ID OPENVAS:801312Type openvasReporter Copyright (c) 2010 Greenbone Networks GmbHModified 2017-02-16T00:00:00
Description
This host is installed with Google Chrome Web Browser and is prone to
multiple vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_google_chrome_mult_vuln_apr10.nasl 5306 2017-02-16 09:00:16Z teissa $
#
# Google Chrome Multiple Vulnerabilities (win)
#
# Authors:
# Antu Sanadi <santu@secpod.com>
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
tag_impact = "Successful exploitation will let the attacker execute arbitrary code, bypass
security restrictions, sensitive information disclosure, and can cause other
attacks.
Impact Level: Application";
tag_affected = "Google Chrome version prior to 4.1.249.1036 on Windows.";
tag_insight = "Multiple flaws are due to:
- An error in handling 'SVG' document.
- Multiple race conditions in the 'sandbox' infrastructure.
- An error in 'sandbox' infrastructure which does not properly use pointers.
- An error in proceesing of 'HTTP' headers, processes HTTP headers before
invoking the SafeBrowsing feature.
- not having the expected behavior for attempts to delete Web SQL
Databases and clear the 'Strict Transport Security (STS)' state.
- An error in processing of 'HTTP Basic Authentication dialog'.
- Multiple integer overflows errors when processing 'WebKit JavaScript'
objects.
- not properly restricting cross-origin operations, which has unspecified
impact and remote attack vectors.";
tag_solution = "Upgrade to the version 4.1.249.1036 or later,
For updates refer to http://www.google.com/chrome";
tag_summary = "This host is installed with Google Chrome Web Browser and is prone to
multiple vulnerabilities.";
if(description)
{
script_id(801312);
script_version("$Revision: 5306 $");
script_tag(name:"last_modification", value:"$Date: 2017-02-16 10:00:16 +0100 (Thu, 16 Feb 2017) $");
script_tag(name:"creation_date", value:"2010-04-13 16:55:19 +0200 (Tue, 13 Apr 2010)");
script_cve_id("CVE-2010-1228", "CVE-2010-1229", "CVE-2010-1230", "CVE-2010-1231",
"CVE-2010-1232", "CVE-2010-1233", "CVE-2010-1234", "CVE-2010-1235",
"CVE-2010-1236", "CVE-2010-1237");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Google Chrome Multiple Vulnerabilities (win)");
script_xref(name : "URL" , value : "http://code.google.com/p/chromium/issues/detail?id=37061");
script_xref(name : "URL" , value : "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html");
script_category(ACT_GATHER_INFO);
script_tag(name:"qod_type", value:"executable_version");
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("General");
script_dependencies("gb_google_chrome_detect_win.nasl");
script_require_keys("GoogleChrome/Win/Ver");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
exit(0);
}
include("version_func.inc");
gcVer = get_kb_item("GoogleChrome/Win/Ver");
if(!gcVer){
exit(0);
}
# Check for google chrome Version less than 4.1.249.1036
if(version_is_less(version:gcVer, test_version:"4.1.249.1036")){
security_message(0);
}
{"bulletinFamily": "scanner", "viewCount": 0, "naslFamily": "General", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", "http://code.google.com/p/chromium/issues/detail?id=37061"], "description": "This host is installed with Google Chrome Web Browser and is prone to\n multiple vulnerabilities.", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "0059a9d96f48cab147e83a5fafaaa219"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "00697ce683005d2334ad2757433531fa"}, {"key": "href", "hash": "0fea975fa9c5bb435dfe81c207322ec9"}, {"key": "modified", "hash": "f48b2af0bd81c0460d2e005d8c33ee02"}, {"key": "naslFamily", "hash": "0db377921f4ce762c62526131097968f"}, {"key": "pluginID", "hash": "27dd183dcff3a5cdbc331679564fe03d"}, {"key": "published", "hash": "32792082efb06ce75d2f682a53d656c6"}, {"key": "references", "hash": "4923be15e588537e3f35c58c889ca17e"}, {"key": "reporter", "hash": "82db6d7eefdc19955bb78be9fb178ae1"}, {"key": "sourceData", "hash": "177c5aa19aa3db6f3882efa882305d75"}, {"key": "title", "hash": "4d9ac6e6f69f68fdec1cd9e598747c25"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "href": "http://plugins.openvas.org/nasl.php?oid=801312", "modified": "2017-02-16T00:00:00", "objectVersion": "1.3", "enchantments": {"score": {"value": 10.0, "vector": "NONE"}, "vulnersScore": 10.0}, "id": "OPENVAS:801312", "title": "Google Chrome Multiple Vulnerabilities (win)", "hash": "3575cafd8257f48f303f89a1e3fb62471cc189c1f1e53757f11c4860ff9a8a9a", "edition": 1, "published": "2010-04-13T00:00:00", "type": "openvas", "history": [], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvelist": ["CVE-2010-1237", "CVE-2010-1228", "CVE-2010-1232", "CVE-2010-1229", "CVE-2010-1231", "CVE-2010-1235", "CVE-2010-1234", "CVE-2010-1236", "CVE-2010-1233", "CVE-2010-1230"], "lastseen": "2017-07-02T21:09:51", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln_apr10.nasl 5306 2017-02-16 09:00:16Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities (win)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker execute arbitrary code, bypass\n security restrictions, sensitive information disclosure, and can cause other\n attacks.\n Impact Level: Application\";\ntag_affected = \"Google Chrome version prior to 4.1.249.1036 on Windows.\";\ntag_insight = \"Multiple flaws are due to:\n - An error in handling 'SVG' document.\n - Multiple race conditions in the 'sandbox' infrastructure.\n - An error in 'sandbox' infrastructure which does not properly use pointers.\n - An error in proceesing of 'HTTP' headers, processes HTTP headers before\n invoking the SafeBrowsing feature.\n - not having the expected behavior for attempts to delete Web SQL\n Databases and clear the 'Strict Transport Security (STS)' state.\n - An error in processing of 'HTTP Basic Authentication dialog'.\n - Multiple integer overflows errors when processing 'WebKit JavaScript'\n objects.\n - not properly restricting cross-origin operations, which has unspecified\n impact and remote attack vectors.\";\ntag_solution = \"Upgrade to the version 4.1.249.1036 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"This host is installed with Google Chrome Web Browser and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(801312);\n script_version(\"$Revision: 5306 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-16 10:00:16 +0100 (Thu, 16 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-13 16:55:19 +0200 (Tue, 13 Apr 2010)\");\n script_cve_id(\"CVE-2010-1228\", \"CVE-2010-1229\", \"CVE-2010-1230\", \"CVE-2010-1231\",\n \"CVE-2010-1232\", \"CVE-2010-1233\", \"CVE-2010-1234\", \"CVE-2010-1235\",\n \"CVE-2010-1236\", \"CVE-2010-1237\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Google Chrome Multiple Vulnerabilities (win)\");\n script_xref(name : \"URL\" , value : \"http://code.google.com/p/chromium/issues/detail?id=37061\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_require_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\ngcVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!gcVer){\n exit(0);\n}\n\n# Check for google chrome Version less than 4.1.249.1036\nif(version_is_less(version:gcVer, test_version:\"4.1.249.1036\")){\n security_message(0);\n}\n", "pluginID": "801312"}
{"nessus": [{"lastseen": "2018-11-16T16:55:59", "references": ["http://www.nessus.org/u?0ec0e092"], "pluginID": "45086", "description": "The version of Google Chrome installed on the remote host is prior to 4.1.249.1036. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple race conditions and pointer errors in the sandbox infrastructure. (Issue #28804, #31880)\n\n - An error relating to persisted metadata such as Web Databases and STS. (Issue #20801, #33445)\n\n - HTTP headers are processed before the SafeBrowsing check. (Issue #33572)\n\n - A memory error with malformed SVG. (Issue #34978)\n\n - Multiple integer overflows in WebKit JavaScript objects.\n (Issue #35724)\n\n - The HTTP basic auth dialog truncates URLs.\n (Issue #36772)\n\n - It is possible to bypass the download warning dialog.\n (Issue #37007)\n\n - An unspecified cross-origin bypass vulnerability.\n (Issue #37383)\n\n - A memory error relating to empty SVG elements. Note that this only affects Chrome Beta versions.\n (Issue #37061)", "edition": 6, "reporter": "Tenable", "published": "2010-03-18T00:00:00", "title": "Google Chrome < 4.1.249.1036 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1237", "CVE-2010-1232", "CVE-2010-1229", "CVE-2010-1231", "CVE-2010-1235", "CVE-2010-1234", "CVE-2010-1236", "CVE-2010-1233", "CVE-2010-1230"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_4_1_249_1036.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45086", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45086);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/11/15 20:50:27\");\n\n script_cve_id(\n \"CVE-2010-1229\",\n \"CVE-2010-1230\",\n \"CVE-2010-1231\",\n \"CVE-2010-1232\",\n \"CVE-2010-1233\",\n \"CVE-2010-1234\",\n \"CVE-2010-1235\",\n \"CVE-2010-1236\",\n \"CVE-2010-1237\"\n );\n script_bugtraq_id(\n 38829,\n 73629,\n 73673\n );\n script_xref(name:\"Secunia\", value:\"39029\");\n\n script_name(english:\"Google Chrome < 4.1.249.1036 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version number of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is prior to\n4.1.249.1036. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple race conditions and pointer errors in the\n sandbox infrastructure. (Issue #28804, #31880)\n\n - An error relating to persisted metadata such as Web\n Databases and STS. (Issue #20801, #33445)\n\n - HTTP headers are processed before the SafeBrowsing\n check. (Issue #33572)\n\n - A memory error with malformed SVG. (Issue #34978)\n\n - Multiple integer overflows in WebKit JavaScript objects.\n (Issue #35724)\n\n - The HTTP basic auth dialog truncates URLs.\n (Issue #36772)\n\n - It is possible to bypass the download warning dialog.\n (Issue #37007)\n\n - An unspecified cross-origin bypass vulnerability.\n (Issue #37383)\n\n - A memory error relating to empty SVG elements. Note\n that this only affects Chrome Beta versions.\n (Issue #37061)\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0ec0e092\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Google Chrome 4.1.249.1036 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\n\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\ngoogle_chrome_check_version(installs:installs, fix:'4.1.249.1036', severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T17:08:15", "references": ["https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html", "https://bugzilla.novell.com/show_bug.cgi?id=601349"], "pluginID": "53764", "description": "Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685, CVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689, CVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693, CVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697, CVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701, CVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714, CVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725, CVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419, CVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272, CVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315, CVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029, CVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386, CVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760, CVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764, CVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791, CVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264, CVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301, CVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040", "edition": 6, "reporter": "Tenable", "published": "2011-05-05T00:00:00", "title": "openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0049", "CVE-2010-1813", "CVE-2009-1698", "CVE-2010-0052", "CVE-2010-0315", "CVE-2010-1412", "CVE-2010-3808", "CVE-2009-1691", "CVE-2010-3810", "CVE-2010-1397", "CVE-2009-2419", "CVE-2010-1416", "CVE-2010-1396", "CVE-2010-1417", "CVE-2010-3257", "CVE-2010-1823", "CVE-2010-1789", "CVE-2009-2199", "CVE-2010-1757", "CVE-2010-1409", "CVE-2009-1712", "CVE-2010-0046", "CVE-2010-0651", "CVE-2010-1760", "CVE-2010-0054", "CVE-2010-3809", "CVE-2010-1783", "CVE-2010-3900", "CVE-2009-2200", "CVE-2009-2841", "CVE-2010-3812", "CVE-2009-1695", "CVE-2010-2301", "CVE-2010-3816", "CVE-2009-1718", "CVE-2010-2300", "CVE-2009-1685", "CVE-2010-1749", "CVE-2010-1758", "CVE-2010-1787", "CVE-2010-1771", "CVE-2009-2797", "CVE-2010-1410", "CVE-2010-1807", "CVE-2010-3116", "CVE-2010-0048", "CVE-2010-1415", "CVE-2010-1769", "CVE-2010-3312", "CVE-2010-3818", "CVE-2009-1709", "CVE-2010-1419", "CVE-2010-1407", "CVE-2010-2297", "CVE-2010-1780", "CVE-2010-1766", "CVE-2010-1772", "CVE-2010-3817", "CVE-2010-1389", "CVE-2010-1391", "CVE-2009-1700", "CVE-2009-1684", "CVE-2010-3803", "CVE-2010-1763", "CVE-2009-1725", "CVE-2010-1387", "CVE-2010-3829", "CVE-2010-3824", "CVE-2010-1126", "CVE-2010-1759", "CVE-2010-3811", "CVE-2009-1696", "CVE-2010-0650", "CVE-2009-1703", "CVE-2010-1388", "CVE-2010-0659", "CVE-2010-1786", "CVE-2010-1773", "CVE-2009-3934", "CVE-2010-1729", "CVE-2010-1785", "CVE-2010-1029", "CVE-2009-1689", "CVE-2010-3820", "CVE-2010-1774", "CVE-2010-1395", "CVE-2010-1400", "CVE-2009-1688", "CVE-2009-0945", "CVE-2010-2264", "CVE-2009-1713", "CVE-2010-1406", "CVE-2010-1418", "CVE-2010-3826", "CVE-2010-2302", "CVE-2010-1398", "CVE-2010-1790", "CVE-2009-1711", "CVE-2009-1692", "CVE-2009-1681", "CVE-2010-1401", "CVE-2010-1788", "CVE-2010-3822", "CVE-2010-1413", "CVE-2010-1781", "CVE-2009-1690", "CVE-2010-3805", "CVE-2010-1815", "CVE-2010-1408", "CVE-2010-1403", "CVE-2010-1404", "CVE-2010-1761", "CVE-2010-1782", "CVE-2010-1814", "CVE-2010-1792", "CVE-2009-1724", "CVE-2010-1422", "CVE-2010-3819", "CVE-2010-1390", "CVE-2010-1767", "CVE-2010-3259", "CVE-2010-1236", "CVE-2010-2441", "CVE-2009-2816", "CVE-2010-0656", "CVE-2009-2195", "CVE-2010-1812", "CVE-2009-3384", "CVE-2009-1687", "CVE-2010-1393", "CVE-2010-1791", "CVE-2010-1770", "CVE-2010-1392", "CVE-2010-1825", "CVE-2010-0647", "CVE-2009-3933", "CVE-2010-1822", "CVE-2009-1699", "CVE-2010-1784", "CVE-2010-1824", "CVE-2010-1233", "CVE-2009-1701", "CVE-2010-0053", "CVE-2009-1715", "CVE-2010-3804", "CVE-2010-0047", "CVE-2009-1714", "CVE-2010-0051", "CVE-2010-1402", "CVE-2010-1762", "CVE-2009-1694", "CVE-2010-0050", "CVE-2009-1702", "CVE-2010-1386", "CVE-2010-3821", "CVE-2009-1710", "CVE-2009-3272", "CVE-2010-3813", "CVE-2009-1686", "CVE-2010-1764", "CVE-2010-1405", "CVE-2010-1414", "CVE-2010-3823", "CVE-2009-1693", "CVE-2010-1421", "CVE-2010-2295", "CVE-2010-1394", "CVE-2010-1399", "CVE-2010-0661", "CVE-2010-1793", "CVE-2009-1697"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:libwebkit-lang", "p-cpe:/a:novell:opensuse:libwebkit-devel", "p-cpe:/a:novell:opensuse:libwebkit-1_0-2", "p-cpe:/a:novell:opensuse:webkit-jsc"], "id": "SUSE_11_2_LIBWEBKIT-110111.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=53764", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libwebkit-3787.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53764);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/10 11:49:59\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1681\", \"CVE-2009-1684\", \"CVE-2009-1685\", \"CVE-2009-1686\", \"CVE-2009-1687\", \"CVE-2009-1688\", \"CVE-2009-1689\", \"CVE-2009-1690\", \"CVE-2009-1691\", \"CVE-2009-1692\", \"CVE-2009-1693\", \"CVE-2009-1694\", \"CVE-2009-1695\", \"CVE-2009-1696\", \"CVE-2009-1697\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1700\", \"CVE-2009-1701\", \"CVE-2009-1702\", \"CVE-2009-1703\", \"CVE-2009-1709\", \"CVE-2009-1710\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1714\", \"CVE-2009-1715\", \"CVE-2009-1718\", \"CVE-2009-1724\", \"CVE-2009-1725\", \"CVE-2009-2195\", \"CVE-2009-2199\", \"CVE-2009-2200\", \"CVE-2009-2419\", \"CVE-2009-2797\", \"CVE-2009-2816\", \"CVE-2009-2841\", \"CVE-2009-3272\", \"CVE-2009-3384\", \"CVE-2009-3933\", \"CVE-2009-3934\", \"CVE-2010-0046\", \"CVE-2010-0047\", \"CVE-2010-0048\", \"CVE-2010-0049\", \"CVE-2010-0050\", \"CVE-2010-0051\", \"CVE-2010-0052\", \"CVE-2010-0053\", \"CVE-2010-0054\", \"CVE-2010-0315\", \"CVE-2010-0647\", \"CVE-2010-0650\", \"CVE-2010-0651\", \"CVE-2010-0656\", \"CVE-2010-0659\", \"CVE-2010-0661\", \"CVE-2010-1029\", \"CVE-2010-1126\", \"CVE-2010-1233\", \"CVE-2010-1236\", \"CVE-2010-1386\", \"CVE-2010-1387\", \"CVE-2010-1388\", \"CVE-2010-1389\", \"CVE-2010-1390\", \"CVE-2010-1391\", \"CVE-2010-1392\", \"CVE-2010-1393\", \"CVE-2010-1394\", \"CVE-2010-1395\", \"CVE-2010-1396\", \"CVE-2010-1397\", \"CVE-2010-1398\", \"CVE-2010-1399\", \"CVE-2010-1400\", \"CVE-2010-1401\", \"CVE-2010-1402\", \"CVE-2010-1403\", \"CVE-2010-1404\", \"CVE-2010-1405\", \"CVE-2010-1406\", \"CVE-2010-1407\", \"CVE-2010-1408\", \"CVE-2010-1409\", \"CVE-2010-1410\", \"CVE-2010-1412\", \"CVE-2010-1413\", \"CVE-2010-1414\", \"CVE-2010-1415\", \"CVE-2010-1416\", \"CVE-2010-1417\", \"CVE-2010-1418\", \"CVE-2010-1419\", \"CVE-2010-1421\", \"CVE-2010-1422\", \"CVE-2010-1729\", \"CVE-2010-1749\", \"CVE-2010-1757\", \"CVE-2010-1758\", \"CVE-2010-1759\", \"CVE-2010-1760\", \"CVE-2010-1761\", \"CVE-2010-1762\", \"CVE-2010-1763\", \"CVE-2010-1764\", \"CVE-2010-1766\", \"CVE-2010-1767\", \"CVE-2010-1769\", \"CVE-2010-1770\", \"CVE-2010-1771\", \"CVE-2010-1772\", \"CVE-2010-1773\", \"CVE-2010-1774\", \"CVE-2010-1780\", \"CVE-2010-1781\", \"CVE-2010-1782\", \"CVE-2010-1783\", \"CVE-2010-1784\", \"CVE-2010-1785\", \"CVE-2010-1786\", \"CVE-2010-1787\", \"CVE-2010-1788\", \"CVE-2010-1789\", \"CVE-2010-1790\", \"CVE-2010-1791\", \"CVE-2010-1792\", \"CVE-2010-1793\", \"CVE-2010-1807\", \"CVE-2010-1812\", \"CVE-2010-1813\", \"CVE-2010-1814\", \"CVE-2010-1815\", \"CVE-2010-1822\", \"CVE-2010-1823\", \"CVE-2010-1824\", \"CVE-2010-1825\", \"CVE-2010-2264\", \"CVE-2010-2295\", \"CVE-2010-2297\", \"CVE-2010-2300\", \"CVE-2010-2301\", \"CVE-2010-2302\", \"CVE-2010-2441\", \"CVE-2010-3116\", \"CVE-2010-3257\", \"CVE-2010-3259\", \"CVE-2010-3312\", \"CVE-2010-3803\", \"CVE-2010-3804\", \"CVE-2010-3805\", \"CVE-2010-3808\", \"CVE-2010-3809\", \"CVE-2010-3810\", \"CVE-2010-3811\", \"CVE-2010-3812\", \"CVE-2010-3813\", \"CVE-2010-3816\", \"CVE-2010-3817\", \"CVE-2010-3818\", \"CVE-2010-3819\", \"CVE-2010-3820\", \"CVE-2010-3821\", \"CVE-2010-3822\", \"CVE-2010-3823\", \"CVE-2010-3824\", \"CVE-2010-3826\", \"CVE-2010-3829\", \"CVE-2010-3900\");\n\n script_name(english:\"openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)\");\n script_summary(english:\"Check for the libwebkit-3787 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=601349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwebkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 79, 94, 119, 189, 200, 264, 310, 352, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-1_0-2-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-devel-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libwebkit-lang-1.2.6-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"webkit-jsc-1.2.6-0.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwebkit-1_0-2 / libwebkit-devel / libwebkit-lang / webkit-jsc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T16:44:00", "references": ["https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html", "https://bugzilla.novell.com/show_bug.cgi?id=601349"], "pluginID": "75629", "description": "Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685, CVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689, CVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693, CVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697, CVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701, CVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714, CVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725, CVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419, CVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272, CVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315, CVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029, CVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386, CVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760, CVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764, CVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791, CVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264, CVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301, CVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040", "edition": 6, "reporter": "Tenable", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0049", "CVE-2010-1813", "CVE-2009-1698", "CVE-2010-0052", "CVE-2010-0315", "CVE-2010-1412", "CVE-2010-3808", "CVE-2009-1691", "CVE-2010-3810", "CVE-2010-1397", "CVE-2009-2419", "CVE-2010-1416", "CVE-2010-1396", "CVE-2010-1417", "CVE-2010-3257", "CVE-2010-1823", "CVE-2010-1789", "CVE-2009-2199", "CVE-2010-1757", "CVE-2010-1409", "CVE-2009-1712", "CVE-2010-0046", "CVE-2010-0651", "CVE-2010-1760", "CVE-2010-0054", "CVE-2010-3809", "CVE-2010-1783", "CVE-2010-3900", "CVE-2009-2200", "CVE-2009-2841", "CVE-2010-3812", "CVE-2009-1695", "CVE-2010-2301", "CVE-2010-3816", "CVE-2009-1718", "CVE-2010-2300", "CVE-2009-1685", "CVE-2010-1749", "CVE-2010-1758", "CVE-2010-1787", "CVE-2010-1771", "CVE-2009-2797", "CVE-2010-1410", "CVE-2010-1807", "CVE-2010-3116", "CVE-2010-0048", "CVE-2010-1415", "CVE-2010-1769", "CVE-2010-3312", "CVE-2010-3818", "CVE-2009-1709", "CVE-2010-1419", "CVE-2010-1407", "CVE-2010-2297", "CVE-2010-1780", "CVE-2010-1766", "CVE-2010-1772", "CVE-2010-3817", "CVE-2010-1389", "CVE-2010-1391", "CVE-2009-1700", "CVE-2009-1684", "CVE-2010-3803", "CVE-2010-1763", "CVE-2009-1725", "CVE-2010-1387", "CVE-2010-3829", "CVE-2010-3824", "CVE-2010-1126", "CVE-2010-1759", "CVE-2010-3811", "CVE-2009-1696", "CVE-2010-0650", "CVE-2009-1703", "CVE-2010-1388", "CVE-2010-0659", "CVE-2010-1786", "CVE-2010-1773", "CVE-2009-3934", "CVE-2010-1729", "CVE-2010-1785", "CVE-2010-1029", "CVE-2009-1689", "CVE-2010-3820", "CVE-2010-1774", "CVE-2010-1395", "CVE-2010-1400", "CVE-2009-1688", "CVE-2009-0945", "CVE-2010-2264", "CVE-2009-1713", "CVE-2010-1406", "CVE-2010-1418", "CVE-2010-3826", "CVE-2010-2302", "CVE-2010-1398", "CVE-2010-1790", "CVE-2009-1711", "CVE-2009-1692", "CVE-2009-1681", "CVE-2010-1401", "CVE-2010-1788", "CVE-2010-3822", "CVE-2010-1413", "CVE-2010-1781", "CVE-2009-1690", "CVE-2010-3805", "CVE-2010-1815", "CVE-2010-1408", "CVE-2010-1403", "CVE-2010-1404", "CVE-2010-1761", "CVE-2010-1782", "CVE-2010-1814", "CVE-2010-1792", "CVE-2009-1724", "CVE-2010-1422", "CVE-2010-3819", "CVE-2010-1390", "CVE-2010-1767", "CVE-2010-3259", "CVE-2010-1236", "CVE-2010-2441", "CVE-2009-2816", "CVE-2010-0656", "CVE-2009-2195", "CVE-2010-1812", "CVE-2009-3384", "CVE-2009-1687", "CVE-2010-1393", "CVE-2010-1791", "CVE-2010-1770", "CVE-2010-1392", "CVE-2010-1825", "CVE-2010-0647", "CVE-2009-3933", "CVE-2010-1822", "CVE-2009-1699", "CVE-2010-1784", "CVE-2010-1824", "CVE-2010-1233", "CVE-2009-1701", "CVE-2010-0053", "CVE-2009-1715", "CVE-2010-3804", "CVE-2010-0047", "CVE-2009-1714", "CVE-2010-0051", "CVE-2010-1402", "CVE-2010-1762", "CVE-2009-1694", "CVE-2010-0050", "CVE-2009-1702", "CVE-2010-1386", "CVE-2010-3821", "CVE-2009-1710", "CVE-2009-3272", "CVE-2010-3813", "CVE-2009-1686", "CVE-2010-1764", "CVE-2010-1405", "CVE-2010-1414", "CVE-2010-3823", "CVE-2009-1693", "CVE-2010-1421", "CVE-2010-2295", "CVE-2010-1394", "CVE-2010-1399", "CVE-2010-0661", "CVE-2010-1793", "CVE-2009-1697"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwebkit-lang", "p-cpe:/a:novell:opensuse:libwebkit-devel", "p-cpe:/a:novell:opensuse:libwebkit-1_0-2", "cpe:/o:novell:opensuse:11.3", "p-cpe:/a:novell:opensuse:webkit-jsc", "p-cpe:/a:novell:opensuse:libwebkit-1_0-2-32bit"], "id": "SUSE_11_3_LIBWEBKIT-110104.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75629", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libwebkit-3787.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75629);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:59\");\n\n script_cve_id(\"CVE-2009-0945\", \"CVE-2009-1681\", \"CVE-2009-1684\", \"CVE-2009-1685\", \"CVE-2009-1686\", \"CVE-2009-1687\", \"CVE-2009-1688\", \"CVE-2009-1689\", \"CVE-2009-1690\", \"CVE-2009-1691\", \"CVE-2009-1692\", \"CVE-2009-1693\", \"CVE-2009-1694\", \"CVE-2009-1695\", \"CVE-2009-1696\", \"CVE-2009-1697\", \"CVE-2009-1698\", \"CVE-2009-1699\", \"CVE-2009-1700\", \"CVE-2009-1701\", \"CVE-2009-1702\", \"CVE-2009-1703\", \"CVE-2009-1709\", \"CVE-2009-1710\", \"CVE-2009-1711\", \"CVE-2009-1712\", \"CVE-2009-1713\", \"CVE-2009-1714\", \"CVE-2009-1715\", \"CVE-2009-1718\", \"CVE-2009-1724\", \"CVE-2009-1725\", \"CVE-2009-2195\", \"CVE-2009-2199\", \"CVE-2009-2200\", \"CVE-2009-2419\", \"CVE-2009-2797\", \"CVE-2009-2816\", \"CVE-2009-2841\", \"CVE-2009-3272\", \"CVE-2009-3384\", \"CVE-2009-3933\", \"CVE-2009-3934\", \"CVE-2010-0046\", \"CVE-2010-0047\", \"CVE-2010-0048\", \"CVE-2010-0049\", \"CVE-2010-0050\", \"CVE-2010-0051\", \"CVE-2010-0052\", \"CVE-2010-0053\", \"CVE-2010-0054\", \"CVE-2010-0315\", \"CVE-2010-0647\", \"CVE-2010-0650\", \"CVE-2010-0651\", \"CVE-2010-0656\", \"CVE-2010-0659\", \"CVE-2010-0661\", \"CVE-2010-1029\", \"CVE-2010-1126\", \"CVE-2010-1233\", \"CVE-2010-1236\", \"CVE-2010-1386\", \"CVE-2010-1387\", \"CVE-2010-1388\", \"CVE-2010-1389\", \"CVE-2010-1390\", \"CVE-2010-1391\", \"CVE-2010-1392\", \"CVE-2010-1393\", \"CVE-2010-1394\", \"CVE-2010-1395\", \"CVE-2010-1396\", \"CVE-2010-1397\", \"CVE-2010-1398\", \"CVE-2010-1399\", \"CVE-2010-1400\", \"CVE-2010-1401\", \"CVE-2010-1402\", \"CVE-2010-1403\", \"CVE-2010-1404\", \"CVE-2010-1405\", \"CVE-2010-1406\", \"CVE-2010-1407\", \"CVE-2010-1408\", \"CVE-2010-1409\", \"CVE-2010-1410\", \"CVE-2010-1412\", \"CVE-2010-1413\", \"CVE-2010-1414\", \"CVE-2010-1415\", \"CVE-2010-1416\", \"CVE-2010-1417\", \"CVE-2010-1418\", \"CVE-2010-1419\", \"CVE-2010-1421\", \"CVE-2010-1422\", \"CVE-2010-1729\", \"CVE-2010-1749\", \"CVE-2010-1757\", \"CVE-2010-1758\", \"CVE-2010-1759\", \"CVE-2010-1760\", \"CVE-2010-1761\", \"CVE-2010-1762\", \"CVE-2010-1763\", \"CVE-2010-1764\", \"CVE-2010-1766\", \"CVE-2010-1767\", \"CVE-2010-1769\", \"CVE-2010-1770\", \"CVE-2010-1771\", \"CVE-2010-1772\", \"CVE-2010-1773\", \"CVE-2010-1774\", \"CVE-2010-1780\", \"CVE-2010-1781\", \"CVE-2010-1782\", \"CVE-2010-1783\", \"CVE-2010-1784\", \"CVE-2010-1785\", \"CVE-2010-1786\", \"CVE-2010-1787\", \"CVE-2010-1788\", \"CVE-2010-1789\", \"CVE-2010-1790\", \"CVE-2010-1791\", \"CVE-2010-1792\", \"CVE-2010-1793\", \"CVE-2010-1807\", \"CVE-2010-1812\", \"CVE-2010-1813\", \"CVE-2010-1814\", \"CVE-2010-1815\", \"CVE-2010-1822\", \"CVE-2010-1823\", \"CVE-2010-1824\", \"CVE-2010-1825\", \"CVE-2010-2264\", \"CVE-2010-2295\", \"CVE-2010-2297\", \"CVE-2010-2300\", \"CVE-2010-2301\", \"CVE-2010-2302\", \"CVE-2010-2441\", \"CVE-2010-3116\", \"CVE-2010-3257\", \"CVE-2010-3259\", \"CVE-2010-3312\", \"CVE-2010-3803\", \"CVE-2010-3804\", \"CVE-2010-3805\", \"CVE-2010-3808\", \"CVE-2010-3809\", \"CVE-2010-3810\", \"CVE-2010-3811\", \"CVE-2010-3812\", \"CVE-2010-3813\", \"CVE-2010-3816\", \"CVE-2010-3817\", \"CVE-2010-3818\", \"CVE-2010-3819\", \"CVE-2010-3820\", \"CVE-2010-3821\", \"CVE-2010-3822\", \"CVE-2010-3823\", \"CVE-2010-3824\", \"CVE-2010-3826\", \"CVE-2010-3829\", \"CVE-2010-3900\");\n\n script_name(english:\"openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)\");\n script_summary(english:\"Check for the libwebkit-3787 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various bugs in webkit have been fixed. The CVE id's are :\n\nCVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685,\nCVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689,\nCVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693,\nCVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697,\nCVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701,\nCVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710,\nCVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714,\nCVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725,\nCVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419,\nCVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272,\nCVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046,\nCVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050,\nCVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315,\nCVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651,\nCVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029,\nCVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386,\nCVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390,\nCVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394,\nCVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398,\nCVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402,\nCVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406,\nCVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,\nCVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415,\nCVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,\nCVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749,\nCVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760,\nCVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764,\nCVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770,\nCVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774,\nCVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783,\nCVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787,\nCVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791,\nCVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812,\nCVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822,\nCVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264,\nCVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301,\nCVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257,\nCVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804,\nCVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810,\nCVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816,\nCVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820,\nCVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824,\nCVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=601349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libwebkit packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 79, 94, 119, 189, 200, 264, 310, 352, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-1_0-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-1_0-2-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-devel-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libwebkit-lang-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"webkit-jsc-1.2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libwebkit-1_0-2-32bit-1.2.6-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwebkit-1_0-2 / libwebkit-1_0-2-32bit / libwebkit-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-12-05T13:46:37", "references": ["http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", "http://code.google.com/p/chromium/issues/detail?id=37061", "http://www.google.com/chrome"], "pluginID": "1361412562310801312", "description": "This host is installed with Google Chrome Web Browser and is prone to\n multiple vulnerabilities.", "edition": 6, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-04-13T00:00:00", "title": "Google Chrome Multiple Vulnerabilities (win)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1237", "CVE-2010-1228", "CVE-2010-1232", "CVE-2010-1229", "CVE-2010-1231", "CVE-2010-1235", "CVE-2010-1234", "CVE-2010-1236", "CVE-2010-1233", "CVE-2010-1230"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310801312", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801312", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln_apr10.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities (win)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801312\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-13 16:55:19 +0200 (Tue, 13 Apr 2010)\");\n script_cve_id(\"CVE-2010-1228\", \"CVE-2010-1229\", \"CVE-2010-1230\", \"CVE-2010-1231\",\n \"CVE-2010-1232\", \"CVE-2010-1233\", \"CVE-2010-1234\", \"CVE-2010-1235\",\n \"CVE-2010-1236\", \"CVE-2010-1237\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Google Chrome Multiple Vulnerabilities (win)\");\n script_xref(name:\"URL\", value:\"http://code.google.com/p/chromium/issues/detail?id=37061\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker execute arbitrary code, bypass\n security restrictions, sensitive information disclosure, and can cause other\n attacks.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 4.1.249.1036 on Windows.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - An error in handling 'SVG' document.\n\n - Multiple race conditions in the 'sandbox' infrastructure.\n\n - An error in 'sandbox' infrastructure which does not properly use pointers.\n\n - An error in proceesing of 'HTTP' headers, processes HTTP headers before\n invoking the SafeBrowsing feature.\n\n - not having the expected behavior for attempts to delete Web SQL\n Databases and clear the 'Strict Transport Security (STS)' state.\n\n - An error in processing of 'HTTP Basic Authentication dialog'.\n\n - Multiple integer overflows errors when processing 'WebKit JavaScript'\n objects.\n\n - not properly restricting cross-origin operations, which has unspecified\n impact and remote attack vectors.\");\n script_tag(name:\"solution\", value:\"Upgrade to the version 4.1.249.1036 or later.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome Web Browser and is prone to\n multiple vulnerabilities.\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\ngcVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!gcVer){\n exit(0);\n}\n\nif(version_is_less(version:gcVer, test_version:\"4.1.249.1036\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2017-09-19T13:36:54", "references": ["http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", "http://code.google.com/p/chromium/issues/detail?id=33572"], "description": "Google Chrome before 4.1.249.1036 processes HTTP headers before invoking the SafeBrowsing feature, which allows remote attackers to have an unspecified impact via crafted headers.", "edition": 2, "reporter": "NVD", "published": "2010-04-01T18:30:00", "title": "CVE-2010-1231", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:54", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14332", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14332"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1231"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14332", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14332"}], "modified": "2017-09-18T21:30:37", "cpe": ["cpe:/a:google:chrome:2.0.172.27", "cpe:/a:google:chrome:4.0.244.0", "cpe:/a:google:chrome:4.1.249.1025", "cpe:/a:google:chrome:1.0.154.43", "cpe:/a:google:chrome:4.0.249.78:beta", "cpe:/a:google:chrome:1.0.154.59", "cpe:/a:google:chrome:4.1.249.0", "cpe:/a:google:chrome:4.1.249.1031", "cpe:/a:google:chrome:4.1.249.1033", "cpe:/a:google:chrome:3.0.190.2", "cpe:/a:google:chrome:4.1.249.1011", "cpe:/a:google:chrome:4.1.249.1028", "cpe:/a:google:chrome:1.0.154.42", "cpe:/a:google:chrome:3.0.182.2", "cpe:/a:google:chrome:4.1.249.1032", "cpe:/a:google:chrome:4.1.249.1020", "cpe:/a:google:chrome:0.3.154.3", "cpe:/a:google:chrome:4.1.249.1027", "cpe:/a:google:chrome:2.0.169.0", "cpe:/a:google:chrome:0.4.154.18", "cpe:/a:google:chrome:0.2.149.30", "cpe:/a:google:chrome:2.0.172", "cpe:/a:google:chrome:4.1.249.1034", "cpe:/a:google:chrome:2.0.157.0", "cpe:/a:google:chrome:2.0.157.2", "cpe:/a:google:chrome:2.0.172.30", "cpe:/a:google:chrome:2.0.169.1", "cpe:/a:google:chrome:4.1.249.1009", "cpe:/a:google:chrome:0.4.154.22", "cpe:/a:google:chrome:0.2.153.1", "cpe:/a:google:chrome:3.0.195.21", "cpe:/a:google:chrome:4.1.249.1023", "cpe:/a:google:chrome:4.1.249.1029", "cpe:/a:google:chrome:4.1.249.1004", "cpe:/a:google:chrome:4.0.249.89", "cpe:/a:google:chrome:1.0.154.48", "cpe:/a:google:chrome:2.0.170.0", "cpe:/a:google:chrome:3.0.195.24", "cpe:/a:google:chrome:4.1.249.1022", "cpe:/a:google:chrome:4.1.249.1019", "cpe:/a:google:chrome:2.0.172.2", "cpe:/a:google:chrome:1.0.154.65", "cpe:/a:google:chrome:2.0.159.0", "cpe:/a:google:chrome:1.0.154.36", "cpe:/a:google:chrome:0.3.154.0", "cpe:/a:google:chrome:2.0.172.38", "cpe:/a:google:chrome:4.0.249.78", "cpe:/a:google:chrome:1.0.154.46", "cpe:/a:google:chrome:0.2.152.1", "cpe:/a:google:chrome:4.1.249.1035", "cpe:/a:google:chrome:2.0.172.8", "cpe:/a:google:chrome:1.0.154.39", "cpe:/a:google:chrome:1.0.154.53", "cpe:/a:google:chrome:4.1.249.1015", "cpe:/a:google:chrome:4.1.249.1013", "cpe:/a:google:chrome:4.1.249.1010", "cpe:/a:google:chrome:2.0.156.1", "cpe:/a:google:chrome:4.1.249.1024", "cpe:/a:google:chrome:3.0.195.33", "cpe:/a:google:chrome:0.2.149.27", "cpe:/a:google:chrome:4.1.249.1012", "cpe:/a:google:chrome:4.1.249.1030", "cpe:/a:google:chrome:4.1.249.1021", "cpe:/a:google:chrome:2.0.172.37", "cpe:/a:google:chrome:4.1.249.1018", "cpe:/a:google:chrome:1.0.154.52", "cpe:/a:google:chrome:4.1.249.1008", "cpe:/a:google:chrome:0.2.149.29", "cpe:/a:google:chrome:2.0.172.33", "cpe:/a:google:chrome:2.0.172.28", "cpe:/a:google:chrome:0.4.154.33", "cpe:/a:google:chrome:2.0.172.31", "cpe:/a:google:chrome:3.0.195.32", "cpe:/a:google:chrome:4.1.249.1006", "cpe:/a:google:chrome:4.1.249.1016", "cpe:/a:google:chrome:2.0.158.0", "cpe:/a:google:chrome:4.1.249.1007", "cpe:/a:google:chrome:0.4.154.31", "cpe:/a:google:chrome:4.1.249.1001", "cpe:/a:google:chrome:4.1.249.1014", "cpe:/a:google:chrome:4.1.249.1017", "cpe:/a:google:chrome:3.0.193.2:beta", "cpe:/a:google:chrome:4.1.249.1026", "cpe:/a:google:chrome:4.1:beta", "cpe:/a:google:chrome:4.0.249.0"], "id": "CVE-2010-1231", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1231", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:36:54", "references": ["http://code.google.com/p/chromium/issues/detail?id=31880", "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", "http://code.google.com/p/chromium/issues/detail?id=28804"], "description": "The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not properly use pointers, which has unspecified impact and attack vectors.", "edition": 2, "reporter": "NVD", "published": "2010-04-01T18:30:00", "title": "CVE-2010-1229", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:54", "vector": "NONE", "value": 10.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14220", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14220"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1229"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14220", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14220"}], "modified": "2017-09-18T21:30:37", "cpe": ["cpe:/a:google:chrome:2.0.172.27", "cpe:/a:google:chrome:4.0.244.0", "cpe:/a:google:chrome:4.1.249.1025", "cpe:/a:google:chrome:1.0.154.43", "cpe:/a:google:chrome:4.0.249.78:beta", "cpe:/a:google:chrome:1.0.154.59", "cpe:/a:google:chrome:4.1.249.0", "cpe:/a:google:chrome:4.1.249.1031", "cpe:/a:google:chrome:4.1.249.1033", "cpe:/a:google:chrome:3.0.190.2", "cpe:/a:google:chrome:4.1.249.1011", "cpe:/a:google:chrome:4.1.249.1028", "cpe:/a:google:chrome:1.0.154.42", "cpe:/a:google:chrome:3.0.182.2", "cpe:/a:google:chrome:4.1.249.1032", "cpe:/a:google:chrome:4.1.249.1020", "cpe:/a:google:chrome:0.3.154.3", "cpe:/a:google:chrome:4.1.249.1027", "cpe:/a:google:chrome:2.0.169.0", "cpe:/a:google:chrome:0.4.154.18", "cpe:/a:google:chrome:0.2.149.30", "cpe:/a:google:chrome:2.0.172", "cpe:/a:google:chrome:4.1.249.1034", "cpe:/a:google:chrome:2.0.157.0", "cpe:/a:google:chrome:2.0.157.2", "cpe:/a:google:chrome:2.0.172.30", "cpe:/a:google:chrome:2.0.169.1", "cpe:/a:google:chrome:4.1.249.1009", "cpe:/a:google:chrome:0.4.154.22", "cpe:/a:google:chrome:0.2.153.1", "cpe:/a:google:chrome:3.0.195.21", "cpe:/a:google:chrome:4.1.249.1023", "cpe:/a:google:chrome:4.1.249.1029", "cpe:/a:google:chrome:4.1.249.1004", "cpe:/a:google:chrome:4.1.249.1036", "cpe:/a:google:chrome:4.0.249.89", "cpe:/a:google:chrome:1.0.154.48", "cpe:/a:google:chrome:4.1.249.1045", "cpe:/a:google:chrome:2.0.170.0", "cpe:/a:google:chrome:3.0.195.24", "cpe:/a:google:chrome:4.1.249.1022", "cpe:/a:google:chrome:4.1.249.1019", "cpe:/a:google:chrome:2.0.172.2", "cpe:/a:google:chrome:1.0.154.65", "cpe:/a:google:chrome:2.0.159.0", "cpe:/a:google:chrome:1.0.154.36", "cpe:/a:google:chrome:0.3.154.0", "cpe:/a:google:chrome:2.0.172.38", "cpe:/a:google:chrome:4.0.249.78", "cpe:/a:google:chrome:1.0.154.46", "cpe:/a:google:chrome:0.2.152.1", "cpe:/a:google:chrome:4.1.249.1035", "cpe:/a:google:chrome:2.0.172.8", "cpe:/a:google:chrome:1.0.154.39", "cpe:/a:google:chrome:1.0.154.53", "cpe:/a:google:chrome:4.1.249.1015", "cpe:/a:google:chrome:4.1.249.1013", "cpe:/a:google:chrome:4.1.249.1010", "cpe:/a:google:chrome:2.0.156.1", "cpe:/a:google:chrome:4.1.249.1024", "cpe:/a:google:chrome:3.0.195.33", "cpe:/a:google:chrome:0.2.149.27", "cpe:/a:google:chrome:4.1.249.1012", "cpe:/a:google:chrome:4.1.249.1030", "cpe:/a:google:chrome:4.1.249.1021", "cpe:/a:google:chrome:2.0.172.37", "cpe:/a:google:chrome:4.1.249.1018", "cpe:/a:google:chrome:1.0.154.52", "cpe:/a:google:chrome:4.1.249.1008", "cpe:/a:google:chrome:0.2.149.29", "cpe:/a:google:chrome:2.0.172.33", "cpe:/a:google:chrome:2.0.172.28", "cpe:/a:google:chrome:0.4.154.33", "cpe:/a:google:chrome:2.0.172.31", "cpe:/a:google:chrome:3.0.195.32", "cpe:/a:google:chrome:4.1.249.1006", "cpe:/a:google:chrome:4.1.249.1016", "cpe:/a:google:chrome:2.0.158.0", "cpe:/a:google:chrome:4.1.249.1007", "cpe:/a:google:chrome:0.4.154.31", "cpe:/a:google:chrome:4.1.249.1001", "cpe:/a:google:chrome:4.1.249.1014", "cpe:/a:google:chrome:4.1.249.1017", "cpe:/a:google:chrome:3.0.193.2:beta", "cpe:/a:google:chrome:4.1.249.1026", "cpe:/a:google:chrome:4.1:beta", "cpe:/a:google:chrome:4.0.249.0"], "id": "CVE-2010-1229", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1229", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:36:54", "references": ["http://code.google.com/p/chromium/issues/detail?id=31880", "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", "http://code.google.com/p/chromium/issues/detail?id=28804"], "description": "Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and attack vectors.", "edition": 2, "reporter": "NVD", "published": "2010-04-01T18:30:00", "title": "CVE-2010-1228", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:54", "vector": "NONE", "value": 10.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:13829", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13829"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1228"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:13829", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:13829"}], "modified": "2017-09-18T21:30:37", "cpe": ["cpe:/a:google:chrome:2.0.172.27", "cpe:/a:google:chrome:4.0.244.0", "cpe:/a:google:chrome:4.1.249.1025", "cpe:/a:google:chrome:1.0.154.43", "cpe:/a:google:chrome:4.0.249.78:beta", "cpe:/a:google:chrome:1.0.154.59", "cpe:/a:google:chrome:4.1.249.0", "cpe:/a:google:chrome:4.1.249.1031", "cpe:/a:google:chrome:4.1.249.1033", "cpe:/a:google:chrome:3.0.190.2", "cpe:/a:google:chrome:4.1.249.1011", "cpe:/a:google:chrome:4.1.249.1028", "cpe:/a:google:chrome:1.0.154.42", "cpe:/a:google:chrome:3.0.182.2", "cpe:/a:google:chrome:4.1.249.1032", "cpe:/a:google:chrome:4.1.249.1020", "cpe:/a:google:chrome:0.3.154.3", "cpe:/a:google:chrome:4.1.249.1027", "cpe:/a:google:chrome:2.0.169.0", "cpe:/a:google:chrome:0.4.154.18", "cpe:/a:google:chrome:0.2.149.30", "cpe:/a:google:chrome:2.0.172", "cpe:/a:google:chrome:4.1.249.1034", "cpe:/a:google:chrome:2.0.157.0", "cpe:/a:google:chrome:2.0.157.2", "cpe:/a:google:chrome:2.0.172.30", "cpe:/a:google:chrome:2.0.169.1", "cpe:/a:google:chrome:4.1.249.1009", "cpe:/a:google:chrome:0.4.154.22", "cpe:/a:google:chrome:0.2.153.1", "cpe:/a:google:chrome:3.0.195.21", "cpe:/a:google:chrome:4.1.249.1023", "cpe:/a:google:chrome:4.1.249.1029", "cpe:/a:google:chrome:4.1.249.1004", "cpe:/a:google:chrome:4.0.249.89", "cpe:/a:google:chrome:1.0.154.48", "cpe:/a:google:chrome:2.0.170.0", "cpe:/a:google:chrome:3.0.195.24", "cpe:/a:google:chrome:4.1.249.1022", "cpe:/a:google:chrome:4.1.249.1019", "cpe:/a:google:chrome:2.0.172.2", "cpe:/a:google:chrome:1.0.154.65", "cpe:/a:google:chrome:2.0.159.0", "cpe:/a:google:chrome:1.0.154.36", "cpe:/a:google:chrome:0.3.154.0", "cpe:/a:google:chrome:2.0.172.38", "cpe:/a:google:chrome:4.0.249.78", "cpe:/a:google:chrome:1.0.154.46", "cpe:/a:google:chrome:0.2.152.1", "cpe:/a:google:chrome:4.1.249.1035", "cpe:/a:google:chrome:2.0.172.8", "cpe:/a:google:chrome:1.0.154.39", "cpe:/a:google:chrome:1.0.154.53", "cpe:/a:google:chrome:4.1.249.1015", "cpe:/a:google:chrome:4.1.249.1013", "cpe:/a:google:chrome:4.1.249.1010", "cpe:/a:google:chrome:2.0.156.1", "cpe:/a:google:chrome:4.1.249.1024", "cpe:/a:google:chrome:3.0.195.33", "cpe:/a:google:chrome:0.2.149.27", "cpe:/a:google:chrome:4.1.249.1012", "cpe:/a:google:chrome:4.1.249.1030", "cpe:/a:google:chrome:4.1.249.1021", "cpe:/a:google:chrome:2.0.172.37", "cpe:/a:google:chrome:4.1.249.1018", "cpe:/a:google:chrome:1.0.154.52", "cpe:/a:google:chrome:4.1.249.1008", "cpe:/a:google:chrome:0.2.149.29", "cpe:/a:google:chrome:2.0.172.33", "cpe:/a:google:chrome:2.0.172.28", "cpe:/a:google:chrome:0.4.154.33", "cpe:/a:google:chrome:2.0.172.31", "cpe:/a:google:chrome:3.0.195.32", "cpe:/a:google:chrome:4.1.249.1006", "cpe:/a:google:chrome:4.1.249.1016", "cpe:/a:google:chrome:2.0.158.0", "cpe:/a:google:chrome:4.1.249.1007", "cpe:/a:google:chrome:0.4.154.31", "cpe:/a:google:chrome:4.1.249.1001", "cpe:/a:google:chrome:4.1.249.1014", "cpe:/a:google:chrome:4.1.249.1017", "cpe:/a:google:chrome:3.0.193.2:beta", "cpe:/a:google:chrome:4.1.249.1026", "cpe:/a:google:chrome:4.1:beta", "cpe:/a:google:chrome:4.0.249.0"], "id": "CVE-2010-1228", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1228", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:36:55", "references": ["http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", "http://code.google.com/p/chromium/issues/detail?id=37061"], "description": "Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element.", "edition": 2, "reporter": "NVD", "published": "2010-04-01T18:30:00", "title": "CVE-2010-1237", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:55", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14374", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14374"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1237"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14374", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14374"}], "modified": "2017-09-18T21:30:38", "cpe": ["cpe:/a:google:chrome:4.1.249.1025", "cpe:/a:google:chrome:4.1.249.0", "cpe:/a:google:chrome:4.1.249.1031", "cpe:/a:google:chrome:4.1.249.1033", "cpe:/a:google:chrome:4.1.249.1011", "cpe:/a:google:chrome:4.1.249.1028", "cpe:/a:google:chrome:4.1.249.1032", "cpe:/a:google:chrome:4.1.249.1020", "cpe:/a:google:chrome:4.1.249.1027", "cpe:/a:google:chrome:4.1.249.1034", "cpe:/a:google:chrome:4.1.249.1009", "cpe:/a:google:chrome:4.1.249.1023", "cpe:/a:google:chrome:4.1.249.1029", "cpe:/a:google:chrome:4.1.249.1004", "cpe:/a:google:chrome:4.1.249.1022", "cpe:/a:google:chrome:4.1.249.1019", "cpe:/a:google:chrome:4.1.249.1035", "cpe:/a:google:chrome:4.1.249.1015", "cpe:/a:google:chrome:4.1.249.1013", "cpe:/a:google:chrome:4.1.249.1010", "cpe:/a:google:chrome:4.1.249.1024", "cpe:/a:google:chrome:4.1.249.1012", "cpe:/a:google:chrome:4.1.249.1030", "cpe:/a:google:chrome:4.1.249.1021", "cpe:/a:google:chrome:4.1.249.1018", "cpe:/a:google:chrome:4.1.249.1008", "cpe:/a:google:chrome:4.1.249.1006", "cpe:/a:google:chrome:4.1.249.1016", "cpe:/a:google:chrome:4.1.249.1007", "cpe:/a:google:chrome:4.1.249.1001", "cpe:/a:google:chrome:4.1.249.1014", "cpe:/a:google:chrome:4.1.249.1017", "cpe:/a:google:chrome:4.1.249.1026"], "id": "CVE-2010-1237", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1237", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-30T12:24:55", "references": ["http://code.google.com/p/chromium/issues/detail?id=30801", "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", "http://code.google.com/p/chromium/issues/detail?id=33445"], "description": "Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security (STS) state, which has unspecified impact and attack vectors.", "edition": 4, "reporter": "NVD", "published": "2010-04-01T18:30:00", "title": "CVE-2010-1230", "type": "cve", "enchantments": {"score": {"modified": "2018-11-30T12:24:55", "vector": "NONE", "value": 10.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14292", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14292"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1230"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14292", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14292"}], "modified": "2018-11-16T11:28:48", "cpe": ["cpe:/a:google:chrome:4.0.249.8", "cpe:/a:google:chrome:4.0.248.0", "cpe:/a:google:chrome:2.0.172.27", "cpe:/a:google:chrome:4.0.249.7", "cpe:/a:google:chrome:4.0.244.0", "cpe:/a:google:chrome:4.1.249.1025", "cpe:/a:google:chrome:4.0.258.0", "cpe:/a:google:chrome:1.0.154.43", "cpe:/a:google:chrome:4.0.247.0", "cpe:/a:google:chrome:4.0.249.39", "cpe:/a:google:chrome:4.0.223.7", "cpe:/a:google:chrome:4.0.254.0", "cpe:/a:google:chrome:4.0.249.38", "cpe:/a:google:chrome:4.0.249.78:beta", "cpe:/a:google:chrome:4.0.275.1", "cpe:/a:google:chrome:4.0.222.5", "cpe:/a:google:chrome:1.0.154.59", "cpe:/a:google:chrome:4.1.249.0", "cpe:/a:google:chrome:4.0.278.0", "cpe:/a:google:chrome:4.1.249.1031", "cpe:/a:google:chrome:4.1.249.1033", "cpe:/a:google:chrome:4.0.223.8", "cpe:/a:google:chrome:3.0.195.2", "cpe:/a:google:chrome:4.0.249.55", "cpe:/a:google:chrome:3.0.190.2", "cpe:/a:google:chrome:4.1.249.1011", "cpe:/a:google:chrome:4.1.249.1028", "cpe:/a:google:chrome:3.0.195.38", "cpe:/a:google:chrome:1.0.154.42", "cpe:/a:google:chrome:4.0.249.75", "cpe:/a:google:chrome:3.0.182.2", "cpe:/a:google:chrome:4.1.249.1032", "cpe:/a:google:chrome:0.1.38.1", "cpe:/a:google:chrome:4.0.265.0", "cpe:/a:google:chrome:4.0.259.0", "cpe:/a:google:chrome:4.0.257.0", "cpe:/a:google:chrome:4.0.249.29", "cpe:/a:google:chrome:4.0.302.0", "cpe:/a:google:chrome:4.1.249.1020", "cpe:/a:google:chrome:0.3.154.3", "cpe:/a:google:chrome:4.0.249.77", "cpe:/a:google:chrome:4.1.249.1027", "cpe:/a:google:chrome:2.0.169.0", "cpe:/a:google:chrome:4.0.249.17", "cpe:/a:google:chrome:0.4.154.18", "cpe:/a:google:chrome:0.2.149.30", "cpe:/a:google:chrome:2.0.172", "cpe:/a:google:chrome:4.1.249.1034", "cpe:/a:google:chrome:4.0.249.51", "cpe:/a:google:chrome:4.0.222.12", "cpe:/a:google:chrome:2.0.157.0", "cpe:/a:google:chrome:3.0.195.27", "cpe:/a:google:chrome:4.0.249.76", "cpe:/a:google:chrome:4.0.255.0", "cpe:/a:google:chrome:2.0.157.2", "cpe:/a:google:chrome:2.0.172.30", "cpe:/a:google:chrome:2.0.169.1", "cpe:/a:google:chrome:4.0.249.57", "cpe:/a:google:chrome:4.1.249.1009", "cpe:/a:google:chrome:0.4.154.22", "cpe:/a:google:chrome:4.0.276.0", "cpe:/a:google:chrome:4.0.301.0", "cpe:/a:google:chrome:4.0.237.1", "cpe:/a:google:chrome:4.0.222.1", "cpe:/a:google:chrome:4.0.249.53", "cpe:/a:google:chrome:3.0.195.25", "cpe:/a:google:chrome:4.0.249.54", "cpe:/a:google:chrome:4.0.249.36", "cpe:/a:google:chrome:0.2.153.1", "cpe:/a:google:chrome:4.0.249.2", "cpe:/a:google:chrome:4.0.249.58", "cpe:/a:google:chrome:4.0.241.0", "cpe:/a:google:chrome:3.0.195.21", "cpe:/a:google:chrome:4.1.249.1023", "cpe:/a:google:chrome:4.1.249.1029", "cpe:/a:google:chrome:0.1.42.3", "cpe:/a:google:chrome:4.0.223.9", "cpe:/a:google:chrome:4.0.249.20", "cpe:/a:google:chrome:4.0.249.11", "cpe:/a:google:chrome:4.0.286.0", "cpe:/a:google:chrome:4.0.249.40", "cpe:/a:google:chrome:4.0.212.0", "cpe:/a:google:chrome:4.0.264.0", "cpe:/a:google:chrome:4.0.249.21", "cpe:/a:google:chrome:4.1.249.1004", "cpe:/a:google:chrome:1.0.154.64", "cpe:/a:google:chrome:4.0.303.0", "cpe:/a:google:chrome:4.0.249.89", "cpe:/a:google:chrome:4.0.250.2", "cpe:/a:google:chrome:4.0.221.8", "cpe:/a:google:chrome:0.1.38.4", "cpe:/a:google:chrome:4.0.266.0", "cpe:/a:google:chrome:4.0.287.0", "cpe:/a:google:chrome:1.0.154.48", "cpe:/a:google:chrome:2.0.170.0", "cpe:/a:google:chrome:4.0.302.3", "cpe:/a:google:chrome:4.0.249.73", "cpe:/a:google:chrome:4.0.249.23", "cpe:/a:google:chrome:4.0.256.0", "cpe:/a:google:chrome:4.0.249.22", "cpe:/a:google:chrome:4.0.240.0", "cpe:/a:google:chrome:4.0.249.42", "cpe:/a:google:chrome:4.0.262.0", "cpe:/a:google:chrome:3.0.195.24", "cpe:/a:google:chrome:4.0.249.31", "cpe:/a:google:chrome:4.0.275.0", "cpe:/a:google:chrome:4.1.249.1022", "cpe:/a:google:chrome:4.0.249.56", "cpe:/a:google:chrome:4.0.295.0", "cpe:/a:google:chrome:4.1.249.1019", "cpe:/a:google:chrome:4.0.249.4", "cpe:/a:google:chrome:2.0.172.2", "cpe:/a:google:chrome:4.0.249.72", "cpe:/a:google:chrome:4.0.249.47", "cpe:/a:google:chrome:4.0.290.0", "cpe:/a:google:chrome:4.0.277.0", "cpe:/a:google:chrome:4.0.245.1", "cpe:/a:google:chrome:4.0.249.74", "cpe:/a:google:chrome:4.0.289.0", "cpe:/a:google:chrome:1.0.154.65", "cpe:/a:google:chrome:2.0.159.0", "cpe:/a:google:chrome:1.0.154.36", "cpe:/a:google:chrome:0.3.154.0", "cpe:/a:google:chrome:4.0.243.0", "cpe:/a:google:chrome:4.0.272.0", "cpe:/a:google:chrome:2.0.172.38", "cpe:/a:google:chrome:4.0.249.32", "cpe:/a:google:chrome:4.0.249.63", "cpe:/a:google:chrome:0.1.42.2", "cpe:/a:google:chrome:4.0.249.14", "cpe:/a:google:chrome:4.0.250.0", "cpe:/a:google:chrome:4.0.249.1", "cpe:/a:google:chrome:4.0.292.0", "cpe:/a:google:chrome:4.0.249.65", "cpe:/a:google:chrome:4.0.249.67", "cpe:/a:google:chrome:4.0.263.0", "cpe:/a:google:chrome:4.0.249.78", "cpe:/a:google:chrome:1.0.154.46", "cpe:/a:google:chrome:4.0.305.0", "cpe:/a:google:chrome:4.0.249.10", "cpe:/a:google:chrome:0.2.152.1", "cpe:/a:google:chrome:3.0.195.36", "cpe:/a:google:chrome:4.1.249.1035", "cpe:/a:google:chrome:4.0.302.1", "cpe:/a:google:chrome:2.0.172.8", "cpe:/a:google:chrome:4.0.249.69", "cpe:/a:google:chrome:4.0.235.0", "cpe:/a:google:chrome:1.0.154.39", "cpe:/a:google:chrome:1.0.154.53", "cpe:/a:google:chrome:4.0.212.1", "cpe:/a:google:chrome:4.0.237.0", "cpe:/a:google:chrome:4.0.249.41", "cpe:/a:google:chrome:4.0.249.25", "cpe:/a:google:chrome:4.0.249.24", "cpe:/a:google:chrome:4.0.249.79", "cpe:/a:google:chrome:4.1.249.1015", "cpe:/a:google:chrome:4.1.249.1013", "cpe:/a:google:chrome:4.0.249.18", "cpe:/a:google:chrome:4.0.249.45", "cpe:/a:google:chrome:4.0.223.0", "cpe:/a:google:chrome:4.1.249.1010", "cpe:/a:google:chrome:2.0.156.1", "cpe:/a:google:chrome:4.0.249.48", "cpe:/a:google:chrome:4.1.249.1024", "cpe:/a:google:chrome:4.0.271.0", "cpe:/a:google:chrome:4.0.302.2", "cpe:/a:google:chrome:4.0.249.30", "cpe:/a:google:chrome:3.0.195.33", "cpe:/a:google:chrome:4.0.288.0", "cpe:/a:google:chrome:0.2.149.27", "cpe:/a:google:chrome:4.1.249.1012", "cpe:/a:google:chrome:4.0.249.43", "cpe:/a:google:chrome:4.0.223.2", "cpe:/a:google:chrome:4.0.223.5", "cpe:/a:google:chrome:4.0.249.68", "cpe:/a:google:chrome:4.0.249.19", "cpe:/a:google:chrome:4.1.249.1030", "cpe:/a:google:chrome:4.1.249.1021", "cpe:/a:google:chrome:4.0.249.5", "cpe:/a:google:chrome:4.0.249.64", "cpe:/a:google:chrome:3.0.195.37", "cpe:/a:google:chrome:2.0.172.37", "cpe:/a:google:chrome:4.0.300.0", "cpe:/a:google:chrome:4.1.249.1018", "cpe:/a:google:chrome:4.0.249.61", "cpe:/a:google:chrome:4.0.249.50", "cpe:/a:google:chrome:1.0.154.52", "cpe:/a:google:chrome:4.0.249.71", "cpe:/a:google:chrome:4.1.249.1008", "cpe:/a:google:chrome:4.0.249.52", "cpe:/a:google:chrome:4.0.223.1", "cpe:/a:google:chrome:0.2.149.29", "cpe:/a:google:chrome:2.0.172.33", "cpe:/a:google:chrome:4.0.267.0", "cpe:/a:google:chrome:0.1.38.2", "cpe:/a:google:chrome:4.0.249.82", "cpe:/a:google:chrome:4.0.249.62", "cpe:/a:google:chrome:4.0.249.3", "cpe:/a:google:chrome:2.0.172.28", "cpe:/a:google:chrome:4.0.249.70", "cpe:/a:google:chrome:0.4.154.33", "cpe:/a:google:chrome:2.0.172.31", "cpe:/a:google:chrome:4.0.261.0", "cpe:/a:google:chrome:4.0.288.1", "cpe:/a:google:chrome:4.0.249.34", "cpe:/a:google:chrome:4.0.242.0", "cpe:/a:google:chrome:4.0.260.0", "cpe:/a:google:chrome:4.0.269.0", "cpe:/a:google:chrome:3.0.195.32", "cpe:/a:google:chrome:4.0.249.33", "cpe:/a:google:chrome:4.0.249.12", "cpe:/a:google:chrome:4.0.251.0", "cpe:/a:google:chrome:4.0.249.81", "cpe:/a:google:chrome:4.0.249.9", "cpe:/a:google:chrome:4.0.222.0", "cpe:/a:google:chrome:4.1.249.1006", "cpe:/a:google:chrome:4.0.249.44", "cpe:/a:google:chrome:4.0.249.80", "cpe:/a:google:chrome:4.0.239.0", "cpe:/a:google:chrome:4.0.249.49", "cpe:/a:google:chrome:4.0.246.0", "cpe:/a:google:chrome:4.0.229.1", "cpe:/a:google:chrome:4.1.249.1016", "cpe:/a:google:chrome:4.0.249.6", "cpe:/a:google:chrome:4.0.299.0", "cpe:/a:google:chrome:2.0.158.0", "cpe:/a:google:chrome:4.1.249.1007", "cpe:/a:google:chrome:0.1.40.1", "cpe:/a:google:chrome:0.4.154.31", "cpe:/a:google:chrome:4.0.249.60", "cpe:/a:google:chrome:4.0.268.0", "cpe:/a:google:chrome:4.0.249.59", "cpe:/a:google:chrome:4.1.249.1001", "cpe:/a:google:chrome:4.0.249.35", "cpe:/a:google:chrome:4.0.236.0", "cpe:/a:google:chrome:4.1.249.1014", "cpe:/a:google:chrome:4.0.224.0", "cpe:/a:google:chrome:4.0.245.0", "cpe:/a:google:chrome:4.0.249.26", "cpe:/a:google:chrome:4.0.249.66", "cpe:/a:google:chrome:4.1.249.1017", "cpe:/a:google:chrome:4.0.249.28", "cpe:/a:google:chrome:4.0.304.0", "cpe:/a:google:chrome:4.0.296.0", "cpe:/a:google:chrome:3.0.193.2:beta", "cpe:/a:google:chrome:4.0.249.27", "cpe:/a:google:chrome:4.0.249.46", "cpe:/a:google:chrome:4.1.249.1026", "cpe:/a:google:chrome:4.0.223.4", "cpe:/a:google:chrome:4.0.249.16", "cpe:/a:google:chrome:4.0.294.0", "cpe:/a:google:chrome:4.0.249.37", "cpe:/a:google:chrome:4.1:beta", "cpe:/a:google:chrome:4.0.252.0", "cpe:/a:google:chrome:4.0.249.0"], "id": "CVE-2010-1230", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1230", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:36:54", "references": ["http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", "http://code.google.com/p/chromium/issues/detail?id=34978"], "description": "Google Chrome before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via a malformed SVG document.", "edition": 2, "reporter": "NVD", "published": "2010-04-01T18:30:00", "title": "CVE-2010-1232", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:54", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14000", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14000"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1232"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14000", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14000"}], "modified": "2017-09-18T21:30:37", "cpe": ["cpe:/a:google:chrome:2.0.172.27", "cpe:/a:google:chrome:4.0.244.0", "cpe:/a:google:chrome:4.1.249.1025", "cpe:/a:google:chrome:1.0.154.43", "cpe:/a:google:chrome:4.0.249.78:beta", "cpe:/a:google:chrome:1.0.154.59", "cpe:/a:google:chrome:4.1.249.0", "cpe:/a:google:chrome:4.1.249.1031", "cpe:/a:google:chrome:4.1.249.1033", "cpe:/a:google:chrome:3.0.190.2", "cpe:/a:google:chrome:4.1.249.1011", "cpe:/a:google:chrome:4.1.249.1028", "cpe:/a:google:chrome:1.0.154.42", "cpe:/a:google:chrome:3.0.182.2", "cpe:/a:google:chrome:4.1.249.1032", "cpe:/a:google:chrome:4.1.249.1020", "cpe:/a:google:chrome:0.3.154.3", "cpe:/a:google:chrome:4.1.249.1027", "cpe:/a:google:chrome:2.0.169.0", "cpe:/a:google:chrome:0.4.154.18", "cpe:/a:google:chrome:0.2.149.30", "cpe:/a:google:chrome:2.0.172", "cpe:/a:google:chrome:4.1.249.1034", "cpe:/a:google:chrome:2.0.157.0", "cpe:/a:google:chrome:2.0.157.2", "cpe:/a:google:chrome:2.0.172.30", "cpe:/a:google:chrome:2.0.169.1", "cpe:/a:google:chrome:4.1.249.1009", "cpe:/a:google:chrome:0.4.154.22", "cpe:/a:google:chrome:0.2.153.1", "cpe:/a:google:chrome:3.0.195.21", "cpe:/a:google:chrome:4.1.249.1023", "cpe:/a:google:chrome:4.1.249.1029", "cpe:/a:google:chrome:4.1.249.1004", "cpe:/a:google:chrome:4.0.249.89", "cpe:/a:google:chrome:1.0.154.48", "cpe:/a:google:chrome:2.0.170.0", "cpe:/a:google:chrome:3.0.195.24", "cpe:/a:google:chrome:4.1.249.1022", "cpe:/a:google:chrome:4.1.249.1019", "cpe:/a:google:chrome:2.0.172.2", "cpe:/a:google:chrome:1.0.154.65", "cpe:/a:google:chrome:2.0.159.0", "cpe:/a:google:chrome:1.0.154.36", "cpe:/a:google:chrome:0.3.154.0", "cpe:/a:google:chrome:2.0.172.38", "cpe:/a:google:chrome:4.0.249.78", "cpe:/a:google:chrome:1.0.154.46", "cpe:/a:google:chrome:0.2.152.1", "cpe:/a:google:chrome:4.1.249.1035", "cpe:/a:google:chrome:2.0.172.8", "cpe:/a:google:chrome:1.0.154.39", "cpe:/a:google:chrome:1.0.154.53", "cpe:/a:google:chrome:4.1.249.1015", "cpe:/a:google:chrome:4.1.249.1013", "cpe:/a:google:chrome:4.1.249.1010", "cpe:/a:google:chrome:2.0.156.1", "cpe:/a:google:chrome:4.1.249.1024", "cpe:/a:google:chrome:3.0.195.33", "cpe:/a:google:chrome:0.2.149.27", "cpe:/a:google:chrome:4.1.249.1012", "cpe:/a:google:chrome:4.1.249.1030", "cpe:/a:google:chrome:4.1.249.1021", "cpe:/a:google:chrome:2.0.172.37", "cpe:/a:google:chrome:4.1.249.1018", "cpe:/a:google:chrome:1.0.154.52", "cpe:/a:google:chrome:4.1.249.1008", "cpe:/a:google:chrome:0.2.149.29", "cpe:/a:google:chrome:2.0.172.33", "cpe:/a:google:chrome:2.0.172.28", "cpe:/a:google:chrome:0.4.154.33", "cpe:/a:google:chrome:2.0.172.31", "cpe:/a:google:chrome:3.0.195.32", "cpe:/a:google:chrome:4.1.249.1006", "cpe:/a:google:chrome:4.1.249.1016", "cpe:/a:google:chrome:2.0.158.0", "cpe:/a:google:chrome:4.1.249.1007", "cpe:/a:google:chrome:0.4.154.31", "cpe:/a:google:chrome:4.1.249.1001", "cpe:/a:google:chrome:4.1.249.1014", "cpe:/a:google:chrome:4.1.249.1017", "cpe:/a:google:chrome:3.0.193.2:beta", "cpe:/a:google:chrome:4.1.249.1026", "cpe:/a:google:chrome:4.0.249.0"], "id": "CVE-2010-1232", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1232", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:36:54", "references": ["http://code.google.com/p/chromium/issues/detail?id=37007", "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html"], "description": "Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to trigger the omission of a download warning dialog via unknown vectors.", "edition": 2, "reporter": "NVD", "published": "2010-04-01T18:30:00", "title": "CVE-2010-1235", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:54", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14297", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14297"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1235"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14297", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14297"}], "modified": "2017-09-18T21:30:37", "cpe": ["cpe:/a:google:chrome:2.0.172.27", "cpe:/a:google:chrome:4.0.244.0", "cpe:/a:google:chrome:4.1.249.1025", "cpe:/a:google:chrome:1.0.154.43", "cpe:/a:google:chrome:4.0.249.78:beta", "cpe:/a:google:chrome:1.0.154.59", "cpe:/a:google:chrome:4.1.249.0", "cpe:/a:google:chrome:4.1.249.1031", "cpe:/a:google:chrome:4.1.249.1033", "cpe:/a:google:chrome:3.0.190.2", "cpe:/a:google:chrome:4.1.249.1011", "cpe:/a:google:chrome:4.1.249.1028", "cpe:/a:google:chrome:1.0.154.42", "cpe:/a:google:chrome:3.0.182.2", "cpe:/a:google:chrome:4.1.249.1032", "cpe:/a:google:chrome:4.1.249.1020", "cpe:/a:google:chrome:0.3.154.3", "cpe:/a:google:chrome:4.1.249.1027", "cpe:/a:google:chrome:2.0.169.0", "cpe:/a:google:chrome:0.4.154.18", "cpe:/a:google:chrome:0.2.149.30", "cpe:/a:google:chrome:2.0.172", "cpe:/a:google:chrome:4.1.249.1034", "cpe:/a:google:chrome:2.0.157.0", "cpe:/a:google:chrome:2.0.157.2", "cpe:/a:google:chrome:2.0.172.30", "cpe:/a:google:chrome:2.0.169.1", "cpe:/a:google:chrome:4.1.249.1009", "cpe:/a:google:chrome:0.4.154.22", "cpe:/a:google:chrome:0.2.153.1", "cpe:/a:google:chrome:3.0.195.21", "cpe:/a:google:chrome:4.1.249.1023", "cpe:/a:google:chrome:4.1.249.1029", "cpe:/a:google:chrome:4.1.249.1004", "cpe:/a:google:chrome:4.0.249.89", "cpe:/a:google:chrome:1.0.154.48", "cpe:/a:google:chrome:2.0.170.0", "cpe:/a:google:chrome:3.0.195.24", "cpe:/a:google:chrome:4.1.249.1022", "cpe:/a:google:chrome:4.1.249.1019", "cpe:/a:google:chrome:2.0.172.2", "cpe:/a:google:chrome:1.0.154.65", "cpe:/a:google:chrome:2.0.159.0", "cpe:/a:google:chrome:1.0.154.36", "cpe:/a:google:chrome:0.3.154.0", "cpe:/a:google:chrome:2.0.172.38", "cpe:/a:google:chrome:4.0.249.78", "cpe:/a:google:chrome:1.0.154.46", "cpe:/a:google:chrome:0.2.152.1", "cpe:/a:google:chrome:4.1.249.1035", "cpe:/a:google:chrome:2.0.172.8", "cpe:/a:google:chrome:1.0.154.39", "cpe:/a:google:chrome:1.0.154.53", "cpe:/a:google:chrome:4.1.249.1015", "cpe:/a:google:chrome:4.1.249.1013", "cpe:/a:google:chrome:4.1.249.1010", "cpe:/a:google:chrome:2.0.156.1", "cpe:/a:google:chrome:4.1.249.1024", "cpe:/a:google:chrome:3.0.195.33", "cpe:/a:google:chrome:0.2.149.27", "cpe:/a:google:chrome:4.1.249.1012", "cpe:/a:google:chrome:4.1.249.1030", "cpe:/a:google:chrome:4.1.249.1021", "cpe:/a:google:chrome:2.0.172.37", "cpe:/a:google:chrome:4.1.249.1018", "cpe:/a:google:chrome:1.0.154.52", "cpe:/a:google:chrome:4.1.249.1008", "cpe:/a:google:chrome:0.2.149.29", "cpe:/a:google:chrome:2.0.172.33", "cpe:/a:google:chrome:2.0.172.28", "cpe:/a:google:chrome:0.4.154.33", "cpe:/a:google:chrome:2.0.172.31", "cpe:/a:google:chrome:4.1.249.1042", "cpe:/a:google:chrome:3.0.195.32", "cpe:/a:google:chrome:4.1.249.1006", "cpe:/a:google:chrome:4.1.249.1016", "cpe:/a:google:chrome:2.0.158.0", "cpe:/a:google:chrome:4.1.249.1007", "cpe:/a:google:chrome:0.4.154.31", "cpe:/a:google:chrome:4.1.249.1001", "cpe:/a:google:chrome:4.1.249.1014", "cpe:/a:google:chrome:4.1.249.1017", "cpe:/a:google:chrome:3.0.193.2:beta", "cpe:/a:google:chrome:4.1.249.1026", "cpe:/a:google:chrome:4.0.249.0"], "id": "CVE-2010-1235", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1235", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-09-19T13:36:54", "references": ["http://code.google.com/p/chromium/issues/detail?id=36772", "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html"], "description": "Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to truncate the URL shown in the HTTP Basic Authentication dialog via unknown vectors.", "edition": 2, "reporter": "NVD", "published": "2010-04-01T18:30:00", "title": "CVE-2010-1234", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:54", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14275", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14275"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1234"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14275", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14275"}], "modified": "2017-09-18T21:30:37", "cpe": ["cpe:/a:google:chrome:4.0.249.8", "cpe:/a:google:chrome:4.0.248.0", "cpe:/a:google:chrome:2.0.172.27", "cpe:/a:google:chrome:4.0.249.7", "cpe:/a:google:chrome:4.0.244.0", "cpe:/a:google:chrome:4.1.249.1025", "cpe:/a:google:chrome:4.0.258.0", "cpe:/a:google:chrome:4.0.247.0", "cpe:/a:google:chrome:4.0.249.39", "cpe:/a:google:chrome:4.0.223.7", "cpe:/a:google:chrome:4.0.254.0", "cpe:/a:google:chrome:4.0.249.38", "cpe:/a:google:chrome:4.0.249.78:beta", "cpe:/a:google:chrome:4.0.275.1", "cpe:/a:google:chrome:4.0.222.5", "cpe:/a:google:chrome:1.0.154.59", "cpe:/a:google:chrome:4.1.249.0", "cpe:/a:google:chrome:4.0.278.0", "cpe:/a:google:chrome:4.1.249.1031", "cpe:/a:google:chrome:4.1.249.1033", "cpe:/a:google:chrome:4.0.223.8", "cpe:/a:google:chrome:4.0.249.55", "cpe:/a:google:chrome:3.0.190.2", "cpe:/a:google:chrome:4.1.249.1011", "cpe:/a:google:chrome:4.1.249.1028", "cpe:/a:google:chrome:3.0.195.38", "cpe:/a:google:chrome:4.0.249.75", "cpe:/a:google:chrome:3.0.182.2", "cpe:/a:google:chrome:4.1.249.1032", "cpe:/a:google:chrome:0.1.38.1", "cpe:/a:google:chrome:4.0.265.0", "cpe:/a:google:chrome:4.0.259.0", "cpe:/a:google:chrome:4.0.257.0", "cpe:/a:google:chrome:4.0.249.29", "cpe:/a:google:chrome:4.0.302.0", "cpe:/a:google:chrome:4.1.249.1020", "cpe:/a:google:chrome:4.0.249.77", "cpe:/a:google:chrome:4.1.249.1027", "cpe:/a:google:chrome:2.0.169.0", "cpe:/a:google:chrome:4.0.249.17", "cpe:/a:google:chrome:4.1.249.1034", "cpe:/a:google:chrome:4.0.249.51", "cpe:/a:google:chrome:4.0.222.12", "cpe:/a:google:chrome:3.0.195.27", "cpe:/a:google:chrome:4.0.249.76", "cpe:/a:google:chrome:4.0.255.0", "cpe:/a:google:chrome:2.0.172.30", "cpe:/a:google:chrome:2.0.169.1", "cpe:/a:google:chrome:4.0.249.57", "cpe:/a:google:chrome:4.1.249.1009", "cpe:/a:google:chrome:4.0.276.0", "cpe:/a:google:chrome:4.0.301.0", "cpe:/a:google:chrome:4.0.237.1", "cpe:/a:google:chrome:4.0.222.1", "cpe:/a:google:chrome:4.0.249.53", "cpe:/a:google:chrome:3.0.195.25", "cpe:/a:google:chrome:4.0.249.54", "cpe:/a:google:chrome:4.0.249.36", "cpe:/a:google:chrome:4.0.249.2", "cpe:/a:google:chrome:4.0.249.58", "cpe:/a:google:chrome:4.0.241.0", "cpe:/a:google:chrome:4.1.249.1023", "cpe:/a:google:chrome:4.1.249.1029", "cpe:/a:google:chrome:0.1.42.3", "cpe:/a:google:chrome:4.0.223.9", "cpe:/a:google:chrome:4.0.249.20", "cpe:/a:google:chrome:4.0.249.11", "cpe:/a:google:chrome:4.0.286.0", "cpe:/a:google:chrome:4.0.249.40", "cpe:/a:google:chrome:4.0.212.0", "cpe:/a:google:chrome:4.0.264.0", "cpe:/a:google:chrome:4.0.249.21", "cpe:/a:google:chrome:4.1.249.1004", "cpe:/a:google:chrome:1.0.154.64", "cpe:/a:google:chrome:4.0.303.0", "cpe:/a:google:chrome:4.0.249.89", "cpe:/a:google:chrome:4.0.250.2", "cpe:/a:google:chrome:4.0.221.8", "cpe:/a:google:chrome:0.1.38.4", "cpe:/a:google:chrome:4.0.266.0", "cpe:/a:google:chrome:4.0.287.0", "cpe:/a:google:chrome:2.0.170.0", "cpe:/a:google:chrome:4.0.302.3", "cpe:/a:google:chrome:4.0.249.73", "cpe:/a:google:chrome:4.0.249.23", "cpe:/a:google:chrome:4.0.256.0", "cpe:/a:google:chrome:4.0.249.22", "cpe:/a:google:chrome:4.0.240.0", "cpe:/a:google:chrome:4.0.249.42", "cpe:/a:google:chrome:4.0.262.0", "cpe:/a:google:chrome:4.0.249.31", "cpe:/a:google:chrome:4.0.275.0", "cpe:/a:google:chrome:4.1.249.1022", "cpe:/a:google:chrome:4.0.249.56", "cpe:/a:google:chrome:4.0.295.0", "cpe:/a:google:chrome:4.1.249.1019", "cpe:/a:google:chrome:4.0.249.4", "cpe:/a:google:chrome:2.0.172.2", "cpe:/a:google:chrome:4.0.249.72", "cpe:/a:google:chrome:4.0.249.47", "cpe:/a:google:chrome:4.0.290.0", "cpe:/a:google:chrome:4.0.277.0", "cpe:/a:google:chrome:4.0.245.1", "cpe:/a:google:chrome:4.0.249.74", "cpe:/a:google:chrome:4.0.289.0", "cpe:/a:google:chrome:1.0.154.65", "cpe:/a:google:chrome:4.0.243.0", "cpe:/a:google:chrome:4.0.272.0", "cpe:/a:google:chrome:2.0.172.38", "cpe:/a:google:chrome:4.0.249.32", "cpe:/a:google:chrome:4.0.249.63", "cpe:/a:google:chrome:0.1.42.2", "cpe:/a:google:chrome:4.0.249.14", "cpe:/a:google:chrome:4.0.250.0", "cpe:/a:google:chrome:4.0.249.1", "cpe:/a:google:chrome:4.0.292.0", "cpe:/a:google:chrome:4.0.249.65", "cpe:/a:google:chrome:4.0.249.67", "cpe:/a:google:chrome:4.0.263.0", "cpe:/a:google:chrome:4.0.249.78", "cpe:/a:google:chrome:4.0.305.0", "cpe:/a:google:chrome:4.0.249.10", "cpe:/a:google:chrome:3.0.195.36", "cpe:/a:google:chrome:4.1.249.1035", "cpe:/a:google:chrome:4.0.302.1", "cpe:/a:google:chrome:2.0.172.8", "cpe:/a:google:chrome:4.0.249.69", "cpe:/a:google:chrome:4.0.235.0", "cpe:/a:google:chrome:1.0.154.53", "cpe:/a:google:chrome:4.0.212.1", "cpe:/a:google:chrome:4.0.237.0", "cpe:/a:google:chrome:4.0.249.41", "cpe:/a:google:chrome:4.0.249.25", "cpe:/a:google:chrome:4.0.249.24", "cpe:/a:google:chrome:4.0.249.79", "cpe:/a:google:chrome:4.1.249.1015", "cpe:/a:google:chrome:4.1.249.1013", "cpe:/a:google:chrome:4.0.249.18", "cpe:/a:google:chrome:4.0.249.45", "cpe:/a:google:chrome:4.0.223.0", "cpe:/a:google:chrome:4.1.249.1010", "cpe:/a:google:chrome:4.0.249.48", "cpe:/a:google:chrome:4.1.249.1024", "cpe:/a:google:chrome:4.0.271.0", "cpe:/a:google:chrome:4.0.302.2", "cpe:/a:google:chrome:4.0.249.30", "cpe:/a:google:chrome:3.0.195.33", "cpe:/a:google:chrome:4.0.288.0", "cpe:/a:google:chrome:4.1.249.1012", "cpe:/a:google:chrome:4.0.249.43", "cpe:/a:google:chrome:4.0.223.2", "cpe:/a:google:chrome:4.0.223.5", "cpe:/a:google:chrome:4.0.249.68", "cpe:/a:google:chrome:4.0.249.19", "cpe:/a:google:chrome:4.1.249.1030", "cpe:/a:google:chrome:4.1.249.1021", "cpe:/a:google:chrome:4.0.249.5", "cpe:/a:google:chrome:4.0.249.64", "cpe:/a:google:chrome:3.0.195.37", "cpe:/a:google:chrome:2.0.172.37", "cpe:/a:google:chrome:4.0.300.0", "cpe:/a:google:chrome:4.1.249.1018", "cpe:/a:google:chrome:4.0.249.61", "cpe:/a:google:chrome:4.0.249.50", "cpe:/a:google:chrome:4.0.249.71", "cpe:/a:google:chrome:4.1.249.1008", "cpe:/a:google:chrome:4.0.249.52", "cpe:/a:google:chrome:4.0.223.1", "cpe:/a:google:chrome:2.0.172.33", "cpe:/a:google:chrome:4.0.267.0", "cpe:/a:google:chrome:0.1.38.2", "cpe:/a:google:chrome:4.0.249.82", "cpe:/a:google:chrome:4.0.249.62", "cpe:/a:google:chrome:4.0.249.3", "cpe:/a:google:chrome:2.0.172.28", "cpe:/a:google:chrome:4.0.249.70", "cpe:/a:google:chrome:4.0.261.0", "cpe:/a:google:chrome:4.0.288.1", "cpe:/a:google:chrome:4.0.249.34", "cpe:/a:google:chrome:4.0.242.0", "cpe:/a:google:chrome:4.0.260.0", "cpe:/a:google:chrome:4.0.269.0", "cpe:/a:google:chrome:4.0.249.33", "cpe:/a:google:chrome:4.0.249.12", "cpe:/a:google:chrome:4.0.251.0", "cpe:/a:google:chrome:4.0.249.81", "cpe:/a:google:chrome:4.0.249.9", "cpe:/a:google:chrome:4.0.222.0", "cpe:/a:google:chrome:4.1.249.1006", "cpe:/a:google:chrome:4.0.249.44", "cpe:/a:google:chrome:4.0.249.80", "cpe:/a:google:chrome:4.0.239.0", "cpe:/a:google:chrome:4.0.249.49", "cpe:/a:google:chrome:4.0.246.0", "cpe:/a:google:chrome:4.0.229.1", "cpe:/a:google:chrome:4.1.249.1016", "cpe:/a:google:chrome:4.0.249.6", "cpe:/a:google:chrome:4.0.299.0", "cpe:/a:google:chrome:4.1.249.1007", "cpe:/a:google:chrome:0.1.40.1", "cpe:/a:google:chrome:4.0.249.60", "cpe:/a:google:chrome:4.0.268.0", "cpe:/a:google:chrome:4.0.249.59", "cpe:/a:google:chrome:4.1.249.1001", "cpe:/a:google:chrome:4.0.249.35", "cpe:/a:google:chrome:4.0.236.0", "cpe:/a:google:chrome:4.1.249.1014", "cpe:/a:google:chrome:4.0.224.0", "cpe:/a:google:chrome:4.0.245.0", "cpe:/a:google:chrome:4.0.249.26", "cpe:/a:google:chrome:4.0.249.66", "cpe:/a:google:chrome:4.1.249.1017", "cpe:/a:google:chrome:4.0.249.28", "cpe:/a:google:chrome:4.0.304.0", "cpe:/a:google:chrome:4.0.296.0", "cpe:/a:google:chrome:4.0.249.27", "cpe:/a:google:chrome:4.0.249.46", "cpe:/a:google:chrome:4.1.249.1026", "cpe:/a:google:chrome:4.0.223.4", "cpe:/a:google:chrome:4.0.249.16", "cpe:/a:google:chrome:4.0.294.0", "cpe:/a:google:chrome:4.0.249.37", "cpe:/a:google:chrome:4.0.252.0", "cpe:/a:google:chrome:4.0.249.0"], "id": "CVE-2010-1234", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1234", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:36:54", "references": ["http://flock.com/security/", "http://code.google.com/p/chromium/issues/detail?id=37383", "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", "https://bugs.webkit.org/show_bug.cgi?id=35948", "http://codereview.chromium.org/858001", "http://www.vupen.com/english/advisories/2011/0212", "http://src.chromium.org/viewvc/chrome?view=rev&revision=41244"], "description": "The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKit before r55822, as used in Google Chrome before 4.1.249.1036 and Flock Browser 3.x before 3.0.0.4112, does not properly handle whitespace at the beginning of a URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted javascript: URL, as demonstrated by a \\x00javascript:alert sequence.", "edition": 2, "reporter": "NVD", "published": "2010-04-01T18:30:00", "title": "CVE-2010-1236", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:54", "vector": "NONE", "value": 4.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14067", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14067"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1236"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14067", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14067"}], "modified": "2017-09-18T21:30:38", "cpe": ["cpe:/a:google:chrome:4.0.249.8", "cpe:/a:google:chrome:4.0.248.0", "cpe:/a:google:chrome:2.0.172.27", "cpe:/a:google:chrome:4.0.249.7", "cpe:/a:google:chrome:4.0.244.0", "cpe:/a:google:chrome:4.1.249.1025", "cpe:/a:google:chrome:4.0.258.0", "cpe:/a:google:chrome:4.0.247.0", "cpe:/a:google:chrome:4.0.249.39", "cpe:/a:google:chrome:4.0.223.7", "cpe:/a:google:chrome:4.0.254.0", "cpe:/a:google:chrome:4.0.249.38", "cpe:/a:google:chrome:4.0.249.78:beta", "cpe:/a:google:chrome:4.0.275.1", "cpe:/a:google:chrome:4.0.222.5", "cpe:/a:google:chrome:1.0.154.59", "cpe:/a:google:chrome:4.1.249.0", "cpe:/a:google:chrome:4.0.278.0", "cpe:/a:google:chrome:4.1.249.1031", "cpe:/a:google:chrome:4.1.249.1033", "cpe:/a:google:chrome:4.0.223.8", "cpe:/a:google:chrome:4.0.249.55", "cpe:/a:google:chrome:3.0.190.2", "cpe:/a:google:chrome:4.1.249.1011", "cpe:/a:google:chrome:4.1.249.1028", "cpe:/a:google:chrome:3.0.195.38", "cpe:/a:google:chrome:4.0.249.75", "cpe:/a:google:chrome:3.0.182.2", "cpe:/a:google:chrome:4.1.249.1032", "cpe:/a:google:chrome:0.1.38.1", "cpe:/a:google:chrome:4.0.265.0", "cpe:/a:google:chrome:4.0.259.0", "cpe:/a:google:chrome:4.0.257.0", "cpe:/a:google:chrome:4.0.249.29", "cpe:/a:google:chrome:4.0.302.0", "cpe:/a:google:chrome:4.1.249.1020", "cpe:/a:google:chrome:4.0.249.77", "cpe:/a:google:chrome:4.1.249.1027", "cpe:/a:google:chrome:2.0.169.0", "cpe:/a:google:chrome:4.0.249.17", "cpe:/a:google:chrome:4.1.249.1034", "cpe:/a:google:chrome:4.0.249.51", "cpe:/a:google:chrome:4.0.222.12", "cpe:/a:google:chrome:3.0.195.27", "cpe:/a:google:chrome:4.0.249.76", "cpe:/a:google:chrome:4.0.255.0", "cpe:/a:google:chrome:2.0.172.30", "cpe:/a:google:chrome:2.0.169.1", "cpe:/a:google:chrome:4.0.249.57", "cpe:/a:google:chrome:4.1.249.1009", "cpe:/a:google:chrome:4.0.276.0", "cpe:/a:google:chrome:4.0.301.0", "cpe:/a:google:chrome:4.0.237.1", "cpe:/a:google:chrome:4.0.222.1", "cpe:/a:google:chrome:4.0.249.53", "cpe:/a:google:chrome:3.0.195.25", "cpe:/a:google:chrome:4.0.249.54", "cpe:/a:google:chrome:4.0.249.36", "cpe:/a:google:chrome:4.0.249.2", "cpe:/a:google:chrome:4.0.249.58", "cpe:/a:google:chrome:4.0.241.0", "cpe:/a:google:chrome:4.1.249.1023", "cpe:/a:google:chrome:4.1.249.1029", "cpe:/a:google:chrome:0.1.42.3", "cpe:/a:google:chrome:4.0.223.9", "cpe:/a:google:chrome:4.0.249.20", "cpe:/a:google:chrome:4.0.249.11", "cpe:/a:google:chrome:4.0.286.0", "cpe:/a:google:chrome:4.0.249.40", "cpe:/a:google:chrome:4.0.212.0", "cpe:/a:google:chrome:4.0.264.0", "cpe:/a:google:chrome:4.0.249.21", "cpe:/a:google:chrome:4.1.249.1004", "cpe:/a:google:chrome:1.0.154.64", "cpe:/a:google:chrome:4.0.303.0", "cpe:/a:google:chrome:4.0.249.89", "cpe:/a:google:chrome:4.0.250.2", "cpe:/a:google:chrome:4.0.221.8", "cpe:/a:google:chrome:0.1.38.4", "cpe:/a:google:chrome:4.0.266.0", "cpe:/a:google:chrome:4.0.287.0", "cpe:/a:google:chrome:2.0.170.0", "cpe:/a:google:chrome:4.0.302.3", "cpe:/a:google:chrome:4.0.249.73", "cpe:/a:google:chrome:4.0.249.23", "cpe:/a:google:chrome:4.0.256.0", "cpe:/a:google:chrome:4.0.249.22", "cpe:/a:flock:flock:3.0.0.4094", "cpe:/a:google:chrome:4.0.240.0", "cpe:/a:google:chrome:4.0.249.42", "cpe:/a:google:chrome:4.0.262.0", "cpe:/a:google:chrome:4.0.249.31", "cpe:/a:google:chrome:4.0.275.0", "cpe:/a:google:chrome:4.1.249.1022", "cpe:/a:google:chrome:4.0.249.56", "cpe:/a:google:chrome:4.0.295.0", "cpe:/a:google:chrome:4.1.249.1019", "cpe:/a:google:chrome:4.0.249.4", "cpe:/a:google:chrome:2.0.172.2", "cpe:/a:google:chrome:4.0.249.72", "cpe:/a:google:chrome:4.0.249.47", "cpe:/a:google:chrome:4.0.290.0", "cpe:/a:google:chrome:4.0.277.0", "cpe:/a:google:chrome:4.0.245.1", "cpe:/a:google:chrome:4.0.249.74", "cpe:/a:google:chrome:4.0.289.0", "cpe:/a:google:chrome:1.0.154.65", "cpe:/a:google:chrome:4.0.243.0", "cpe:/a:google:chrome:4.0.272.0", "cpe:/a:google:chrome:2.0.172.38", "cpe:/a:google:chrome:4.0.249.32", "cpe:/a:google:chrome:4.0.249.63", "cpe:/a:google:chrome:0.1.42.2", "cpe:/a:google:chrome:4.0.249.14", "cpe:/a:google:chrome:4.0.250.0", "cpe:/a:google:chrome:4.0.249.1", "cpe:/a:google:chrome:4.0.292.0", "cpe:/a:google:chrome:4.0.249.65", "cpe:/a:google:chrome:4.0.249.67", "cpe:/a:google:chrome:4.0.263.0", "cpe:/a:google:chrome:4.0.249.78", "cpe:/a:google:chrome:4.0.305.0", "cpe:/a:google:chrome:4.0.249.10", "cpe:/a:google:chrome:3.0.195.36", "cpe:/a:google:chrome:4.1.249.1035", "cpe:/a:google:chrome:4.0.302.1", "cpe:/a:google:chrome:2.0.172.8", "cpe:/a:google:chrome:4.0.249.69", "cpe:/a:google:chrome:4.0.235.0", "cpe:/a:google:chrome:1.0.154.53", "cpe:/a:google:chrome:4.0.212.1", "cpe:/a:google:chrome:4.0.237.0", "cpe:/a:google:chrome:4.0.249.41", "cpe:/a:google:chrome:4.0.249.25", "cpe:/a:google:chrome:4.0.249.24", "cpe:/a:google:chrome:4.0.249.79", "cpe:/a:google:chrome:4.1.249.1015", "cpe:/a:google:chrome:4.1.249.1013", "cpe:/a:google:chrome:4.0.249.18", "cpe:/a:google:chrome:4.0.249.45", "cpe:/a:google:chrome:4.0.223.0", "cpe:/a:google:chrome:4.1.249.1010", "cpe:/a:google:chrome:4.0.249.48", "cpe:/a:google:chrome:4.1.249.1024", "cpe:/a:google:chrome:4.0.271.0", "cpe:/a:google:chrome:4.0.302.2", "cpe:/a:google:chrome:4.0.249.30", "cpe:/a:google:chrome:3.0.195.33", "cpe:/a:google:chrome:4.0.288.0", "cpe:/a:google:chrome:4.1.249.1012", "cpe:/a:google:chrome:4.0.249.43", "cpe:/a:google:chrome:4.0.223.2", "cpe:/a:google:chrome:4.0.223.5", "cpe:/a:google:chrome:4.0.249.68", "cpe:/a:google:chrome:4.0.249.19", "cpe:/a:google:chrome:4.1.249.1030", "cpe:/a:google:chrome:4.1.249.1021", "cpe:/a:google:chrome:4.0.249.5", "cpe:/a:google:chrome:4.0.249.64", "cpe:/a:google:chrome:3.0.195.37", "cpe:/a:google:chrome:2.0.172.37", "cpe:/a:google:chrome:4.0.300.0", "cpe:/a:google:chrome:4.1.249.1018", "cpe:/a:google:chrome:4.0.249.61", "cpe:/a:google:chrome:4.0.249.50", "cpe:/a:google:chrome:4.0.249.71", "cpe:/a:google:chrome:4.1.249.1008", "cpe:/a:google:chrome:4.0.249.52", "cpe:/a:google:chrome:4.0.223.1", "cpe:/a:google:chrome:2.0.172.33", "cpe:/a:google:chrome:4.0.267.0", "cpe:/a:google:chrome:0.1.38.2", "cpe:/a:google:chrome:4.0.249.82", "cpe:/a:google:chrome:4.0.249.62", "cpe:/a:google:chrome:4.0.249.3", "cpe:/a:google:chrome:2.0.172.28", "cpe:/a:google:chrome:4.0.249.70", "cpe:/a:google:chrome:4.0.261.0", "cpe:/a:google:chrome:4.0.288.1", "cpe:/a:google:chrome:4.0.249.34", "cpe:/a:google:chrome:4.0.242.0", "cpe:/a:google:chrome:4.0.260.0", "cpe:/a:google:chrome:4.0.269.0", "cpe:/a:google:chrome:4.0.249.33", "cpe:/a:google:chrome:4.0.249.12", "cpe:/a:google:chrome:4.0.251.0", "cpe:/a:google:chrome:4.0.249.81", "cpe:/a:google:chrome:4.0.249.9", "cpe:/a:google:chrome:4.0.222.0", "cpe:/a:google:chrome:4.1.249.1006", "cpe:/a:google:chrome:4.0.249.44", "cpe:/a:google:chrome:4.0.249.80", "cpe:/a:google:chrome:4.0.239.0", "cpe:/a:google:chrome:4.0.249.49", "cpe:/a:google:chrome:4.0.246.0", "cpe:/a:google:chrome:4.0.229.1", "cpe:/a:google:chrome:4.1.249.1016", "cpe:/a:google:chrome:4.0.249.6", "cpe:/a:google:chrome:4.0.299.0", "cpe:/a:google:chrome:4.1.249.1007", "cpe:/a:google:chrome:0.1.40.1", "cpe:/a:google:chrome:4.0.249.60", "cpe:/a:google:chrome:4.0.268.0", "cpe:/a:google:chrome:4.0.249.59", "cpe:/a:google:chrome:4.1.249.1001", "cpe:/a:google:chrome:4.0.249.35", "cpe:/a:google:chrome:4.0.236.0", "cpe:/a:google:chrome:4.1.249.1014", "cpe:/a:google:chrome:4.0.224.0", "cpe:/a:google:chrome:4.0.245.0", "cpe:/a:google:chrome:4.0.249.26", "cpe:/a:google:chrome:4.0.249.66", "cpe:/a:google:chrome:4.1.249.1017", "cpe:/a:google:chrome:4.0.249.28", "cpe:/a:google:chrome:4.0.304.0", "cpe:/a:google:chrome:4.0.296.0", "cpe:/a:google:chrome:4.0.249.27", "cpe:/a:google:chrome:4.0.249.46", "cpe:/a:google:chrome:4.1.249.1026", "cpe:/a:google:chrome:4.0.223.4", "cpe:/a:google:chrome:4.0.249.16", "cpe:/a:google:chrome:4.0.294.0", "cpe:/a:google:chrome:4.0.249.37", "cpe:/a:google:chrome:4.0.252.0", "cpe:/a:google:chrome:4.0.249.0"], "id": "CVE-2010-1236", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1236", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-09-19T13:36:54", "references": ["http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", "http://code.google.com/p/chromium/issues/detail?id=35724", "http://www.vupen.com/english/advisories/2011/0212"], "description": "Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects.", "edition": 2, "reporter": "NVD", "published": "2010-04-01T18:30:00", "title": "CVE-2010-1233", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:54", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14023", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14023"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-1233"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:14023", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:14023"}], "modified": "2017-09-18T21:30:37", "cpe": ["cpe:/a:google:chrome:2.0.172.27", "cpe:/a:google:chrome:4.0.244.0", "cpe:/a:google:chrome:1.0.154.43", "cpe:/a:google:chrome:4.0.249.78:beta", "cpe:/a:google:chrome:1.0.154.59", "cpe:/a:google:chrome:3.0.190.2", "cpe:/a:google:chrome:1.0.154.42", "cpe:/a:google:chrome:3.0.182.2", "cpe:/a:google:chrome:0.3.154.3", "cpe:/a:google:chrome:2.0.169.0", "cpe:/a:google:chrome:0.4.154.18", "cpe:/a:google:chrome:0.2.149.30", "cpe:/a:google:chrome:2.0.172", "cpe:/a:google:chrome:2.0.157.0", "cpe:/a:google:chrome:2.0.157.2", "cpe:/a:google:chrome:2.0.172.30", "cpe:/a:google:chrome:2.0.169.1", "cpe:/a:google:chrome:0.4.154.22", "cpe:/a:google:chrome:0.2.153.1", "cpe:/a:google:chrome:3.0.195.21", "cpe:/a:google:chrome:4.0.249.89", "cpe:/a:google:chrome:1.0.154.48", "cpe:/a:google:chrome:2.0.170.0", "cpe:/a:google:chrome:3.0.195.24", "cpe:/a:google:chrome:2.0.172.2", "cpe:/a:google:chrome:1.0.154.65", "cpe:/a:google:chrome:2.0.159.0", "cpe:/a:google:chrome:1.0.154.36", "cpe:/a:google:chrome:0.3.154.0", "cpe:/a:google:chrome:2.0.172.38", "cpe:/a:google:chrome:4.0.249.78", "cpe:/a:google:chrome:1.0.154.46", "cpe:/a:google:chrome:0.2.152.1", "cpe:/a:google:chrome:2.0.172.8", "cpe:/a:google:chrome:1.0.154.39", "cpe:/a:google:chrome:1.0.154.53", "cpe:/a:google:chrome:2.0.156.1", "cpe:/a:google:chrome:3.0.195.33", "cpe:/a:google:chrome:0.2.149.27", "cpe:/a:google:chrome:2.0.172.37", "cpe:/a:google:chrome:1.0.154.52", "cpe:/a:google:chrome:0.2.149.29", "cpe:/a:google:chrome:2.0.172.33", "cpe:/a:google:chrome:2.0.172.28", "cpe:/a:google:chrome:0.4.154.33", "cpe:/a:google:chrome:2.0.172.31", "cpe:/a:google:chrome:3.0.195.32", "cpe:/a:google:chrome:2.0.158.0", "cpe:/a:google:chrome:0.4.154.31", "cpe:/a:google:chrome:3.0.193.2:beta", "cpe:/a:google:chrome:4.0.249.0"], "id": "CVE-2010-1233", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1233", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:36", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nFLOCK-SA-2010-03\r\n\r\nhttp://flock.com/security/\r\n\r\nTitle: javascript: url with a leading NULL byte can bypass\r\n cross origin protection (XSS)\r\n\r\nImpact: High\r\n\r\nAnnounced on: 2010-09-09\r\n\r\nAffected Products: Flock 3 versions prior to 3.0.0.4112\r\n\r\nCVEs (cve.mitre.org): CVE-2010-1236\r\n\r\nDetails:\r\n\r\nA javascript: url with a leading NULL byte can bypass cross origin\r\nprotection, which has unspecified impact and remote attack vectors.\r\n\r\nCredit to kuzzcc (for Chromium) and Lostmon Lords (for Flock).\r\n\r\nReferences: https://bugs.webkit.org/show_bug.cgi?id=35948\r\n http://code.google.com/p/chromium/issues/detail?id=37383\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.14 (Darwin)\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/\r\n\r\niQIcBAEBAgAGBQJMj6snAAoJEPzFtDWO6ceqQ9sQAJdW6oNQqL5QglNP53pQ17Be\r\nLnwWdsAQ8vNtUwlGvBJnlSbVELXtR1TnrJ8DQiUH+qgWqiiSUPQmoTb1O6wE4rXZ\r\ntyLZAmCK4vjZdonJQ4Cb2vx+QT+aSd7r+14E1JESjQBE3t8iVirFeElVNS8Jui2l\r\n/C++r3nQI0BLK6fc9eQzxHp7eBXCcu7YGw24QMA+xmkagJEI7a4Ijio36Gh7huqJ\r\n6nwzZNYccl0aziepnTN9vC1C/z8/xEVBMjJv9K3SZ3n3Xdth2LfmC9Zl+7OP57Sb\r\nLhZUgkTQsE4spsd7BFUfIkB3fbGH1m3X9SnmR6enDuN1bd0nxML95FZGz6jHnMhz\r\nKw0Gj02D/25QPe4bdwvuR5C//xxms4bd6Sku27tEaYHzfiqS3MzkAhbgiHKJtukP\r\n5qn3EmwWGVnWUnw30+jUyKfcnsKrJ2991vYseP3dOEMNL4YDz8hPnCYPxnHUDpIz\r\nYX9E8XNHOg5l6fnRLWTnRkeeQqMWZC+1XsMkoOe7Yj5Gx2aylK13N8flFx7Jk/vZ\r\nlHYSGYiymFmFqjjCIGIddXbTvW3D/rEboTxwoMkUXdq9rCwUIRHA8k8zOS709tqY\r\nlLg5+vsah2PT5WD1MJCzke3fQmr+g35Jfqppa/x9nEWhHsWBSBsZfFTCXL9lWz6w\r\nfqrdrSEPNI2jMVBTeVeC\r\n=/KZw\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2010-09-17T00:00:00", "title": "[FLOCK-SA-2010-03] Flock Browser: javascript: url with a leading NULL byte can bypass cross origin protection (XSS)", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:36", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-1236"], "modified": "2010-09-17T00:00:00", "id": "SECURITYVULNS:DOC:24775", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24775", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:38", "references": ["https://vulners.com/securityvulns/securityvulns:doc:24773", "https://vulners.com/securityvulns/securityvulns:doc:24776", "https://vulners.com/securityvulns/securityvulns:doc:24775", "https://vulners.com/securityvulns/securityvulns:doc:24774"], "description": "Multiple crossite scripting vulnerabilities.", "edition": 1, "reporter": "BUGTRAQ", "published": "2010-09-17T00:00:00", "title": "Flock browser crossite scripting", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:38", "vector": "NONE", "value": 4.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3202", "CVE-2010-3262", "CVE-2010-1236", "CVE-2010-0661"], "modified": "2010-09-17T00:00:00", "id": "SECURITYVULNS:VULN:11154", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11154", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
