Hxxahg9sDDOAucobXIIb6\r\n86npzVmhwgxUgTR8zDoZPLfBOMr/fMZKdfwr+3/1r+xRIU4N/nxBh7EHhz/2JPTX\r\nDSaFNAIsSShOlOawJStq0q4dt/QgVZ/KZrLcQxNBXFbHZBZt+QC2tkWRYzFkTvUE\r\nbSQN9iIfWKcamzuapTcwoN/a8sgYpTxuPQbgv9JWC974I88LyQI2/joHCcPms5Zw\r\naZmMp06j4peYDyVjSSjUUJEz6WuBK2PhBdScf7JI/bSy2D4G6HrEKa8yQ8VWbb2d\r\nRvIQaI6J6oHPXQs6Wk/Oph9e7M7j8N+Jn4gsnjRuxmdngxeUDQdD6MwPYocp8R3S\r\nch8+OOrjrV6mhdJllOA4Or0+HnGDvEae0rR7xGFEZgAGzTTwM0Luu4Dxw5+a50M9\r\n81tx2cAZGmLgS+0NOIthb3xFaKqAg6z//jeUOwamCQ7Y8/wtsqn9Z0G1m21BE81s\r\n95aWlEWVuv0LK6JF+SMs5ZdGF8uMPgDVLTrsvd0ID+OIN+3r1DSGYs/rERbSRIts\r\n1Gufd1FW5/jst6EPdXKEyqstMgdGNVyjYqsBFvPmpkHVl0n/fwr+0oC7GFHwgZhw\r\nvOT0SW6d75T6pBY1LZHx4HU/S0FI8aeK91OnbF2HYOE09UJjJFjAN/vvgcdOF7Wm\r\n0REMyGfTRdXmADIr7bey2wtiqNdSFEU64P6/L1vK2g6afZhx9yYSxe1NgVc80oI1\r\nfAvghpO6jZ81DYJBaTXAx4ZMg+6qHV4kr/34ZUbtqJmHE0zWcptvc34yIjetdkRK\r\nubJBir7LFDLHAKXtWw5OqALiinhTev2OZxTn2nKsvlAXkBhVxLh7XIzpnwcQMgA=\r\n=ZO4y\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-06-17T00:00:00", "published": "2014-06-17T00:00:00", "id": "SECURITYVULNS:DOC:30878", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30878", "title": "[SECURITY] [DSA 2959-1] chromium-browser security update", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:56", "bulletinFamily": "software", "description": "Memory corruptions, buffer overflows.", "modified": "2014-06-17T00:00:00", "published": "2014-06-17T00:00:00", "id": "SECURITYVULNS:VULN:13842", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13842", "title": "Google Chrome / Chromium multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "kaspersky": [{"lastseen": "2019-03-21T00:14:58", "bulletinFamily": "info", "description": "### *Detect date*:\n06/10/2014\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Google Chrome 35.0.1916.114 and earlier. Malicious users can exploit these vulnerabilities to cause denial of service or other possible issues.\n\n### *Affected products*:\nGoogle Chrome 35.0.1916.114 and earlier\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Google Chrome](<https://www.google.ru/chrome/browser/>)\n\n### *Original advisories*:\n[Google chrome blog entry](<http://googlechromereleases.blogspot.ru/2014/06/stable-channel-update.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2014-3156](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3156>)7.5Critical \n[CVE-2014-3157](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3157>)7.5Critical \n[CVE-2014-3154](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3154>)7.5Critical \n[CVE-2014-3155](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3155>)5.0Critical", "modified": "2019-03-07T00:00:00", "published": "2014-06-10T00:00:00", "id": "KLA10006", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10006", "title": "\r KLA10006Multiple vulnerabilities in Google Chrome ", "type": "kaspersky", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2019-05-30T02:21:33", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2959-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nJune 14, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2014-3154 CVE-2014-3155 CVE-2014-3156 CVE-2014-3157\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2014-3154\n\n Collin Payne discovered a use-after-free issue in the filesystem API.\n\nCVE-2014-3155\n\n James March, Daniel Sommermann, and Alan Frindell discovered several\n out-of-bounds read issues in the SPDY protocol implementation.\n\nCVE-2014-3156\n\n Atte Kettunen discovered a buffer overflow issue in bitmap handling\n in the clipboard implementation.\n\nCVE-2014-3157\n\n A heap-based buffer overflow issue was discovered in chromium's\n ffmpeg media filter.\n\nIn addition, this version corrects a regression in the previous update.\nSupport for older i386 processors had been dropped. This functionality\nis now restored.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 35.0.1916.153-1~deb7u1.\n\nFor the testing (jessie) and unstable (sid) distribution, these problems\nhave been fixed in version 35.0.1916.153-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2014-06-14T19:52:13", "published": "2014-06-14T19:52:13", "id": "DEBIAN:DSA-2959-1:1CB57", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00139.html", "title": "[SECURITY] [DSA 2959-1] chromium-browser security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2016-09-26T17:24:24", "bulletinFamily": "unix", "description": "\nGoogle Chrome Releases reports:\n\n4 security fixes in this release, including:\n\n[369525] High CVE-2014-3154: Use-after-free in filesystem api. Credit\n\t to Collin Payne.\n[369539] High CVE-2014-3155: Out-if-bounds read in SPDY. Credit\n\t to James March, Daniel Sommermann and Alan Frindell of Facebook.\n[369621] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit\n\t to Atte Kettunen of OUSPG.\n[368980] CVE-2014-3157: Heap overflow in media.\n\n\n", "modified": "2014-06-10T00:00:00", "published": "2014-06-10T00:00:00", "href": "https://vuxml.freebsd.org/freebsd/0b0fb9b0-f0fb-11e3-9bcd-000c6e25e3e9.html", "id": "0B0FB9B0-F0FB-11E3-9BCD-000C6E25E3E9", "title": "chromium -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "threatpost": [{"lastseen": "2018-10-06T22:58:42", "bulletinFamily": "info", "description": "Mozilla has fixed seven security vulnerabilities in Firefox 30, including five critical flaws that could enable remote code execution.\n\nFirefox 30 is a relatively minor release of the popular browser, with the most notable change being the addition of a sidebar button that allows users to quickly access social and bookmarking sites. The new release also includes a sidebar that enables users to follow the action of the World Cup as it happens.\n\nAmong the security fixes are the five critical vulnerabilities, which include three use-after-free bugs and a buffer overflow. Mozilla\u2019s internal developers also identified a number of memory corruption vulnerabilities that were fixed in Firefox 30.\n\n\u201cMozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code,\u201d the security advisory says.\n\nHere is the complete list of security vulnerabilities repaired in [Firefox 30](<https://www-dev.allizom.org/en-US/firefox/30.0/releasenotes/>):\n\n[MFSA 2014-54](<https://www.mozilla.org/security/announce/2014/mfsa2014-54.html>) Buffer overflow in Gamepad API\n\n[MFSA 2014-53](<https://www.mozilla.org/security/announce/2014/mfsa2014-53.html>) Buffer overflow in Web Audio Speex resampler\n\n[MFSA 2014-52](<https://www.mozilla.org/security/announce/2014/mfsa2014-52.html>) Use-after-free with SMIL Animation Controller\n\n[MFSA 2014-51](<https://www.mozilla.org/security/announce/2014/mfsa2014-51.html>) Use-after-free in Event Listener Manager\n\n[MFSA 2014-50](<https://www.mozilla.org/security/announce/2014/mfsa2014-50.html>) Clickjacking through cursor invisability after Flash interaction\n\n[MFSA 2014-49](<https://www.mozilla.org/security/announce/2014/mfsa2014-49.html>) Use-after-free and out of bounds issues found using Address Sanitizer\n\n[MFSA 2014-48](<https://www.mozilla.org/security/announce/2014/mfsa2014-48.html>) Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)\n\nAmong the high-impact bugs fixed in this release is a vulnerability that, under some highly specific circumstances, could lead to a clickjacking attack.\n\n\u201cSecurity researcher Jordi Chancel reported a mechanism where the cursor can be rendered invisible after it has been used on an embedded flash object when used outside of the object. This flaw can be in used in combination with an image of the cursor manipulated through JavaScript, leading to clickjacking during interactions with HTML content subsequently. This issue only affects OS X and is not present on Windows or Linux systems,\u201d Mozilla\u2019s advisory said.\n\n**Google Patches Flaws in Chrome**\n\nAlso on Tuesday, Google fixed a handful of vulnerabilities in [Chrome 35](<http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html>), including high-risk flaws. The company handed out $2,500 in rewards to researchers, as well. The bugs fixed in the browser include:\n\n[$1000][[](<https://code.google.com/p/chromium/issues/detail?id=354123>)[369525](<https://code.google.com/p/chromium/issues/detail?id=369525>)] High CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne.\n\n[$1000][[](<https://code.google.com/p/chromium/issues/detail?id=354123>)[369539](<https://code.google.com/p/chromium/issues/detail?id=369539>)] High CVE-2014-3155: Out-of-bounds read in SPDY. Credit to James March, Daniel Sommermann and Alan Frindell of Facebook.\n\n[$500][[](<https://code.google.com/p/chromium/issues/detail?id=354123>)[369621](<https://code.google.com/p/chromium/issues/detail?id=369621>)] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen of OUSPG.\n", "modified": "2014-06-12T17:17:48", "published": "2014-06-11T10:31:08", "id": "THREATPOST:385A2DBEF150588EB8AE2CBAA2FFB293", "href": "https://threatpost.com/mozilla-patches-seven-flaws-in-firefox-30/106584/", "type": "threatpost", "title": "Mozilla Patches Seven Flaws in Firefox 30", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T12:01:48", "bulletinFamily": "unix", "description": "Chromium was updated to version 36.0.1985.125. New Functionality:\n * Rich Notifications Improvements\n * An Updated Incognito / Guest NTP design\n * The addition of a Browser crash recovery bubble\n * Chrome App Launcher for Linux\n * Lots of under the hood changes for stability and performance\n\n Security Fixes (bnc#887952,bnc#887955):\n * CVE-2014-3160: Same-Origin-Policy bypass in SVG\n * CVE-2014-3162: Various fixes from internal audits, fuzzing and other\n initiatives and 24 more fixes for which no description was given.\n\n Packaging changes:\n * Switch to newer method to retrieve toolchain packages. Dropping the\n three naclsdk_*tgz files. Everything is now included in the\n toolchain_linux_x86.tar.bz2 tarball\n * Add Courgette.tar.xz as that the build process now requires some files\n from Courgette in order to build succesfully. This does not mean that\n Courgette is build/delivered.\n\n Includes also an update to Chromium 35.0.1916.153 Security fixes\n (bnc#882264,bnc#882264,bnc#882265,bnc#882263):\n * CVE-2014-3154: Use-after-free in filesystem api\n * CVE-2014-3155: Out-of-bounds read in SPDY\n * CVE-2014-3156: Buffer overflow in clipboard\n * CVE-2014-3157: Heap overflow in media\n\n", "modified": "2014-08-11T10:09:58", "published": "2014-08-11T10:09:58", "id": "OPENSUSE-SU-2014:0982-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00006.html", "title": "chromium: update to 36.0.1985.125 (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2019-05-29T17:23:27", "bulletinFamily": "unix", "description": "A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1730)\n\nA type confusion bug was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1731)\n\nMultiple security issues including memory safety bugs were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1735, CVE-2014-3162)\n\nMultiple use-after-free issues were discovered in the WebSockets implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1740)\n\nMultiple integer overflows were discovered in CharacterData implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1741)\n\nMultiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1742, CVE-2014-1743)\n\nAn integer overflow bug was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1744)\n\nAn out-of-bounds read was discovered in Chromium. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2014-1746)\n\nIt was discovered that Blink allowed scrollbar painting to extend in to the parent frame in some circumstances. An attacker could potentially exploit this to conduct clickjacking attacks via UI redress. (CVE-2014-1748)\n\nAn integer underflow was discovered in Blink. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3152)\n\nA use-after-free was discovered in Chromium. If a use were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3154)\n\nA security issue was discovered in the SPDY implementation. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-3155)\n\nA heap overflow was discovered in Chromium. If a use were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3157)\n\nIt was discovered that Blink did not enforce security rules for subresource loading in SVG images. If a user opened a site that embedded a specially crafted image, an attacker could exploit this to log page views. (CVE-2014-3160)\n\nIt was discovered that the SpeechInput feature in Blink could be activated without consent or any visible indication. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to eavesdrop on the user. (CVE-2014-3803)", "modified": "2014-07-23T00:00:00", "published": "2014-07-23T00:00:00", "id": "USN-2298-1", "href": "https://usn.ubuntu.com/2298-1/", "title": "Oxide vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:00", "bulletinFamily": "unix", "description": "### Background\n\nChromium is an open-source web browser project.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could conduct a number of attacks which include: cross site scripting attacks, bypassing of sandbox protection, potential execution of arbitrary code with the privileges of the process, or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-37.0.2062.94\"", "modified": "2014-08-30T00:00:00", "published": "2014-08-30T00:00:00", "id": "GLSA-201408-16", "href": "https://security.gentoo.org/glsa/201408-16", "type": "gentoo", "title": "Chromium: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
