Lucene search
+L

Google Chrome Security Updates (stable-channel-update-for-desktop_13-2019-06) - Windows

🗓️ 14 Jun 2019 00:00:00Reported by Copyright (C) 2019 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 71 Views

Google Chrome Security Updates for Windows, vulnerable to use-after-free issue in Blink, with denial of service and code execution risk

Related
Refs
Code
ReporterTitlePublishedViews
Family
ArchLinux
[ASA-201906-11] chromium: arbitrary code execution
14 Jun 201900:00
archlinux
BDU FSTEC
The vulnerability of Google Chrome browser’s Blink rendering module allows a hacker to execute arbitrary code.
13 Aug 201900:00
bdu_fstec
Circl
CVE-2019-5842
27 Feb 202414:46
circl
CNVD
Google Chrome Blink Memory Misreference Vulnerability (CNVD-2019-23092)
18 Jun 201900:00
cnvd
CVE
CVE-2019-5842
25 Nov 201914:22
cve
Cvelist
CVE-2019-5842
25 Nov 201914:22
cvelist
FreeBSD
chromium -- use after free
9 May 201900:00
freebsd
Debian
[SECURITY] [DSA 4500-1] chromium security update
13 Aug 201905:17
debian
Debian
[SECURITY] [DSA 4500-1] chromium security update
13 Aug 201905:17
debian
Debian CVE
CVE-2019-5842
25 Nov 201914:22
debiancve
Rows per page
# SPDX-FileCopyrightText: 2019 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only


CPE = "cpe:/a:google:chrome";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.815212");
  script_version("2024-02-09T14:47:30+0000");
  script_cve_id("CVE-2019-5842");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
  script_tag(name:"last_modification", value:"2024-02-09 14:47:30 +0000 (Fri, 09 Feb 2024)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2020-08-24 17:37:00 +0000 (Mon, 24 Aug 2020)");
  script_tag(name:"creation_date", value:"2019-06-14 09:50:37 +0530 (Fri, 14 Jun 2019)");
  script_name("Google Chrome Security Updates (stable-channel-update-for-desktop_13-2019-06) - Windows");

  script_tag(name:"summary", value:"Google Chrome is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
  on the target host.");

  script_tag(name:"insight", value:"The flaw exists due to an use-after-free
  issue in Blink.");

  script_tag(name:"impact", value:"Successful exploitation will allow
  attackers to cause denial of service or execute arbitrary code on the
  victim system.");

  script_tag(name:"affected", value:"Google Chrome version prior to 75.0.3770.90 on Windows");

  script_tag(name:"solution", value:"Upgrade to Google Chrome version
  75.0.3770.90 or later. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"registry");
  script_xref(name:"URL", value:"https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop_13.html");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2019 Greenbone AG");
  script_family("General");
  script_dependencies("gb_google_chrome_detect_win.nasl");
  script_mandatory_keys("GoogleChrome/Win/Ver");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

if(version_is_less(version:vers, test_version:"75.0.3770.90"))
{
  report = report_fixed_ver(installed_version:vers, fixed_version:"75.0.3770.90", install_path:path);
  security_message(data:report);
  exit(0);
}

exit(99);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

09 Feb 2024 00:00Current
7.4High risk
Vulners AI Score7.4
CVSS 24.3
CVSS 3.16.5
EPSS0.00744
71