Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (c) 2010 Greenbone Networks GmbHOPENVAS:801668
HistoryDec 27, 2010 - 12:00 a.m.

Google Chrome multiple vulnerabilities - Dec 10(Linux)

2010-12-2700:00:00
Copyright (c) 2010 Greenbone Networks GmbH
plugins.openvas.org
9

0.013 Low

EPSS

Percentile

84.6%

JSON

The host is running Google Chrome and is prone to multiple
vulnerabilities.

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_google_chrome_mult_vuln_dec10_lin.nasl 5306 2017-02-16 09:00:16Z teissa $
#
# Google Chrome multiple vulnerabilities - Dec 10(Linux)
#
# Authors:
# Sooraj KS <[email protected]>
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_impact = "Successful exploitation could allow attackers to cause a denial of service.
  Impact Level: Application";
tag_affected = "Google Chrome version prior to 8.0.552.224 on Linux";
tag_insight = "- The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/
    theme_installed_infobar_delegate.cc does not properly handle incorrect tab
    interaction by an extension.
  - browser/worker_host/message_port_dispatcher.cc does not properly handle
    certain postMessage calls, which allows remote attackers to cause a denial
    of service via crafted JavaScript code that creates a web worker.
  - Out-of-bounds read error in CSS parsing allows remote attackers to cause a
    denial of service.
  - Stale pointers in cursor handling allows remote attackers to cause a denial
    of service.";
tag_solution = "Upgrade to the Google Chrome 8.0.552.224 or later,
  For updates refer to http://www.google.com/chrome";
tag_summary = "The host is running Google Chrome and is prone to multiple
  vulnerabilities.";

if(description)
{
  script_id(801668);
  script_version("$Revision: 5306 $");
  script_tag(name:"last_modification", value:"$Date: 2017-02-16 10:00:16 +0100 (Thu, 16 Feb 2017) $");
  script_tag(name:"creation_date", value:"2010-12-27 09:55:05 +0100 (Mon, 27 Dec 2010)");
  script_cve_id("CVE-2010-4575", "CVE-2010-4576", "CVE-2010-4577",
                "CVE-2010-4578");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_name("Google Chrome multiple vulnerabilities - Dec 10(Linux)");
  script_xref(name : "URL" , value : "http://code.google.com/p/chromium/issues/detail?id=60761");
  script_xref(name : "URL" , value : "http://code.google.com/p/chromium/issues/detail?id=63529");
  script_xref(name : "URL" , value : "http://code.google.com/p/chromium/issues/detail?id=63866");
  script_xref(name : "URL" , value : "http://code.google.com/p/chromium/issues/detail?id=64959");
  script_xref(name : "URL" , value : "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html");

  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_category(ACT_GATHER_INFO);
  script_family("General");
  script_dependencies("gb_google_chrome_detect_lin.nasl");
  script_require_keys("Google-Chrome/Linux/Ver");
  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name:"qod_type", value:"executable_version");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("version_func.inc");

## Get the version from KB
chromeVer = get_kb_item("Google-Chrome/Linux/Ver");
if(!chromeVer){
  exit(0);
}

## Check for Google Chrome Version less than 8.0.552.224
if(version_is_less(version:chromeVer, test_version:"8.0.552.224")){
  security_message(0);
}

Related

openvas 21
nessus 14
prion 4
debiancve 4
ubuntucve 4
veracode 1
cvelist 4
cve 4
osv 1
debian 2
exploitpack 1
securityvulns 1
seebug 1
packetstorm 1
freebsd 2
exploitdb 1
ubuntu 1
gentoo 1
oraclelinux 1
redhat 1
fedora 2
openvas
openvas
Google Chrome Multiple Vulnerabilities (Dec 2010) - Windows
2010-12-27 00:00:00
Google Chrome multiple vulnerabilities - Dec 10(Windows)
2010-12-27 00:00:00
Google Chrome Multiple Vulnerabilities (Dec 2010) - Linux
2010-12-27 00:00:00
nessus
nessus
Google Chrome < 8.0.552.224 Multiple Vulnerabilities
2010-12-14 00:00:00
Debian DSA-2188-1 : webkit - several vulnerabilities
2011-03-11 00:00:00
FreeBSD : webkit-gtk2 -- Multiple vulnerabilities (06a12e26-142e-11e0-bea2-0015f2db7bde)
2011-01-03 00:00:00
prion
prion
Type confusion
2010-12-22 01:00:00
Code injection
2010-12-22 01:00:00
Design/Logic Flaw
2010-12-22 01:00:00
debiancve
debiancve
CVE-2010-4577
2010-12-22 01:00:00
CVE-2010-4578
2010-12-22 01:00:00
CVE-2010-4575
2010-12-22 01:00:00
ubuntucve
ubuntucve
CVE-2010-4577
2010-12-21 00:00:00
CVE-2010-4575
2010-12-22 00:00:00
CVE-2010-4578
2010-12-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:21
cvelist
cvelist
CVE-2010-4575
2010-12-22 00:00:00
CVE-2010-4577
2010-12-22 00:00:00
CVE-2010-4578
2010-12-22 00:00:00
cve
cve
CVE-2010-4577
2010-12-22 01:00:00
CVE-2010-4575
2010-12-22 01:00:00
CVE-2010-4576
2010-12-22 01:00:00
osv
osv
webkit - several
2011-03-10 00:00:00
debian
debian
[SECURITY] [DSA 2188-1] webkit security update
2011-03-10 12:16:11
[SECURITY] [DSA 2188-1] webkit security update
2011-03-10 13:22:42
exploitpack
exploitpack
Konqueror 4.7.3 - Memory Corruption
2012-11-01 00:00:00
securityvulns
securityvulns
Nth Dimension Security Advisory &#40;NDSA20121010&#41;
2012-11-02 00:00:00
seebug
seebug
Konqueror 4.7.3 Memory Corruption
2014-07-01 00:00:00
packetstorm
packetstorm
Konqueror 4.7.3 Memory Corruption
2012-10-31 00:00:00
freebsd
freebsd
webkit-gtk2 -- Multiple vulnerabilities
2010-12-28 00:00:00
webkit-gtk2 -- Multiple vurnabilities.
2011-02-08 00:00:00
exploitdb
exploitdb
Konqueror 4.7.3 - Memory Corruption
2012-11-01 00:00:00
ubuntu
ubuntu
WebKit vulnerabilities
2011-08-23 00:00:00
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00
oraclelinux
oraclelinux
webkitgtk security update
2011-02-10 00:00:00
redhat
redhat
(RHSA-2011:0177) Moderate: webkitgtk security update
2011-01-25 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: webkitgtk-1.2.6-1.fc13
2011-01-07 20:01:55
[SECURITY] Fedora 13 Update: webkitgtk-1.2.7-1.fc13
2011-02-18 01:51:56

0.013 Low

EPSS

Percentile

84.6%

JSON
Related for OPENVAS:801668
openvas21nessus14prion4debiancve4ubuntucve4veracode1cvelist4cve4osv1debian2exploitpack1securityvulns1seebug1packetstorm1freebsd2exploitdb1ubuntu1gentoo1oraclelinux1redhat1fedora2