Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Greenbone AGOPENVAS:1361412562310805359
HistoryApr 06, 2015 - 12:00 a.m.

Google Chrome Multiple Vulnerabilities-01 (Apr 2015) - Mac OS X

2015-04-0600:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
9

6.1 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.063 Low

EPSS

Percentile

93.5%

JSON

Google Chrome is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:google:chrome";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.805359");
  script_version("2024-02-09T05:06:25+0000");
  script_cve_id("CVE-2015-1234", "CVE-2015-1233");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"2024-02-09 05:06:25 +0000 (Fri, 09 Feb 2024)");
  script_tag(name:"creation_date", value:"2015-04-06 14:45:55 +0530 (Mon, 06 Apr 2015)");
  script_name("Google Chrome Multiple Vulnerabilities-01 (Apr 2015) - Mac OS X");

  script_tag(name:"summary", value:"Google Chrome is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws are due to:

  - A race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc that
  is triggered when calculating certain sizes.

  - Unspecified flaws in V8, Gamepad, and IPC.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to bypass sandbox protection mechanisms and execute arbitrary code
  and or cause a denial-of-service condition.");

  script_tag(name:"affected", value:"Google Chrome version prior to
  41.0.2272.118 on Mac OS X.");

  script_tag(name:"solution", value:"Upgrade to Google Chrome version
  41.0.2272.118 or later.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"qod_type", value:"registry");

  script_xref(name:"URL", value:"http://msisac.cisecurity.org/advisories/2015/2015-037.cfm");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.in/2015/04/stable-channel-update.html");

  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_category(ACT_GATHER_INFO);
  script_family("General");
  script_dependencies("gb_google_chrome_detect_macosx.nasl");
  script_mandatory_keys("GoogleChrome/MacOSX/Version");

  exit(0);
}


include("host_details.inc");
include("version_func.inc");

if(!chromeVer = get_app_version(cpe:CPE)) exit(0);

if(version_is_less(version:chromeVer, test_version:"41.0.2272.118"))
{
  report = 'Installed version: ' + chromeVer + '\n' +
           'Fixed version:     41.0.2272.118'  + '\n';
  security_message(data:report);
  exit(0);
}

Related

nessus 7
openvas 6
redhat 1
archlinux 1
kaspersky 1
mageia 1
suse 1
chrome 1
ubuntu 1
prion 2
debiancve 2
ubuntucve 2
cve 2
zdi 1
gentoo 1
nessus
nessus
RHEL 6 : chromium-browser (RHSA-2015:0778)
2015-04-07 00:00:00
Google Chrome < 41.0.2272.118 Multiple Vulnerabilities
2015-04-02 00:00:00
Google Chrome < 41.0.2272.118 Multiple Vulnerabilities
2015-04-24 00:00:00
openvas
openvas
Google Chrome Multiple Vulnerabilities-01 (Apr 2015) - Windows
2015-04-06 00:00:00
Mageia: Security Advisory (MGASA-2015-0141)
2022-01-28 00:00:00
openSUSE: Security Advisory for Chromium (openSUSE-SU-2015:0682-1)
2015-04-09 00:00:00
redhat
redhat
(RHSA-2015:0778) Critical: chromium-browser security update
2015-04-06 00:00:00
archlinux
archlinux
chromium: remote code execution
2015-04-02 00:00:00
kaspersky
kaspersky
KLA10524 Multiple vulnerabilities in Google Chrome
2015-04-01 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerabilities
2015-04-10 01:44:14
suse
suse
Security update for Chromium (important)
2015-04-08 16:06:12
chrome
chrome
Stable Channel Update
2015-04-01 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2015-04-07 00:00:00
prion
prion
Code injection
2015-04-01 21:59:00
Race condition
2015-04-01 21:59:00
debiancve
debiancve
CVE-2015-1233
2015-04-01 21:59:00
CVE-2015-1234
2015-04-01 21:59:00
ubuntucve
ubuntucve
CVE-2015-1233
2015-04-01 00:00:00
CVE-2015-1234
2015-04-01 00:00:00
cve
cve
CVE-2015-1233
2015-04-01 21:59:00
CVE-2015-1234
2015-04-01 21:59:00
zdi
zdi
(Pwn2Own) Google Chrome pnacl Shared Memory Time-Of-Check/Time-Of-Use Remote Code Execution Vulnerability
2015-04-15 00:00:00
gentoo
gentoo
Chromium: Multiple vulnerabilities
2015-06-23 00:00:00

6.1 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.063 Low

EPSS

Percentile

93.5%

JSON
Related for OPENVAS:1361412562310805359
nessus7openvas6redhat1archlinux1kaspersky1mageia1suse1chrome1ubuntu1prion2debiancve2ubuntucve2cve2zdi1gentoo1