APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3
2014-04-03T00:00:00
ID SECURITYVULNS:DOC:30447 Type securityvulns Reporter Securityvulns Modified 2014-04-03T00:00:00
Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3
Safari 6.1.3 and Safari 7.0.3 are now available and address the
following:
WebKit
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2013-2871 : miaubiz
CVE-2013-2926 : cloudfuzzer
CVE-2013-2928 : Google Chrome Security Team
CVE-2013-6625 : cloudfuzzer
CVE-2014-1289 : Apple
CVE-2014-1290 : ant4g0nist (SegFault) working with HP's Zero Day
Initiative, Google Chrome Security Team
CVE-2014-1291 : Google Chrome Security Team
CVE-2014-1292 : Google Chrome Security Team
CVE-2014-1293 : Google Chrome Security Team
CVE-2014-1294 : Google Chrome Security Team
CVE-2014-1298 : Google Chrome Security Team
CVE-2014-1299 : Google Chrome Security Team, Apple, Renata Hodovan of
University of Szeged / Samsung Electronics
CVE-2014-1300 : Ian Beer of Google Project Zero working with HP's
Zero Day Initiative
CVE-2014-1301 : Google Chrome Security Team
CVE-2014-1302 : Google Chrome Security Team, Apple
CVE-2014-1303 : KeenTeam working with HP's Zero Day Initiative
CVE-2014-1304 : Apple
CVE-2014-1305 : Apple
CVE-2014-1307 : Google Chrome Security Team
CVE-2014-1308 : Google Chrome Security Team
CVE-2014-1309 : cloudfuzzer
CVE-2014-1310 : Google Chrome Security Team
CVE-2014-1311 : Google Chrome Security Team
CVE-2014-1312 : Google Chrome Security Team
CVE-2014-1313 : Google Chrome Security Team
CVE-2014-1713 : VUPEN working with HP's Zero Day Initiative
WebKit
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2
Impact: An attacker running arbitary code in the WebProcess may be
able to read arbitrary files despite sandbox restrictions
Description: A logic issue existed in the handling of IPC messages
from the WebProcess. This issue was addressed through additional
validation of IPC messages.
CVE-ID
CVE-2014-1297 : Ian Beer of Google Project Zero
For OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.3
and Safari 6.1.3 may be obtained from Mac App Store.
For OS X Lion systems Safari 6.1.3 is available via the Apple
Software Update application.
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
{"id": "SECURITYVULNS:DOC:30447", "bulletinFamily": "software", "title": "APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3\r\n\r\nSafari 6.1.3 and Safari 7.0.3 are now available and address the\r\nfollowing:\r\n\r\nWebKit\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2013-2871 : miaubiz\r\nCVE-2013-2926 : cloudfuzzer\r\nCVE-2013-2928 : Google Chrome Security Team\r\nCVE-2013-6625 : cloudfuzzer\r\nCVE-2014-1289 : Apple\r\nCVE-2014-1290 : ant4g0nist (SegFault) working with HP's Zero Day\r\nInitiative, Google Chrome Security Team\r\nCVE-2014-1291 : Google Chrome Security Team\r\nCVE-2014-1292 : Google Chrome Security Team\r\nCVE-2014-1293 : Google Chrome Security Team\r\nCVE-2014-1294 : Google Chrome Security Team\r\nCVE-2014-1298 : Google Chrome Security Team\r\nCVE-2014-1299 : Google Chrome Security Team, Apple, Renata Hodovan of\r\nUniversity of Szeged / Samsung Electronics\r\nCVE-2014-1300 : Ian Beer of Google Project Zero working with HP's\r\nZero Day Initiative\r\nCVE-2014-1301 : Google Chrome Security Team\r\nCVE-2014-1302 : Google Chrome Security Team, Apple\r\nCVE-2014-1303 : KeenTeam working with HP's Zero Day Initiative\r\nCVE-2014-1304 : Apple\r\nCVE-2014-1305 : Apple\r\nCVE-2014-1307 : Google Chrome Security Team\r\nCVE-2014-1308 : Google Chrome Security Team\r\nCVE-2014-1309 : cloudfuzzer\r\nCVE-2014-1310 : Google Chrome Security Team\r\nCVE-2014-1311 : Google Chrome Security Team\r\nCVE-2014-1312 : Google Chrome Security Team\r\nCVE-2014-1313 : Google Chrome Security Team\r\nCVE-2014-1713 : VUPEN working with HP's Zero Day Initiative\r\n\r\nWebKit\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2\r\nImpact: An attacker running arbitary code in the WebProcess may be\r\nable to read arbitrary files despite sandbox restrictions\r\nDescription: A logic issue existed in the handling of IPC messages\r\nfrom the WebProcess. This issue was addressed through additional\r\nvalidation of IPC messages.\r\nCVE-ID\r\nCVE-2014-1297 : Ian Beer of Google Project Zero\r\n\r\nFor OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.3\r\nand Safari 6.1.3 may be obtained from Mac App Store.\r\n\r\nFor OS X Lion systems Safari 6.1.3 is available via the Apple\r\nSoftware Update application.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJTOwlLAAoJEPefwLHPlZEwmPYP/AoGVbrVVEQfbWZ/OMER6jCR\r\nbDN4ykWdExJFRKr972tsirke9mLrDX1Flqg3jYpqrna6lWsZxk1wA/IXy4TRG97O\r\nmpA75r7853lCJ482h5XImTdv6wWqMfTTNR1YzsK+TCLZA3sDlByQ4yshwGWhOf1Q\r\nnY+hPpaC05PEmPeNKMWw6PA9IgA9e84uy0b/3+c2acOUZ9aAYEXmydPySY+5uYLa\r\necXjvee83LVTu8Pq2/C9yCJ1kI1EMix6Q3CTb2Cv/Dtgu1q7rZMG7qKieFpMKO2J\r\nxM7RYm1qPNlZ4hf+ZPX+D4+k6g2sZMqYdocdG1qXubk8m314CinHajdsZH9jXDHO\r\n01gnYeMRp2IUBJlClQ7mPyIveJqJV9XpzvMTciuTVEuhzWhMaazzly8dp+8NCu4Q\r\nQShPJKqAq16ACJqqOarwo8xaSumZ3UcKhVrD0Gxo1/dhzO1Hy52yo7WrWLaOVH89\r\nbXPeVMfYIF0V9xysbixNmBIEro0mYDuor/XlXBFicZAjmyGEVE04K4UjenMeDoYO\r\n/1A2zaVyM9MD50y+X/rFErtz2cj7uNcZ1XSNqPdGameoti5WvvoRbKs/D/H7E8bX\r\np8JDoVJoy46fOBfwNv6eaQYTGYzgtdoEtmTKL3zDauQC1bxI1Jwtma07S97D2SyJ\r\nurMcI/V2h8JnGD4sS/7L\r\n=kHuK\r\n-----END PGP SIGNATURE-----\r\n", "published": "2014-04-03T00:00:00", "modified": "2014-04-03T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30447", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2014-1289", "CVE-2014-1307", "CVE-2014-1309", "CVE-2013-2926", "CVE-2014-1292", "CVE-2014-1291", "CVE-2014-1312", "CVE-2014-1308", "CVE-2014-1301", "CVE-2013-6625", "CVE-2014-1303", "CVE-2014-1290", "CVE-2014-1304", "CVE-2014-1297", "CVE-2014-1713", "CVE-2014-1293", "CVE-2013-2871", "CVE-2014-1298", "CVE-2014-1313", "CVE-2014-1305", "CVE-2014-1310", "CVE-2014-1300", "CVE-2014-1302", "CVE-2013-2928", "CVE-2014-1299", "CVE-2014-1294", "CVE-2014-1311"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:51", "edition": 1, "viewCount": 39, "enchantments": {"score": {"value": 8.2, "vector": "NONE"}, "dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2014-1805"]}, {"type": "chrome", "idList": ["GCSA-2777914917235191645", "GCSA-3186712133715673291", "GCSA-8158427747359227402", "GCSA-8807464022709606075", "GCSA-9087558573162189081"]}, {"type": "cve", "idList": ["CVE-2013-2871", "CVE-2013-2926", "CVE-2013-2928", "CVE-2013-6625", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294", "CVE-2014-1297", "CVE-2014-1298", "CVE-2014-1299", "CVE-2014-1300", "CVE-2014-1301", "CVE-2014-1302", "CVE-2014-1303", "CVE-2014-1304", "CVE-2014-1305", "CVE-2014-1307", "CVE-2014-1308", "CVE-2014-1309", "CVE-2014-1310", "CVE-2014-1311", "CVE-2014-1312", "CVE-2014-1313", "CVE-2014-1713"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2724-1:449B6", "DEBIAN:DSA-2724-1:B3090", "DEBIAN:DSA-2785-1:AD67D", "DEBIAN:DSA-2785-1:CB557", "DEBIAN:DSA-2797-1:35E2D", "DEBIAN:DSA-2797-1:8262C", "DEBIAN:DSA-2883-1:8DB61", "DEBIAN:DSA-2883-1:B52C6"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-2871", "DEBIANCVE:CVE-2013-2926", "DEBIANCVE:CVE-2013-2928", "DEBIANCVE:CVE-2013-6625", "DEBIANCVE:CVE-2014-1713"]}, {"type": "exploitdb", "idList": ["EDB-ID:44204"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:9A1268F6DFD7962BE72054FD70F5DE95"]}, {"type": "freebsd", "idList": ["3B80104F-E96C-11E2-8BAC-00262D5ED8EE", "3BFC7016-4BCC-11E3-B0CF-00262D5ED8EE", "710CD5D5-35CB-11E3-85F9-00262D5ED8EE", "A70966A1-AC22-11E3-8D04-00262D5ED8EE"]}, {"type": "gentoo", "idList": ["GLSA-201309-16", "GLSA-201403-01", "GLSA-201408-16"]}, {"type": "nessus", "idList": ["6920.PASL", "801411.PRM", "801610.PRM", "801611.PRM", "8047.PASL", "8059.PASL", "8155.PRM", "8161.PRM", "8162.PASL", "8163.PASL", "8164.PASL", "8201.PRM", "8202.PRM", "8209.PRM", "8250.PRM", "8274.PRM", "8275.PRM", "8561.PRM", "APPLETV_6_1.NASL", "APPLE_IOS_711_CHECK.NBIN", "APPLE_IOS_71_CHECK.NBIN", "DEBIAN_DSA-2724.NASL", "DEBIAN_DSA-2785.NASL", "DEBIAN_DSA-2799.NASL", "DEBIAN_DSA-2883.NASL", "FREEBSD_PKG_3B80104FE96C11E28BAC00262D5ED8EE.NASL", "FREEBSD_PKG_3BFC70164BCC11E3B0CF00262D5ED8EE.NASL", "FREEBSD_PKG_710CD5D535CB11E385F900262D5ED8EE.NASL", "FREEBSD_PKG_A70966A1AC2211E38D0400262D5ED8EE.NASL", "GENTOO_GLSA-201309-16.NASL", "GENTOO_GLSA-201403-01.NASL", "GENTOO_GLSA-201408-16.NASL", "GOOGLE_CHROME_28_0_1500_71.NASL", "GOOGLE_CHROME_30_0_1599_101.NASL", "GOOGLE_CHROME_31_0_1650_48.NASL", "GOOGLE_CHROME_33_0_1750_154.NASL", "ITUNES_12_0_1.NASL", "ITUNES_12_0_1_BANNER.NASL", "MACOSX_GOOGLE_CHROME_30_0_1599_101.NASL", "MACOSX_GOOGLE_CHROME_31_0_1650_48.NASL", "MACOSX_GOOGLE_CHROME_33_0_1750_152.NASL", "MACOSX_SAFARI7_0_3.NASL", "OPENSUSE-2013-876.NASL", "OPENSUSE-2013-903.NASL", "OPENSUSE-2013-904.NASL", "OPENSUSE-2013-961.NASL", "OPENSUSE-2014-280.NASL", "OPENSUSE-2014-37.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121030", "OPENVAS:1361412562310121161", "OPENVAS:1361412562310121260", "OPENVAS:1361412562310702883", "OPENVAS:1361412562310803902", "OPENVAS:1361412562310803903", "OPENVAS:1361412562310803963", "OPENVAS:1361412562310803964", "OPENVAS:1361412562310803965", "OPENVAS:1361412562310804114", "OPENVAS:1361412562310804115", "OPENVAS:1361412562310804116", "OPENVAS:1361412562310804342", "OPENVAS:1361412562310804343", "OPENVAS:1361412562310804344", "OPENVAS:1361412562310804533", "OPENVAS:1361412562310804534", "OPENVAS:1361412562310850555", "OPENVAS:1361412562310850556", "OPENVAS:1361412562310850558", "OPENVAS:1361412562310850581", "OPENVAS:1361412562310892724", "OPENVAS:1361412562310892794", "OPENVAS:1361412562310892799", "OPENVAS:702883", "OPENVAS:803902", "OPENVAS:803903", "OPENVAS:850555", "OPENVAS:850556", "OPENVAS:850558", "OPENVAS:850581", "OPENVAS:892724", "OPENVAS:892794", "OPENVAS:892799"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29625", "SECURITYVULNS:DOC:30037", "SECURITYVULNS:DOC:30357", "SECURITYVULNS:DOC:30358", "SECURITYVULNS:DOC:30384", "SECURITYVULNS:DOC:30551", "SECURITYVULNS:DOC:30552", "SECURITYVULNS:DOC:31304", "SECURITYVULNS:DOC:31686", "SECURITYVULNS:VULN:13200", "SECURITYVULNS:VULN:13432", "SECURITYVULNS:VULN:13600", "SECURITYVULNS:VULN:13629", "SECURITYVULNS:VULN:13662", "SECURITYVULNS:VULN:13712", "SECURITYVULNS:VULN:13713", "SECURITYVULNS:VULN:14051"]}, {"type": "seebug", "idList": ["SSV:61824", "SSV:61968", "SSV:61971", "SSV:62066", "SSV:62067", "SSV:62068", "SSV:62069", "SSV:62070", "SSV:62071", "SSV:62072"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:1776-1", "OPENSUSE-SU-2013:1777-1", "OPENSUSE-SU-2013:1861-1", "OPENSUSE-SU-2014:0501-1"]}, {"type": "thn", "idList": ["THN:3F01BC262915EB887CAFBB69ACCFC949"]}, {"type": "threatpost", "idList": ["THREATPOST:27EDDBFADF1C970B7222BA96914FCAB1", "THREATPOST:9112314CCA7B09CAA90508BAE6F3D9D3", "THREATPOST:92620F5AFF6D439FD7555958C7778604", "THREATPOST:ABEA11AE947E374781FDDE1B4D657A2A", "THREATPOST:CA8A2340AE4B0CBCCC34EC71B4D95E8C"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-2871", "UB:CVE-2013-2926", "UB:CVE-2013-2928", "UB:CVE-2013-6625", "UB:CVE-2014-1297", "UB:CVE-2014-1298", "UB:CVE-2014-1299", "UB:CVE-2014-1301", "UB:CVE-2014-1302", "UB:CVE-2014-1304", "UB:CVE-2014-1305", "UB:CVE-2014-1307", "UB:CVE-2014-1308", "UB:CVE-2014-1309", "UB:CVE-2014-1310", "UB:CVE-2014-1311", "UB:CVE-2014-1312", "UB:CVE-2014-1313", "UB:CVE-2014-1713"]}, {"type": "zdi", "idList": ["ZDI-14-057", "ZDI-14-086", "ZDI-14-090", "ZDI-14-091"]}, {"type": "zdt", "idList": ["1337DAY-ID-29912"]}], "rev": 4}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2014-1805"]}, {"type": "chrome", "idList": ["GCSA-2777914917235191645", "GCSA-8807464022709606075"]}, {"type": "cve", "idList": ["CVE-2013-2871", "CVE-2013-2926", "CVE-2013-2928", "CVE-2013-6625", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294", "CVE-2014-1297", "CVE-2014-1298", "CVE-2014-1299", "CVE-2014-1300", "CVE-2014-1301", "CVE-2014-1302", "CVE-2014-1303", "CVE-2014-1304", "CVE-2014-1305", "CVE-2014-1307", "CVE-2014-1308", "CVE-2014-1309", "CVE-2014-1310", "CVE-2014-1311", "CVE-2014-1312", "CVE-2014-1313"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2883-1:8DB61"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-6625"]}, {"type": "exploitdb", "idList": ["EDB-ID:44204"]}, {"type": "freebsd", "idList": ["3B80104F-E96C-11E2-8BAC-00262D5ED8EE", "3BFC7016-4BCC-11E3-B0CF-00262D5ED8EE", "710CD5D5-35CB-11E3-85F9-00262D5ED8EE"]}, {"type": "gentoo", "idList": ["GLSA-201309-16"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-201403-01.NASL", "GOOGLE_CHROME_28_0_1500_71.NASL", "OPENSUSE-2013-903.NASL", "OPENSUSE-2014-280.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310804534", "OPENVAS:1361412562310850555", "OPENVAS:850558"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31686"]}, {"type": "seebug", "idList": ["SSV:62066", "SSV:62067", "SSV:62068", "SSV:62069", "SSV:62070", "SSV:62071", "SSV:62072"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:1777-1"]}, {"type": "threatpost", "idList": ["THREATPOST:ABEA11AE947E374781FDDE1B4D657A2A"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-1297", "UB:CVE-2014-1298", "UB:CVE-2014-1299", "UB:CVE-2014-1301", "UB:CVE-2014-1302", "UB:CVE-2014-1304", "UB:CVE-2014-1305", "UB:CVE-2014-1307", "UB:CVE-2014-1308", "UB:CVE-2014-1309", "UB:CVE-2014-1310", "UB:CVE-2014-1311", "UB:CVE-2014-1312", "UB:CVE-2014-1313"]}, {"type": "zdi", "idList": ["ZDI-14-057", "ZDI-14-090", "ZDI-14-091"]}]}, "exploitation": null, "vulnersScore": 8.2}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}
{"nessus": [{"lastseen": "2021-08-19T12:50:28", "description": "The remote host has Safari installed that is older than 6.1.3 or 7.0.3, and is thus unpatched for the following WebKit vulnerabilities :\n\n - Unspecified errors exist that could allow memory corruption, application crashes and possibly arbitrary code execution. (CVE-2013-2871, CVE-2013-2926, CVE-2013-2928, CVE-2013-6625, CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, CVE-2014-1294, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1301, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1713)\n - An error exists related to IPC messages and 'WebProcess' that could allow an attacker to read arbitrary files. (CVE-2014-1297)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2014-04-10T00:00:00", "type": "nessus", "title": "Safari < 6.1.3 / 7.0.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1713", "CVE-2014-1303", "CVE-2014-1305", "CVE-2014-1307", "CVE-2013-2871", "CVE-2013-2928", "CVE-2014-1298", "CVE-2014-1312", "CVE-2014-1313", "CVE-2014-1299", "CVE-2014-1311", "CVE-2014-1304", "CVE-2013-2926", "CVE-2014-1297", "CVE-2014-1302", "CVE-2013-6625", "CVE-2014-1308", "CVE-2014-1300", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294", "CVE-2014-1301", "CVE-2014-1309", "CVE-2014-1310"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "8209.PRM", "href": "https://www.tenable.com/plugins/nnm/8209", "sourceData": "Binary data 8209.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T14:40:55", "description": "The version of Apple Safari installed on the remote Mac OS X host is a version prior to 6.1.3 or 7.0.3. It is, therefore, potentially affected by the following vulnerabilities related to the included WebKit components :\n\n - Unspecified errors exist that could allow memory corruption, application crashes and possibly arbitrary code execution. (CVE-2013-2871, CVE-2013-2926, CVE-2013-2928, CVE-2013-6625, CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, CVE-2014-1294, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1301, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1713)\n\n - An error exists related to IPC messages and 'WebProcess' that could allow an attacker to read arbitrary files.\n (CVE-2014-1297)", "cvss3": {"score": null, "vector": null}, "published": "2014-04-02T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 6.1.3 / 7.0.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2871", "CVE-2013-2926", "CVE-2013-2928", "CVE-2013-6625", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294", "CVE-2014-1297", "CVE-2014-1298", "CVE-2014-1299", "CVE-2014-1300", "CVE-2014-1301", "CVE-2014-1302", "CVE-2014-1303", "CVE-2014-1304", "CVE-2014-1305", "CVE-2014-1307", "CVE-2014-1308", "CVE-2014-1309", "CVE-2014-1310", "CVE-2014-1311", "CVE-2014-1312", "CVE-2014-1313", "CVE-2014-1713"], "modified": "2019-11-26T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI7_0_3.NASL", "href": "https://www.tenable.com/plugins/nessus/73304", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73304);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\n \"CVE-2013-2871\",\n \"CVE-2013-2926\",\n \"CVE-2013-2928\",\n \"CVE-2013-6625\",\n \"CVE-2014-1289\",\n \"CVE-2014-1290\",\n \"CVE-2014-1291\",\n \"CVE-2014-1292\",\n \"CVE-2014-1293\",\n \"CVE-2014-1294\",\n \"CVE-2014-1297\",\n \"CVE-2014-1298\",\n \"CVE-2014-1299\",\n \"CVE-2014-1300\",\n \"CVE-2014-1301\",\n \"CVE-2014-1302\",\n \"CVE-2014-1303\",\n \"CVE-2014-1304\",\n \"CVE-2014-1305\",\n \"CVE-2014-1307\",\n \"CVE-2014-1308\",\n \"CVE-2014-1309\",\n \"CVE-2014-1310\",\n \"CVE-2014-1311\",\n \"CVE-2014-1312\",\n \"CVE-2014-1313\",\n \"CVE-2014-1713\"\n );\n script_bugtraq_id(\n 61054,\n 63024,\n 63028,\n 63672,\n 66088,\n 66242,\n 66243,\n 66572,\n 66573,\n 66574,\n 66575,\n 66576,\n 66577,\n 66578,\n 66579,\n 66580,\n 66581,\n 66583,\n 66584,\n 66585,\n 66586,\n 66587\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2014-04-01-1\");\n\n script_name(english:\"Mac OS X : Apple Safari < 6.1.3 / 7.0.3 Multiple Vulnerabilities\");\n script_summary(english:\"Check the Safari SourceVersion\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\na version prior to 6.1.3 or 7.0.3. It is, therefore, potentially\naffected by the following vulnerabilities related to the included\nWebKit components :\n\n - Unspecified errors exist that could allow memory\n corruption, application crashes and possibly arbitrary\n code execution. (CVE-2013-2871, CVE-2013-2926,\n CVE-2013-2928, CVE-2013-6625, CVE-2014-1289,\n CVE-2014-1290, CVE-2014-1291, CVE-2014-1292,\n CVE-2014-1293, CVE-2014-1294, CVE-2014-1298,\n CVE-2014-1299, CVE-2014-1300, CVE-2014-1301,\n CVE-2014-1302, CVE-2014-1303, CVE-2014-1304,\n CVE-2014-1305, CVE-2014-1307, CVE-2014-1308,\n CVE-2014-1309, CVE-2014-1310, CVE-2014-1311,\n CVE-2014-1312, CVE-2014-1313, CVE-2014-1713)\n\n - An error exists related to IPC messages and 'WebProcess'\n that could allow an attacker to read arbitrary files.\n (CVE-2014-1297)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-14-057/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT6181\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/531708/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari 6.1.3 / 7.0.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-1303\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.[7-9]([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.7 / 10.8 / 10.9\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nif (\"10.7\" >< os || \"10.8\" >< os) fixed_version = \"6.1.3\";\nelse fixed_version = \"7.0.3\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-16T14:02:15", "description": "The mobile device is running a version of iOS that is prior to version 7.1.1. It is, therefore, affected by vulnerabilities in the following components :\n\n - CFNetwork HTTPProtocol\n - IOKit Kernel\n - Secure Transport\n - WebKit", "cvss3": {"score": null, "vector": null}, "published": "2014-03-22T00:00:00", "type": "nessus", "title": "Apple iOS < 7.1.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2871", "CVE-2014-1295", "CVE-2014-1296", "CVE-2014-1298", "CVE-2014-1299", "CVE-2014-1300", "CVE-2014-1302", "CVE-2014-1303", "CVE-2014-1304", "CVE-2014-1305", "CVE-2014-1307", "CVE-2014-1308", "CVE-2014-1309", "CVE-2014-1310", "CVE-2014-1311", "CVE-2014-1312", "CVE-2014-1313", "CVE-2014-1320", "CVE-2014-1713"], "modified": "2022-02-14T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_711_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/73647", "sourceData": "Binary data apple_ios_711_check.nbin", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-16T14:03:41", "description": "The following have since been patched in version 6.1.1:\n\n - Set-Cookie HTTP headers are processed even if the connection closed before the header was complete. An attacker could leverage this to strip security settings and obtain the HTTP cookie. (CVE-2014-1296)\n - Information disclosure due to the IOKit object storing kernel pointers, which could be used by a local attacker to defeat kernel address space layout randomization. (CVE-2014-1320)\n - A 'triple handshake' vulnerability could be leveraged by an attacker on the local network to perform a man-in-the-middle attack. (CVE-2014-1295)\n - Multiple memory corruption issues in the underlying WebKit library. (CVE-2013-2871, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1713)", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2014-05-29T00:00:00", "type": "nessus", "title": "Apple TV < 6.1.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2871", "CVE-2014-1295", "CVE-2014-1296", "CVE-2014-1298", "CVE-2014-1299", "CVE-2014-1300", "CVE-2014-1302", "CVE-2014-1303", "CVE-2014-1304", "CVE-2014-1305", "CVE-2014-1307", "CVE-2014-1308", "CVE-2014-1309", "CVE-2014-1310", "CVE-2014-1311", "CVE-2014-1312", "CVE-2014-1313", "CVE-2014-1320", "CVE-2014-1713"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:apple_tv:*:*:*:*:*:*:*:*"], "id": "8274.PRM", "href": "https://www.tenable.com/plugins/nnm/8274", "sourceData": "Binary data 8274.prm", "cvss": {"score": 4.6, "vector": "CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:16", "description": "According to its banner, the remote Apple iOS device is missing a security update. Versions of Apple iOS 7.x prior to 7.1.1 are exposed to the following vulnerabilities :\n\n - Information disclosure of user cookies in CFNetwork HTTPProtocol\n\n - Information disclosure of kernel pointers in IOKit Kernel\n\n - Potential man-in-the-middle attack via Secure Transport\n\n - Memory corruptions in Webkit", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2014-05-29T00:00:00", "type": "nessus", "title": "Apple iOS 7.x < 7.1.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1713", "CVE-2014-1303", "CVE-2014-1295", "CVE-2014-1305", "CVE-2014-1307", "CVE-2013-2871", "CVE-2014-1298", "CVE-2014-1312", "CVE-2014-1313", "CVE-2014-1299", "CVE-2014-1311", "CVE-2014-1304", "CVE-2014-1302", "CVE-2014-1308", "CVE-2014-1296", "CVE-2014-1300", "CVE-2014-1309", "CVE-2014-1310", "CVE-2014-1320"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "8275.PRM", "href": "https://www.tenable.com/plugins/nnm/8275", "sourceData": "Binary data 8275.prm", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-04-16T14:11:15", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.0.1. It is, therefore, affected by multiple vulnerabilities due to the included version of WebKit. The errors could lead to application crashes or arbitrary code execution.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-21T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.0.1 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2871", "CVE-2013-2875", "CVE-2013-2909", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928", "CVE-2013-5195", "CVE-2013-5196", "CVE-2013-5197", "CVE-2013-5198", "CVE-2013-5199", "CVE-2013-5225", "CVE-2013-5228", "CVE-2013-6625", "CVE-2013-6635", "CVE-2013-6663", "CVE-2014-1268", "CVE-2014-1269", "CVE-2014-1270", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294", "CVE-2014-1298", "CVE-2014-1299", "CVE-2014-1300", "CVE-2014-1301", "CVE-2014-1302", "CVE-2014-1303", "CVE-2014-1304", "CVE-2014-1305", "CVE-2014-1307", "CVE-2014-1308", "CVE-2014-1309", "CVE-2014-1310", "CVE-2014-1311", "CVE-2014-1312", "CVE-2014-1313", "CVE-2014-1323", "CVE-2014-1324", "CVE-2014-1325", "CVE-2014-1326", "CVE-2014-1327", "CVE-2014-1329", "CVE-2014-1330", "CVE-2014-1331", "CVE-2014-1333", "CVE-2014-1334", "CVE-2014-1335", "CVE-2014-1336", "CVE-2014-1337", "CVE-2014-1338", "CVE-2014-1339", "CVE-2014-1340", "CVE-2014-1341", "CVE-2014-1342", "CVE-2014-1343", "CVE-2014-1344", "CVE-2014-1362", "CVE-2014-1363", "CVE-2014-1364", "CVE-2014-1365", "CVE-2014-1366", "CVE-2014-1367", "CVE-2014-1368", "CVE-2014-1382", "CVE-2014-1384", "CVE-2014-1385", "CVE-2014-1386", "CVE-2014-1387", "CVE-2014-1388", "CVE-2014-1389", "CVE-2014-1390", "CVE-2014-1713", "CVE-2014-1731", "CVE-2014-4410", "CVE-2014-4411", "CVE-2014-4412", "CVE-2014-4413", "CVE-2014-4414", "CVE-2014-4415"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*"], "id": "ITUNES_12_0_1.NASL", "href": "https://www.tenable.com/plugins/nessus/78597", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78597);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/15 20:50:27\");\n\n script_cve_id(\n \"CVE-2013-2871\",\n \"CVE-2013-2875\",\n \"CVE-2013-2909\",\n \"CVE-2013-2926\",\n \"CVE-2013-2927\",\n \"CVE-2013-2928\",\n \"CVE-2013-5195\",\n \"CVE-2013-5196\",\n \"CVE-2013-5197\",\n \"CVE-2013-5198\",\n \"CVE-2013-5199\",\n \"CVE-2013-5225\",\n \"CVE-2013-5228\",\n \"CVE-2013-6625\",\n \"CVE-2013-6635\",\n \"CVE-2013-6663\",\n \"CVE-2014-1268\",\n \"CVE-2014-1269\",\n \"CVE-2014-1270\",\n \"CVE-2014-1289\",\n \"CVE-2014-1290\",\n \"CVE-2014-1291\",\n \"CVE-2014-1292\",\n \"CVE-2014-1293\",\n \"CVE-2014-1294\",\n \"CVE-2014-1298\",\n \"CVE-2014-1299\",\n \"CVE-2014-1300\",\n \"CVE-2014-1301\",\n \"CVE-2014-1302\",\n \"CVE-2014-1303\",\n \"CVE-2014-1304\",\n \"CVE-2014-1305\",\n \"CVE-2014-1307\",\n \"CVE-2014-1308\",\n \"CVE-2014-1309\",\n \"CVE-2014-1310\",\n \"CVE-2014-1311\",\n \"CVE-2014-1312\",\n \"CVE-2014-1313\",\n \"CVE-2014-1323\",\n \"CVE-2014-1324\",\n \"CVE-2014-1325\",\n \"CVE-2014-1326\",\n \"CVE-2014-1327\",\n \"CVE-2014-1329\",\n \"CVE-2014-1330\",\n \"CVE-2014-1331\",\n \"CVE-2014-1333\",\n \"CVE-2014-1334\",\n \"CVE-2014-1335\",\n \"CVE-2014-1336\",\n \"CVE-2014-1337\",\n \"CVE-2014-1338\",\n \"CVE-2014-1339\",\n \"CVE-2014-1340\",\n \"CVE-2014-1341\",\n \"CVE-2014-1342\",\n \"CVE-2014-1343\",\n \"CVE-2014-1344\",\n \"CVE-2014-1362\",\n \"CVE-2014-1363\",\n \"CVE-2014-1364\",\n \"CVE-2014-1365\",\n \"CVE-2014-1366\",\n \"CVE-2014-1367\",\n \"CVE-2014-1368\",\n \"CVE-2014-1382\",\n \"CVE-2014-1384\",\n \"CVE-2014-1385\",\n \"CVE-2014-1386\",\n \"CVE-2014-1387\",\n \"CVE-2014-1388\",\n \"CVE-2014-1389\",\n \"CVE-2014-1390\",\n \"CVE-2014-1713\",\n \"CVE-2014-1731\",\n \"CVE-2014-4410\",\n \"CVE-2014-4411\",\n \"CVE-2014-4412\",\n \"CVE-2014-4413\",\n \"CVE-2014-4414\",\n \"CVE-2014-4415\"\n );\n script_bugtraq_id(\n 64361,\n 67553,\n 67572\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2014-10-16-6\");\n\n script_name(english:\"Apple iTunes < 12.0.1 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.0.1. It is, therefore, affected by multiple\nvulnerabilities due to the included version of WebKit. The errors\ncould lead to application crashes or arbitrary code execution.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT203115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/533723/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 12.0.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_id = 'iTunes Version';\ninstall = get_single_install(app_name:app_id, exit_if_unknown_ver:TRUE);\n\nversion = install[\"version\"];\npath = install[\"path\"];\n\nfixed_version = \"12.0.1.26\";\nif (ver_compare(ver:version, fix:fixed_version) < 0)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"iTunes\", version, path);\n", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T14:25:05", "description": "The version of Apple iTunes on the remote host is prior to version 12.0.1. It is, therefore, affected by multiple vulnerabilities related to the included version of WebKit. The errors could lead to application crashes or arbitrary code execution.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-21T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.0.1 Multiple Vulnerabilities (uncredentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2871", "CVE-2013-2875", "CVE-2013-2909", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928", "CVE-2013-5195", "CVE-2013-5196", "CVE-2013-5197", "CVE-2013-5198", "CVE-2013-5199", "CVE-2013-5225", "CVE-2013-5228", "CVE-2013-6625", "CVE-2013-6635", "CVE-2013-6663", "CVE-2014-1268", "CVE-2014-1269", "CVE-2014-1270", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294", "CVE-2014-1298", "CVE-2014-1299", "CVE-2014-1300", "CVE-2014-1301", "CVE-2014-1302", "CVE-2014-1303", "CVE-2014-1304", "CVE-2014-1305", "CVE-2014-1307", "CVE-2014-1308", "CVE-2014-1309", "CVE-2014-1310", "CVE-2014-1311", "CVE-2014-1312", "CVE-2014-1313", "CVE-2014-1323", "CVE-2014-1324", "CVE-2014-1325", "CVE-2014-1326", "CVE-2014-1327", "CVE-2014-1329", "CVE-2014-1330", "CVE-2014-1331", "CVE-2014-1333", "CVE-2014-1334", "CVE-2014-1335", "CVE-2014-1336", "CVE-2014-1337", "CVE-2014-1338", "CVE-2014-1339", "CVE-2014-1340", "CVE-2014-1341", "CVE-2014-1342", "CVE-2014-1343", "CVE-2014-1344", "CVE-2014-1362", "CVE-2014-1363", "CVE-2014-1364", "CVE-2014-1365", "CVE-2014-1366", "CVE-2014-1367", "CVE-2014-1368", "CVE-2014-1382", "CVE-2014-1384", "CVE-2014-1385", "CVE-2014-1386", "CVE-2014-1387", "CVE-2014-1388", "CVE-2014-1389", "CVE-2014-1390", "CVE-2014-1713", "CVE-2014-1731", "CVE-2014-4410", "CVE-2014-4411", "CVE-2014-4412", "CVE-2014-4413", "CVE-2014-4414", "CVE-2014-4415"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_0_1_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/78598", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78598);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\n \"CVE-2013-2871\",\n \"CVE-2013-2875\",\n \"CVE-2013-2909\",\n \"CVE-2013-2926\",\n \"CVE-2013-2927\",\n \"CVE-2013-2928\",\n \"CVE-2013-5195\",\n \"CVE-2013-5196\",\n \"CVE-2013-5197\",\n \"CVE-2013-5198\",\n \"CVE-2013-5199\",\n \"CVE-2013-5225\",\n \"CVE-2013-5228\",\n \"CVE-2013-6625\",\n \"CVE-2013-6635\",\n \"CVE-2013-6663\",\n \"CVE-2014-1268\",\n \"CVE-2014-1269\",\n \"CVE-2014-1270\",\n \"CVE-2014-1289\",\n \"CVE-2014-1290\",\n \"CVE-2014-1291\",\n \"CVE-2014-1292\",\n \"CVE-2014-1293\",\n \"CVE-2014-1294\",\n \"CVE-2014-1298\",\n \"CVE-2014-1299\",\n \"CVE-2014-1300\",\n \"CVE-2014-1301\",\n \"CVE-2014-1302\",\n \"CVE-2014-1303\",\n \"CVE-2014-1304\",\n \"CVE-2014-1305\",\n \"CVE-2014-1307\",\n \"CVE-2014-1308\",\n \"CVE-2014-1309\",\n \"CVE-2014-1310\",\n \"CVE-2014-1311\",\n \"CVE-2014-1312\",\n \"CVE-2014-1313\",\n \"CVE-2014-1323\",\n \"CVE-2014-1324\",\n \"CVE-2014-1325\",\n \"CVE-2014-1326\",\n \"CVE-2014-1327\",\n \"CVE-2014-1329\",\n \"CVE-2014-1330\",\n \"CVE-2014-1331\",\n \"CVE-2014-1333\",\n \"CVE-2014-1334\",\n \"CVE-2014-1335\",\n \"CVE-2014-1336\",\n \"CVE-2014-1337\",\n \"CVE-2014-1338\",\n \"CVE-2014-1339\",\n \"CVE-2014-1340\",\n \"CVE-2014-1341\",\n \"CVE-2014-1342\",\n \"CVE-2014-1343\",\n \"CVE-2014-1344\",\n \"CVE-2014-1362\",\n \"CVE-2014-1363\",\n \"CVE-2014-1364\",\n \"CVE-2014-1365\",\n \"CVE-2014-1366\",\n \"CVE-2014-1367\",\n \"CVE-2014-1368\",\n \"CVE-2014-1382\",\n \"CVE-2014-1384\",\n \"CVE-2014-1385\",\n \"CVE-2014-1386\",\n \"CVE-2014-1387\",\n \"CVE-2014-1388\",\n \"CVE-2014-1389\",\n \"CVE-2014-1390\",\n \"CVE-2014-1713\",\n \"CVE-2014-1731\",\n \"CVE-2014-4410\",\n \"CVE-2014-4411\",\n \"CVE-2014-4412\",\n \"CVE-2014-4413\",\n \"CVE-2014-4414\",\n \"CVE-2014-4415\"\n );\n script_bugtraq_id(\n 64361,\n 67553,\n 67572\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2014-10-16-6\");\n\n script_name(english:\"Apple iTunes < 12.0.1 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes on the remote host is prior to version\n12.0.1. It is, therefore, affected by multiple vulnerabilities related\nto the included version of WebKit. The errors could lead to\napplication crashes or arbitrary code execution.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT203115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/533723/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 12.0.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type != 'Windows') audit(AUDIT_OS_NOT, \"Windows\");\n\nfixed_version = \"12.0.1.26\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:48:03", "description": "Versions of iTunes earlier than 12.0.1 are missing updates that patch memory corruption vulnerabilities within WebKit, as well as a patch that fixes a man-in-the-middle vulnerability that affects encrypted connections to the iTunes Store via iTunes. The most severe of these vulnerabilites can result in arbitrary remote code execution or unexpected application termination.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2014-10-20T00:00:00", "type": "nessus", "title": "iTunes < 12.0.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1344", "CVE-2014-1384", "CVE-2014-1385", "CVE-2014-1386", "CVE-2014-1387", "CVE-2014-1388", "CVE-2014-1389", "CVE-2014-1390", "CVE-2013-6663", "CVE-2014-1731", "CVE-2014-1713", "CVE-2013-5199", "CVE-2013-5228", "CVE-2013-5197", "CVE-2014-4411", "CVE-2014-1303", "CVE-2014-1305", "CVE-2014-1307", "CVE-2013-2871", "CVE-2014-1268", "CVE-2014-4415", "CVE-2013-2875", "CVE-2013-5225", "CVE-2013-2928", "CVE-2013-2909", "CVE-2013-2927", "CVE-2014-1298", "CVE-2014-1312", "CVE-2014-1313", "CVE-2014-1299", "CVE-2014-1269", "CVE-2014-1311", "CVE-2014-1304", "CVE-2014-4410", "CVE-2014-4412", "CVE-2014-4413", "CVE-2014-4414", "CVE-2014-1340", "CVE-2013-2926", "CVE-2013-5195", "CVE-2014-1325", "CVE-2014-1362", "CVE-2014-1363", "CVE-2014-1364", "CVE-2014-1365", "CVE-2014-1366", "CVE-2014-1367", "CVE-2014-1368", "CVE-2014-1382", "CVE-2014-1270", "CVE-2014-1302", "CVE-2013-5198", "CVE-2013-6625", "CVE-2014-1308", "CVE-2013-6635", "CVE-2013-5196", "CVE-2014-1300", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294", "CVE-2014-1301", "CVE-2014-1309", "CVE-2014-1310", "CVE-2014-1323", "CVE-2014-1324", "CVE-2014-1326", "CVE-2014-1327", "CVE-2014-1329", "CVE-2014-1330", "CVE-2014-1331", "CVE-2014-1333", "CVE-2014-1334", "CVE-2014-1335", "CVE-2014-1336", "CVE-2014-1337", "CVE-2014-1338", "CVE-2014-1339", "CVE-2014-1341", "CVE-2014-1342", "CVE-2014-1343"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*"], "id": "8561.PRM", "href": "https://www.tenable.com/plugins/nnm/8561", "sourceData": "Binary data 8561.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T02:00:57", "description": "According to its banner, the remote Apple TV 2nd generation or later device is prior to 6.1. It is, therefore, reportedly affected by multiple vulnerabilities, the most serious issues of which could result in arbitrary code execution.", "cvss3": {"score": null, "vector": null}, "published": "2014-03-12T00:00:00", "type": "nessus", "title": "Apple TV < 6.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2088", "CVE-2013-2909", "CVE-2013-2926", "CVE-2013-2928", "CVE-2013-5196", "CVE-2013-5197", "CVE-2013-5198", "CVE-2013-5199", "CVE-2013-5225", "CVE-2013-5228", "CVE-2013-6625", "CVE-2013-6629", "CVE-2013-6635", "CVE-2014-1267", "CVE-2014-1269", "CVE-2014-1270", "CVE-2014-1271", "CVE-2014-1272", "CVE-2014-1273", "CVE-2014-1275", "CVE-2014-1278", "CVE-2014-1279", "CVE-2014-1280", "CVE-2014-1282", "CVE-2014-1287", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "APPLETV_6_1.NASL", "href": "https://www.tenable.com/plugins/nessus/72962", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72962);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/15 20:50:23\");\n\n script_cve_id(\n \"CVE-2012-2088\",\n \"CVE-2013-2909\",\n \"CVE-2013-2926\",\n \"CVE-2013-2928\",\n \"CVE-2013-5196\",\n \"CVE-2013-5197\",\n \"CVE-2013-5198\",\n \"CVE-2013-5199\",\n \"CVE-2013-5225\",\n \"CVE-2013-5228\",\n \"CVE-2013-6625\",\n \"CVE-2013-6629\",\n \"CVE-2013-6635\",\n \"CVE-2014-1267\",\n \"CVE-2014-1269\",\n \"CVE-2014-1270\",\n \"CVE-2014-1271\",\n \"CVE-2014-1272\",\n \"CVE-2014-1273\",\n \"CVE-2014-1275\",\n \"CVE-2014-1278\",\n \"CVE-2014-1279\",\n \"CVE-2014-1280\",\n \"CVE-2014-1282\",\n \"CVE-2014-1287\",\n \"CVE-2014-1289\",\n \"CVE-2014-1290\",\n \"CVE-2014-1291\",\n \"CVE-2014-1292\",\n \"CVE-2014-1293\",\n \"CVE-2014-1294\"\n );\n script_bugtraq_id(\n 54270,\n 63024,\n 63028,\n 63672,\n 63676,\n 64354,\n 64356,\n 64358,\n 64359,\n 64360,\n 64361,\n 64362,\n 65779,\n 65780,\n 65781,\n 66088,\n 66089,\n 66090\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2014-03-10-2\");\n\n script_name(english:\"Apple TV < 6.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version in banner\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is affected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its banner, the remote Apple TV 2nd generation or later\ndevice is prior to 6.1. It is, therefore, reportedly affected by\nmultiple vulnerabilities, the most serious issues of which could\nresult in arbitrary code execution.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT202948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/531397/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple TV 6.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:apple_tv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"appletv_detect.nasl\");\n script_require_keys(\"www/appletv\");\n script_require_ports(3689);\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\n\nport = 3689;\nbanner = get_http_banner(port:port, broken:TRUE, exit_on_fail:TRUE);\nif (\n \"DAAP-Server: iTunes/\" >!< banner &&\n \"RIPT-Server: iTunesLib/\" >!< banner\n) audit(AUDIT_WRONG_WEB_SERVER, port, 'iTunes');\n\npat = \"^DAAP-Server: iTunes/([0-9][0-9.]+)([a-z])([0-9]+) \\((Mac )?OS X\\)\";\nmatches = egrep(pattern:pat, string:banner);\n\nif (\n \"DAAP-Server: iTunes/\" >< banner &&\n !matches\n) exit(0, \"The web server listening on port \"+port+\" does not appear to be from iTunes on an Apple TV.\");\n\n\nfixed_major = \"11.1\";\nfixed_char = \"b\";\nfixed_minor = \"37\";\nfixed_airtunes_version = \"200.54\";\n\nreport = \"\";\n\n# Check first for 3rd gen and recent 2nd gen models.\nif (matches)\n{\n foreach line (split(matches, keep:FALSE))\n {\n match = eregmatch(pattern:pat, string:line);\n if (!isnull(match))\n {\n major = match[1];\n char = match[2];\n minor = int(match[3]);\n\n if (\n ver_compare(ver:major, fix:fixed_major, strict:FALSE) < 0 ||\n (\n ver_compare(ver:major, fix:fixed_major, strict:FALSE) == 0 &&\n (\n ord(char) < ord(fixed_char) ||\n (\n ord(char) == ord(fixed_char) &&\n minor < fixed_minor\n )\n )\n )\n )\n {\n report = '\\n Source : ' + line +\n '\\n Installed iTunes version : ' + major + char + minor +\n '\\n Fixed iTunes version : ' + fixed_major + fixed_char + fixed_minor +\n '\\n';\n }\n else if (major == fixed_major && char == fixed_char && minor == fixed_minor)\n {\n airtunes_port = 5000;\n # nb: 'http_server_header()' exits if it can't get the HTTP banner.\n server_header = http_server_header(port:airtunes_port);\n if (isnull(server_header)) audit(AUDIT_WEB_NO_SERVER_HEADER, airtunes_port);\n if (\"AirTunes\" >!< server_header) audit(AUDIT_WRONG_WEB_SERVER, airtunes_port, \"AirTunes\");\n\n match = eregmatch(string:server_header, pattern:\"^AirTunes\\/([0-9][0-9.]+)\");\n if (!match) audit(AUDIT_UNKNOWN_WEB_SERVER_VER, \"AirTunes\", airtunes_port);\n airtunes_version = match[1];\n\n if (ver_compare(ver:airtunes_version, fix:fixed_airtunes_version, strict:FALSE) < 0)\n {\n report = '\\n Source : ' + server_header +\n '\\n Installed AirTunes version : ' + airtunes_version +\n '\\n Fixed AirTunes version : ' + fixed_airtunes_version +\n '\\n';\n }\n else exit(0, \"The web server listening on port \"+airtunes_port+\" reports itself as 'AirTunes/\"+airtunes_version+\"' and, therefore, is not affected.\");\n }\n }\n }\n}\nelse\n{\n pat2 = \"^RIPT-Server: iTunesLib/([0-9]+)\\.\";\n matches = egrep(pattern:pat2, string:banner);\n if (matches)\n {\n foreach line (split(matches, keep:FALSE))\n {\n match = eregmatch(pattern:pat2, string:line);\n if (!isnull(match))\n {\n major = int(match[1]);\n if (major < 4) exit(0, \"The web server listening on port \"+port+\" is from iTunes on a 1st generation Apple TV, which is no longer supported.\");\n else if (major >= 4 && major <= 9)\n {\n report = '\\n Source : ' + line +\n '\\n';\n }\n break;\n }\n }\n }\n}\n\n\nif (report)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:report);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:15", "description": "Versions earlier than the Apple TV 6.1 update are vulnerable to multiple issues, the most serious of which could be leveraged to result in arbitrary code execution.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2014-05-29T00:00:00", "type": "nessus", "title": "Apple TV < 6.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2088", "CVE-2013-6629", "CVE-2013-5199", "CVE-2013-5228", "CVE-2013-5197", "CVE-2014-1267", "CVE-2014-1271", "CVE-2014-1273", "CVE-2014-1272", "CVE-2014-1275", "CVE-2014-1278", "CVE-2014-1280", "CVE-2014-1282", "CVE-2014-1287", "CVE-2014-1279", "CVE-2013-5225", "CVE-2013-2928", "CVE-2013-2909", "CVE-2014-1269", "CVE-2013-2926", "CVE-2014-1270", "CVE-2013-5198", "CVE-2013-6625", "CVE-2013-6635", "CVE-2013-5196", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:apple_tv:*:*:*:*:*:*:*:*"], "id": "8250.PRM", "href": "https://www.tenable.com/plugins/nnm/8250", "sourceData": "Binary data 8250.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:52:07", "description": "The remote host has Google Chrome browser installed. Versions of Google Chrome prior to 30.0.1599.101 are affected by the following vulnerabilities :\n\n - Use-after-free errors in editing, XmlHttpRequest, and forms can result in remote code execution (CVE-2013-2925, CVE-2013-2926, CVE-2013-2927)\n\n - Other miscellaneous security-related bugfixes, unspecified by the vendor (CVE-2013-2928)", "cvss3": {"score": null, "vector": null}, "published": "2013-11-11T00:00:00", "type": "nessus", "title": "Google Chrome < 30.0.1599.101 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2928", "CVE-2013-2927", "CVE-2013-2925", "CVE-2013-2926"], "modified": "2013-11-11T00:00:00", "cpe": [], "id": "801610.PRM", "href": "https://www.tenable.com/plugins/lce/801610", "sourceData": "Binary data 801610.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:52:07", "description": "The remote host has Google Chrome browser installed. Versions of Google Chrome prior to 30.0.1599.101 are affected by the following vulnerabilities :\n\n - Use-after-free errors in editing, XmlHttpRequest, and forms can result in remote code execution (CVE-2013-2925, CVE-2013-2926, CVE-2013-2927)\n\n - Other miscellaneous security-related bugfixes, unspecified by the vendor (CVE-2013-2928)", "cvss3": {"score": null, "vector": null}, "published": "2013-11-11T00:00:00", "type": "nessus", "title": "Google Chrome < 30.0.1599.101 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2928", "CVE-2013-2927", "CVE-2013-2925", "CVE-2013-2926"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "8047.PASL", "href": "https://www.tenable.com/plugins/nnm/8047", "sourceData": "Binary data 8047.pasl", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:52:25", "description": "The version of Google Chrome installed on the remote host is a version prior to 30.0.1599.101. It is, therefore, affected by multiple vulnerabilities :\n\n - Use-after-free errors exist related to editing, forms, and XmlHttpRequest (XHR). (CVE-2013-2925, CVE-2013-2926, CVE-2013-2927)\n\n - Various, unspecified errors exist. (CVE-2013-2928)", "cvss3": {"score": null, "vector": null}, "published": "2013-11-13T00:00:00", "type": "nessus", "title": "Google Chrome < 30.0.1599.101 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2019-11-27T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_30_0_1599_101.NASL", "href": "https://www.tenable.com/plugins/nessus/70892", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70892);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/27\");\n\n script_cve_id(\n \"CVE-2013-2925\",\n \"CVE-2013-2926\",\n \"CVE-2013-2927\",\n \"CVE-2013-2928\"\n );\n script_bugtraq_id(\n 63024,\n 63025,\n 63026,\n 63028\n );\n\n script_name(english:\"Google Chrome < 30.0.1599.101 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version number of Google Chrome\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is a version\nprior to 30.0.1599.101. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Use-after-free errors exist related to editing, forms,\n and XmlHttpRequest (XHR). (CVE-2013-2925, CVE-2013-2926,\n CVE-2013-2927)\n\n - Various, unspecified errors exist. (CVE-2013-2928)\");\n # http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b19cce80\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 30.0.1599.101 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-2928\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'30.0.1599.101', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:52:33", "description": "Google Chrome Releases reports :\n\n5 security fixes in this release, including :\n\n- [292422] High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of OUSPG.\n\n- [294456] High CVE-2013-2926: Use after free in editing. Credit to cloudfuzzer.\n\n- [297478] High CVE-2013-2927: Use after free in forms. Credit to cloudfuzzer.\n\n- [305790] High CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.", "cvss3": {"score": null, "vector": null}, "published": "2013-10-16T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (710cd5d5-35cb-11e3-85f9-00262d5ed8ee)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_710CD5D535CB11E385F900262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/nessus/70449", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70449);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (710cd5d5-35cb-11e3-85f9-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n5 security fixes in this release, including :\n\n- [292422] High CVE-2013-2925: Use after free in XHR. Credit to Atte\nKettunen of OUSPG.\n\n- [294456] High CVE-2013-2926: Use after free in editing. Credit to\ncloudfuzzer.\n\n- [297478] High CVE-2013-2927: Use after free in forms. Credit to\ncloudfuzzer.\n\n- [305790] High CVE-2013-2928: Various fixes from internal audits,\nfuzzing and other initiatives.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://googlechromereleases.blogspot.nl/\"\n );\n # http://www.freebsd.org/ports/portaudit/710cd5d5-35cb-11e3-85f9-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29fbc1f4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<30.0.1599.101\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:26", "description": "Chromium was updated to 30.0.1599.114 :\n\nStable Channel update: fix build for 32bit systems\n\n - Update to Chromium 30.0.1599.101\n\n - Security Fixes :\n\n + CVE-2013-2925: Use after free in XHR\n\n + CVE-2013-2926: Use after free in editing\n\n + CVE-2013-2927: Use after free in forms.\n\n + CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-SU-2013:1729-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "p-cpe:/a:novell:opensuse:chromium-suid-helper", "p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-876.NASL", "href": "https://www.tenable.com/plugins/nessus/75205", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-876.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75205);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\");\n script_bugtraq_id(63024, 63025, 63026, 63028);\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-SU-2013:1729-1)\");\n script_summary(english:\"Check for the openSUSE-2013-876 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 30.0.1599.114 :\n\nStable Channel update: fix build for 32bit systems\n\n - Update to Chromium 30.0.1599.101\n\n - Security Fixes :\n\n + CVE-2013-2925: Use after free in XHR\n\n + CVE-2013-2926: Use after free in editing\n\n + CVE-2013-2927: Use after free in forms.\n\n + CVE-2013-2928: Various fixes from internal audits,\n fuzzing and other initiatives.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=849715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-11/msg00077.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromedriver-30.0.1599.114-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromedriver-debuginfo-30.0.1599.114-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-30.0.1599.114-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-debuginfo-30.0.1599.114-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-debugsource-30.0.1599.114-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-desktop-gnome-30.0.1599.114-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-desktop-kde-30.0.1599.114-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-ffmpegsumo-30.0.1599.114-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-ffmpegsumo-debuginfo-30.0.1599.114-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-suid-helper-30.0.1599.114-1.50.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-suid-helper-debuginfo-30.0.1599.114-1.50.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T15:53:03", "description": "The version of Google Chrome installed on the remote host is a version prior to 30.0.1599.101. It is, therefore, affected by multiple vulnerabilities :\n\n - Use-after-free errors exist related to editing, forms, and XmlHttpRequest (XHR). (CVE-2013-2925, CVE-2013-2926, CVE-2013-2927)\n\n - Various, unspecified errors exist. (CVE-2013-2928)", "cvss3": {"score": null, "vector": null}, "published": "2013-10-18T00:00:00", "type": "nessus", "title": "Google Chrome < 30.0.1599.101 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_30_0_1599_101.NASL", "href": "https://www.tenable.com/plugins/nessus/70494", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70494);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2013-2925\",\n \"CVE-2013-2926\",\n \"CVE-2013-2927\",\n \"CVE-2013-2928\"\n );\n script_bugtraq_id(\n 63024,\n 63025,\n 63026,\n 63028\n );\n\n script_name(english:\"Google Chrome < 30.0.1599.101 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is a version\nprior to 30.0.1599.101. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Use-after-free errors exist related to editing, forms,\n and XmlHttpRequest (XHR). (CVE-2013-2925, CVE-2013-2926,\n CVE-2013-2927)\n\n - Various, unspecified errors exist. (CVE-2013-2928)\");\n # http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b19cce80\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 30.0.1599.101 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-2928\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\n\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\ngoogle_chrome_check_version(installs:installs, fix:'30.0.1599.101', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:02:06", "description": "The mobile device is running a version of iOS that is prior to version 7.1. It is, therefore, affected by vulnerabilities in the following components :\n\n - Backup\n - Certificate Trust Policy\n - Configuration Profiles\n - CoreCapture\n - Crash Reporting\n - dyld\n - FaceTime\n - ImageIO\n - IOKit HID Event\n - iTunes Store\n - Kernel\n - Office Viewer\n - Photos Backend\n - Profiles\n - Safari\n - Settings - Accounts\n - Springboard\n - SpringBoard Lock Screen\n - TelephonyUI Framework\n - USB Host\n - Video Driver\n - WebKit", "cvss3": {"score": null, "vector": null}, "published": "2014-03-10T00:00:00", "type": "nessus", "title": "Apple iOS < 7.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2088", "CVE-2013-2909", "CVE-2013-2926", "CVE-2013-2928", "CVE-2013-3948", "CVE-2013-5133", "CVE-2013-5196", "CVE-2013-5197", "CVE-2013-5198", "CVE-2013-5199", "CVE-2013-5225", "CVE-2013-5227", "CVE-2013-5228", "CVE-2013-6625", "CVE-2013-6629", "CVE-2013-6635", "CVE-2013-6835", "CVE-2014-1252", "CVE-2014-1267", "CVE-2014-1269", "CVE-2014-1270", "CVE-2014-1271", "CVE-2014-1272", "CVE-2014-1273", "CVE-2014-1274", "CVE-2014-1275", "CVE-2014-1276", "CVE-2014-1278", "CVE-2014-1280", "CVE-2014-1281", "CVE-2014-1282", "CVE-2014-1285", "CVE-2014-1286", "CVE-2014-1287", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294", "CVE-2014-2019"], "modified": "2022-02-14T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_71_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/72907", "sourceData": "Binary data apple_ios_71_check.nbin", "cvss": {"score": 8.8, "vector": "AV:N/AC:M/Au:N/C:N/I:C/A:C"}}, {"lastseen": "2021-08-19T12:50:44", "description": "According to its banner, the remote Apple iOS device is missing a security update. Versions of Apple iOS prior to 7.1 are affected by vulnerabilities within the following components :\n\n - Backup\n - Certificate Trust Policy\n - Configuration Profiles\n - CoreCapture\n - Crash Reporting\n - dyld\n - FaceTime\n - ImageIO\n - IOKit HID Event\n - iTunes Store\n - Kernel\n - Office Viewer\n - Photos Backend\n - Profiles\n - Safari\n - Find My iPhone status\n - Springboard\n - SpringBoard Lock Screen\n - TelephonyUI Framework\n - USB Host\n - Video Driver\n - WebKit", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2014-03-11T00:00:00", "type": "nessus", "title": "Apple iOS < 7.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2088", "CVE-2013-6629", "CVE-2014-2019", "CVE-2013-5199", "CVE-2013-5228", "CVE-2013-5197", "CVE-2014-1267", "CVE-2014-1271", "CVE-2014-1273", "CVE-2014-1272", "CVE-2014-1275", "CVE-2014-1278", "CVE-2014-1282", "CVE-2014-1287", "CVE-2013-6835", "CVE-2013-5225", "CVE-2013-2928", "CVE-2013-2909", "CVE-2014-1269", "CVE-2013-5227", "CVE-2013-2926", "CVE-2014-1270", "CVE-2013-5198", "CVE-2013-6635", "CVE-2013-5196", "CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294", "CVE-2014-1252", "CVE-2013-5133", "CVE-2014-1274", "CVE-2014-1276", "CVE-2014-1277", "CVE-2014-1281", "CVE-2014-1284", "CVE-2014-1285", "CVE-2014-1286"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "8155.PRM", "href": "https://www.tenable.com/plugins/nnm/8155", "sourceData": "Binary data 8155.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:36", "description": "Security and bugfix update to Chromium 31.0.1650.57\n\n - Update to Chromium 31.0.1650.57 :\n\n - Security Fixes :\n\n - CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 Stable Channel update :\n\n - Security fixes :\n\n - CVE-2013-6621: Use after free related to speech input elements..\n\n - CVE-2013-6622: Use after free related to media elements. \n\n - CVE-2013-6623: Out of bounds read in SVG.\n\n - CVE-2013-6624: Use after free related to “id” attribute strings.\n\n - CVE-2013-6625: Use after free in DOM ranges.\n\n - CVE-2013-6626: Address bar spoofing related to interstitial warnings.\n\n - CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n - CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation.\n\n - CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.\n\n - CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo.\n\n - CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.\n\n - CVE-2013-6631: Use after free in libjingle.\n\n - Stable Channel update: fix build for 32bit systems\n\n - Update to Chromium 30.0.1599.101\n\n - Security Fixes :\n\n + CVE-2013-2925: Use after free in XHR\n\n + CVE-2013-2926: Use after free in editing\n\n + CVE-2013-2927: Use after free in forms.\n\n + CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.\n\n - Enable ARM build for Chromium.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-SU-2013:1776-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928", "CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631", "CVE-2013-6632"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "p-cpe:/a:novell:opensuse:chromium-suid-helper", "p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2013-903.NASL", "href": "https://www.tenable.com/plugins/nessus/75212", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-903.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75212);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\", \"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\", \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\", \"CVE-2013-6632\");\n script_bugtraq_id(63024, 63025, 63026, 63028, 63667, 63669, 63670, 63671, 63672, 63673, 63674, 63675, 63676, 63677, 63678, 63679, 63729);\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-SU-2013:1776-1)\");\n script_summary(english:\"Check for the openSUSE-2013-903 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security and bugfix update to Chromium 31.0.1650.57\n\n - Update to Chromium 31.0.1650.57 :\n\n - Security Fixes :\n\n - CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 Stable Channel update :\n\n - Security fixes :\n\n - CVE-2013-6621: Use after free related to speech input\n elements..\n\n - CVE-2013-6622: Use after free related to media elements. \n\n - CVE-2013-6623: Out of bounds read in SVG.\n\n - CVE-2013-6624: Use after free related to\n “id” attribute strings.\n\n - CVE-2013-6625: Use after free in DOM ranges.\n\n - CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n\n - CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n - CVE-2013-6628: Issue with certificates not being checked\n during TLS renegotiation.\n\n - CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - CVE-2013-6629: Read of uninitialized memory in libjpeg\n and libjpeg-turbo.\n\n - CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n\n - CVE-2013-6631: Use after free in libjingle.\n\n - Stable Channel update: fix build for 32bit systems\n\n - Update to Chromium 30.0.1599.101\n\n - Security Fixes :\n\n + CVE-2013-2925: Use after free in XHR\n\n + CVE-2013-2926: Use after free in editing\n\n + CVE-2013-2927: Use after free in forms.\n\n + CVE-2013-2928: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - Enable ARM build for Chromium.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=849715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=850430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-11/msg00107.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromedriver-31.0.1650.57-1.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromedriver-debuginfo-31.0.1650.57-1.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-31.0.1650.57-1.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-debuginfo-31.0.1650.57-1.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-debugsource-31.0.1650.57-1.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-desktop-gnome-31.0.1650.57-1.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-desktop-kde-31.0.1650.57-1.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-ffmpegsumo-31.0.1650.57-1.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-ffmpegsumo-debuginfo-31.0.1650.57-1.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-suid-helper-31.0.1650.57-1.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-suid-helper-debuginfo-31.0.1650.57-1.17.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:50:28", "description": "Google Chrome for Android version 33.0.1750.166 contains fixes for the following security issues, discovered during CanSecWest 2014:\n\n - Memory corruption in V8 (CVE-2014-1705)\n\n - Memory corruption in GPU command buffer (CVE-2014-1710)\n\n - Use-after-free in bindings (CVE-2014-1713)", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2014-05-01T00:00:00", "type": "nessus", "title": "Google Chrome for Android < 33.0.1750.166 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1713", "CVE-2014-1705", "CVE-2014-1710"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "8201.PRM", "href": "https://www.tenable.com/plugins/nnm/8201", "sourceData": "Binary data 8201.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:45", "description": "The Google Chrome browser detected on the remote Linux system is older than version 33.0.1750.152 and is therefore vulnerable to the following issues:\n\n - Memory corruption vulnerability in Google V8 via ArrayBuffer property accesses. (CVE-2014-1705)\n\n - Use-after-free error related to document.location bindings, which may be leveraged to execute arbitrary code by a context-dependent attacker. (CVE-2014-1713)\n\n - A sandbox bypass via a flaw related to the clipboard message filter. (CVE-2014-1714)\n\n - A sandbox bypass via path traversal due to insufficient user input sanitation in the 'CreatePlatformFileUnsafe()' function within 'base/platform_file_win.cc' (CVE-2014-1715)", "cvss3": {"score": null, "vector": null}, "published": "2014-03-18T00:00:00", "type": "nessus", "title": "Google Chrome < 33.0.1750.152 (Linux) Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1713", "CVE-2014-1714", "CVE-2014-1705", "CVE-2014-1715"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "8164.PASL", "href": "https://www.tenable.com/plugins/nnm/8164", "sourceData": "Binary data 8164.pasl", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:02:34", "description": "The version of Google Chrome installed on the remote host is a version prior to 33.0.1750.154. It is, therefore, affected by the following vulnerabilities :\n\n - A remote code-execution flaw exists due to a read/write error with the a sandbox bypass, specifically the V8 JavaScript engine. This could allow an attacker to execute code or cause a denial of service if the exploit fails. (CVE-2014-1705)\n\n - A use-after-free flaw exists with the 'document.location' bindings. An attacker, using a specially crafted web page, can dereference freed memory and could execute arbitrary code. (CVE-2014-1713)\n\n - A flaw exists with the clipboard message filter. A context-dependent attacker could bypass sandbox restrictions. (CVE-2014-1714)\n\n - A restriction bypass flaw exists with the 'CreatePlatformFileUnsafe()' function in the 'base/platform_file_win.cc' where user input is not properly sanitized. A context-dependent attacker could open arbitrary directories bypassing sandbox restrictions. (CVE-2014-1715)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-03-18T00:00:00", "type": "nessus", "title": "Google Chrome < 33.0.1750.154 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1714", "CVE-2014-1715"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_33_0_1750_154.NASL", "href": "https://www.tenable.com/plugins/nessus/73082", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73082);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2014-1705\",\n \"CVE-2014-1713\",\n \"CVE-2014-1714\",\n \"CVE-2014-1715\"\n );\n script_bugtraq_id(\n 66239,\n 66243,\n 66249,\n 66252\n );\n\n script_name(english:\"Google Chrome < 33.0.1750.154 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is a version\nprior to 33.0.1750.154. It is, therefore, affected by the following\nvulnerabilities :\n\n - A remote code-execution flaw exists due to a read/write\n error with the a sandbox bypass, specifically the V8\n JavaScript engine. This could allow an attacker to\n execute code or cause a denial of service if the exploit\n fails. (CVE-2014-1705)\n\n - A use-after-free flaw exists with the\n 'document.location' bindings. An attacker, using a\n specially crafted web page, can dereference freed memory\n and could execute arbitrary code. (CVE-2014-1713)\n\n - A flaw exists with the clipboard message filter. A\n context-dependent attacker could bypass sandbox\n restrictions. (CVE-2014-1714)\n\n - A restriction bypass flaw exists with the\n 'CreatePlatformFileUnsafe()' function in the\n 'base/platform_file_win.cc' where user input is not\n properly sanitized. A context-dependent attacker could\n open arbitrary directories bypassing sandbox\n restrictions. (CVE-2014-1715)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/531614/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/531615/30/0/threaded\");\n # http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?caf96baa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 33.0.1750.154 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-1715\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'33.0.1750.154', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:59", "description": "Google Chrome Releases reports :\n\nNew vulnerabilities after the Pwn2Own competition :\n\n- [352369] Code execution outside sandbox. Credit to VUPEN.\n\n- [352374] High CVE-2014-1713: Use-after-free in Blink bindings\n\n- [352395] High CVE-2014-1714: Windows clipboard vulnerability\n\n- [352420] Code execution outside sandbox. Credit to Anonymous.\n\n- [351787] High CVE-2014-1705: Memory corruption in V8\n\n- [352429] High CVE-2014-1715: Directory traversal issue", "cvss3": {"score": null, "vector": null}, "published": "2014-03-17T00:00:00", "type": "nessus", "title": "FreeBSD : www/chromium -- multiple vulnerabilities (a70966a1-ac22-11e3-8d04-00262d5ed8ee)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1714", "CVE-2014-1715"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_A70966A1AC2211E38D0400262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/nessus/73049", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2015 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73049);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\", \"CVE-2014-1715\");\n\n script_name(english:\"FreeBSD : www/chromium -- multiple vulnerabilities (a70966a1-ac22-11e3-8d04-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\nNew vulnerabilities after the Pwn2Own competition :\n\n- [352369] Code execution outside sandbox. Credit to VUPEN.\n\n- [352374] High CVE-2014-1713: Use-after-free in Blink bindings\n\n- [352395] High CVE-2014-1714: Windows clipboard vulnerability\n\n- [352420] Code execution outside sandbox. Credit to Anonymous.\n\n- [351787] High CVE-2014-1705: Memory corruption in V8\n\n- [352429] High CVE-2014-1715: Directory traversal issue\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://googlechromereleases.blogspot.nl/\"\n );\n # http://www.freebsd.org/ports/portaudit/a70966a1-ac22-11e3-8d04-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dab8099c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<33.0.1750.152\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:45", "description": "The Google Chrome browser detected on the remote Mac/OS X system is older than version 33.0.1750.152 and is therefore vulnerable to the following issues:\n\n - Memory corruption vulnerability in Google V8 via ArrayBuffer property accesses. (CVE-2014-1705)\n\n - Use-after-free error related to document.location bindings, which may be leveraged to execute arbitrary code by a context-dependent attacker. (CVE-2014-1713)\n\n - A sandbox bypass via a flaw related to the clipboard message filter. (CVE-2014-1714)\n\n - A sandbox bypass via path traversal due to insufficient user input sanitation in the 'CreatePlatformFileUnsafe()' function within 'base/platform_file_win.cc' (CVE-2014-1715)", "cvss3": {"score": null, "vector": null}, "published": "2014-03-18T00:00:00", "type": "nessus", "title": "Google Chrome < 33.0.1750.152 (Mac) Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1713", "CVE-2014-1714", "CVE-2014-1705", "CVE-2014-1715"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "8163.PASL", "href": "https://www.tenable.com/plugins/nnm/8163", "sourceData": "Binary data 8163.pasl", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:52", "description": "The version of Google Chrome installed on the remote Mac OS X host is a version prior to 33.0.1750.152. It is, therefore, affected by the following vulnerabilities :\n\n - A remote code-execution flaw exists due to a read/write error with the a sandbox bypass, specifically the V8 JavaScript engine. This could allow an attacker to execute code or cause a denial of service if the exploit fails. (CVE-2014-1705)\n\n - A use-after-free flaw exists with the 'document.location' bindings. An attacker, using a specially crafted web page, can dereference freed memory and could execute arbitrary code. (CVE-2014-1713)\n\n - A flaw exists with the clipboard message filter. A context-dependent attacker could bypass sandbox restrictions. (CVE-2014-1714)\n\n - A restriction bypass flaw exists with the 'CreatePlatformFileUnsafe()' function in the 'base/platform_file_win.cc' where user input is not properly sanitized. A context-dependent attacker could open arbitrary directories bypassing sandbox restrictions. (CVE-2014-1715)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-03-18T00:00:00", "type": "nessus", "title": "Google Chrome < 33.0.1750.152 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1714", "CVE-2014-1715"], "modified": "2019-11-26T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_33_0_1750_152.NASL", "href": "https://www.tenable.com/plugins/nessus/73083", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73083);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\n \"CVE-2014-1705\",\n \"CVE-2014-1713\",\n \"CVE-2014-1714\",\n \"CVE-2014-1715\"\n );\n script_bugtraq_id(\n 66239,\n 66243,\n 66249,\n 66252\n );\n\n script_name(english:\"Google Chrome < 33.0.1750.152 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version number of Google Chrome\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is\na version prior to 33.0.1750.152. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A remote code-execution flaw exists due to a read/write\n error with the a sandbox bypass, specifically the V8\n JavaScript engine. This could allow an attacker to\n execute code or cause a denial of service if the exploit\n fails. (CVE-2014-1705)\n\n - A use-after-free flaw exists with the\n 'document.location' bindings. An attacker, using a\n specially crafted web page, can dereference freed memory\n and could execute arbitrary code. (CVE-2014-1713)\n\n - A flaw exists with the clipboard message filter. A\n context-dependent attacker could bypass sandbox\n restrictions. (CVE-2014-1714)\n\n - A restriction bypass flaw exists with the\n 'CreatePlatformFileUnsafe()' function in the\n 'base/platform_file_win.cc' where user input is not\n properly sanitized. A context-dependent attacker could\n open arbitrary directories bypassing sandbox\n restrictions. (CVE-2014-1715)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/531614/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/531615/30/0/threaded\");\n # http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?caf96baa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 33.0.1750.152 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-1715\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'33.0.1750.152', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:45", "description": "The Google Chrome browser detected on the remote Windows system is older than version 33.0.1750.154, and is therefore vulnerable to the following issues:\n\n - Memory corruption vulnerability in Google V8 via ArrayBuffer property accesses. (CVE-2014-1705)\n\n - Use-after-free error related to document.location bindings, which may be leveraged to execute arbitrary code by a context-dependent attacker. (CVE-2014-1713)\n\n - A sandbox bypass via a flaw related to the clipboard message filter. (CVE-2014-1714)\n\n - A sandbox bypass via path traversal due to insufficient user input sanitation in the 'CreatePlatformFileUnsafe()' function within 'base/platform_file_win.cc' (CVE-2014-1715)", "cvss3": {"score": null, "vector": null}, "published": "2014-03-18T00:00:00", "type": "nessus", "title": "Google Chrome < 33.0.1750.154 (Win) Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1713", "CVE-2014-1714", "CVE-2014-1705", "CVE-2014-1715"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "8162.PASL", "href": "https://www.tenable.com/plugins/nnm/8162", "sourceData": "Binary data 8162.pasl", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:28", "description": "Chrome OS version 33.0.1750.152 (Platform version: 5116.115.4/5116.115.5) was released with fixes for the following security vulnerabilities :\n\n - Memory corruption in V8 via the builtin ArrayBuffer property access, which can lead to remote code execution (CVE-2014-1705)\n - Command injection in Crosh via the try_touch_experiment function, which may allow a context-dependent attacker to run arbitrary commands (CVE-2014-1706)\n - Path traversal issue in CrosDisk due to insufficient user input sanitation when mounting a source (CVE-2014-1707)\n - Issue with file persistence at boot, relating to a flaw in dump_vpd_log (CVE-2014-1708)\n - Memory corruption flaw in the AsyncPixelTransfersCompletedQuery::End() function in the GPU command buffer, which a context-dependent attacker can leverage to run arbitrary code (CVE-2014-1710)\n - Out-of-bounds write in the GPU driver, which can be leveraged to execute arbitrary code (CVE-2014-1711)\n - Use-after-free error in Blink bindings used in the V8 engine, which can be leveraged to execute arbitrary code (CVE-2014-1713)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2014-05-01T00:00:00", "type": "nessus", "title": "Google Chrome OS < 33.0.1750.152 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1713", "CVE-2014-1705", "CVE-2014-1706", "CVE-2014-1707", "CVE-2014-1708", "CVE-2014-1711", "CVE-2014-1710"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome_os:*:*:*:*:*:*:*:*"], "id": "8202.PRM", "href": "https://www.tenable.com/plugins/nnm/8202", "sourceData": "Binary data 8202.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:50:45", "description": "Versions of Google Chrome OS prior to 33.0.1750.152 are affected by the following vulnerabilities :\n\n - Memory corruption vulnerability in Google V8 via ArrayBuffer property accesses. (CVE-2014-1705)\n\n - Command injection vulnerability via a flaw in crosh that is triggered when calling try_touch_experiment. (CVE-2014-1706)\n\n - Unspecified path traversal vulnerability due to insufficient user-input sanitation when mounting a source (CVE-2014-1707)\n\n - Unspecified on-boot file persistence vulnerability (CVE-2014-1708)\n\n - An exploitable memory corruption in the 'AsyncPixelTransfersCompletedQuery::End()' function in 'gpu/command_buffer/service/query_manager.cc' (CVE-2014-1710)\n\n - Out-of-bounds write flaw in the GPU driver (CVE-2014-1711)\n\n - Use-after-free error related to document.location bindings, which may be leveraged to execute arbitrary code by a context-dependent attacker. (CVE-2014-1713)", "cvss3": {"score": null, "vector": null}, "published": "2014-03-17T00:00:00", "type": "nessus", "title": "Google Chrome OS < 33.0.1750.152 Multiple Security Vulnerabilities (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1713", "CVE-2014-1705", "CVE-2014-1706", "CVE-2014-1707", "CVE-2014-1708", "CVE-2014-1711", "CVE-2014-1710"], "modified": "2018-09-16T00:00:00", "cpe": ["cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*"], "id": "8161.PRM", "href": "https://www.tenable.com/plugins/nnm/8161", "sourceData": "Binary data 8161.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:27", "description": "Chromium was updated to 31.0.1650.57: Stable channel update :\n\n - Security Fixes :\n\n - CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 Stable Channel update :\n\n - Security fixes :\n\n - CVE-2013-6621: Use after free related to speech input elements..\n\n - CVE-2013-6622: Use after free related to media elements. \n\n - CVE-2013-6623: Out of bounds read in SVG.\n\n - CVE-2013-6624: Use after free related to “id” attribute strings.\n\n - CVE-2013-6625: Use after free in DOM ranges.\n\n - CVE-2013-6626: Address bar spoofing related to interstitial warnings.\n\n - CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n - CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation.\n\n - CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.\n\n - CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo.\n\n - CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.\n\n - CVE-2013-6631: Use after free in libjingle.\n\n - Added patch chromium-fix-chromedriver-build.diff to fix the chromedriver build\n\n - Enable ARM build for Chromium. \n\n - Added patches chromium-arm-webrtc-fix.patch, chromium-fix-arm-icu.patch and chromium-fix-arm-sysroot.patch to resolve ARM specific build issues\n\n - Update to Chromium 30.0.1599.114 Stable Channel update:\n fix build for 32bit systems\n\n - Drop patch chromium-fix-chromedriver-build.diff. This is now fixed upstream\n\n - For openSUSE versions lower than 13.1, build against the in-tree libicu\n\n - Update to Chromium 30.0.1599.101\n\n - Security Fixes :\n\n + CVE-2013-2925: Use after free in XHR\n\n + CVE-2013-2926: Use after free in editing\n\n + CVE-2013-2927: Use after free in forms.\n\n + CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.\n\n - Update to Chromium 30.0.1599.66\n\n - Easier searching by image \n\n - A number of new apps/extension APIs \n\n - Lots of under the hood changes for stability and performance\n\n - Security fixes :\n\n + CVE-2013-2906: Races in Web Audio\n\n + CVE-2013-2907: Out of bounds read in Window.prototype object\n\n + CVE-2013-2908: Address bar spoofing related to the “204 No Content” status code\n\n + CVE-2013-2909: Use after free in inline-block rendering\n\n + CVE-2013-2910: Use-after-free in Web Audio\n\n + CVE-2013-2911: Use-after-free in XSLT\n\n + CVE-2013-2912: Use-after-free in PPAPI\n\n + CVE-2013-2913: Use-after-free in XML document parsing\n\n + CVE-2013-2914: Use after free in the Windows color chooser dialog\n\n + CVE-2013-2915: Address bar spoofing via a malformed scheme\n\n + CVE-2013-2916: Address bar spoofing related to the “204 No Content” status code\n\n + CVE-2013-2917: Out of bounds read in Web Audio\n\n + CVE-2013-2918: Use-after-free in DOM\n\n + CVE-2013-2919: Memory corruption in V8\n\n + CVE-2013-2920: Out of bounds read in URL parsing\n\n + CVE-2013-2921: Use-after-free in resource loader\n\n + CVE-2013-2922: Use-after-free in template element\n\n + CVE-2013-2923: Various fixes from internal audits, fuzzing and other initiatives \n\n + CVE-2013-2924: Use-after-free in ICU. Upstream bug", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-SU-2013:1861-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2906", "CVE-2013-2907", "CVE-2013-2908", "CVE-2013-2909", "CVE-2013-2910", "CVE-2013-2911", "CVE-2013-2912", "CVE-2013-2913", "CVE-2013-2914", "CVE-2013-2915", "CVE-2013-2916", "CVE-2013-2917", "CVE-2013-2918", "CVE-2013-2919", "CVE-2013-2920", "CVE-2013-2921", "CVE-2013-2922", "CVE-2013-2923", "CVE-2013-2924", "CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928", "CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631", "CVE-2013-6632"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "p-cpe:/a:novell:opensuse:chromium-suid-helper", "p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2013-961.NASL", "href": "https://www.tenable.com/plugins/nessus/75225", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-961.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75225);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2906\", \"CVE-2013-2907\", \"CVE-2013-2908\", \"CVE-2013-2909\", \"CVE-2013-2910\", \"CVE-2013-2911\", \"CVE-2013-2912\", \"CVE-2013-2913\", \"CVE-2013-2914\", \"CVE-2013-2915\", \"CVE-2013-2916\", \"CVE-2013-2917\", \"CVE-2013-2918\", \"CVE-2013-2919\", \"CVE-2013-2920\", \"CVE-2013-2921\", \"CVE-2013-2922\", \"CVE-2013-2923\", \"CVE-2013-2924\", \"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\", \"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\", \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\", \"CVE-2013-6632\");\n script_bugtraq_id(62752, 62968, 63024, 63025, 63026, 63028, 63667, 63669, 63670, 63671, 63672, 63673, 63674, 63675, 63676, 63677, 63678, 63679, 63729, 64354);\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-SU-2013:1861-1)\");\n script_summary(english:\"Check for the openSUSE-2013-961 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 31.0.1650.57: Stable channel update :\n\n - Security Fixes :\n\n - CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 Stable Channel update :\n\n - Security fixes :\n\n - CVE-2013-6621: Use after free related to speech input\n elements..\n\n - CVE-2013-6622: Use after free related to media elements. \n\n - CVE-2013-6623: Out of bounds read in SVG.\n\n - CVE-2013-6624: Use after free related to\n “id” attribute strings.\n\n - CVE-2013-6625: Use after free in DOM ranges.\n\n - CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n\n - CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n - CVE-2013-6628: Issue with certificates not being checked\n during TLS renegotiation.\n\n - CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - CVE-2013-6629: Read of uninitialized memory in libjpeg\n and libjpeg-turbo.\n\n - CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n\n - CVE-2013-6631: Use after free in libjingle.\n\n - Added patch chromium-fix-chromedriver-build.diff to fix\n the chromedriver build\n\n - Enable ARM build for Chromium. \n\n - Added patches chromium-arm-webrtc-fix.patch,\n chromium-fix-arm-icu.patch and\n chromium-fix-arm-sysroot.patch to resolve ARM specific\n build issues\n\n - Update to Chromium 30.0.1599.114 Stable Channel update:\n fix build for 32bit systems\n\n - Drop patch chromium-fix-chromedriver-build.diff. This is\n now fixed upstream\n\n - For openSUSE versions lower than 13.1, build against the\n in-tree libicu\n\n - Update to Chromium 30.0.1599.101\n\n - Security Fixes :\n\n + CVE-2013-2925: Use after free in XHR\n\n + CVE-2013-2926: Use after free in editing\n\n + CVE-2013-2927: Use after free in forms.\n\n + CVE-2013-2928: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - Update to Chromium 30.0.1599.66\n\n - Easier searching by image \n\n - A number of new apps/extension APIs \n\n - Lots of under the hood changes for stability and\n performance\n\n - Security fixes :\n\n + CVE-2013-2906: Races in Web Audio\n\n + CVE-2013-2907: Out of bounds read in Window.prototype\n object\n\n + CVE-2013-2908: Address bar spoofing related to the\n “204 No Content” status code\n\n + CVE-2013-2909: Use after free in inline-block rendering\n\n + CVE-2013-2910: Use-after-free in Web Audio\n\n + CVE-2013-2911: Use-after-free in XSLT\n\n + CVE-2013-2912: Use-after-free in PPAPI\n\n + CVE-2013-2913: Use-after-free in XML document parsing\n\n + CVE-2013-2914: Use after free in the Windows color\n chooser dialog\n\n + CVE-2013-2915: Address bar spoofing via a malformed\n scheme\n\n + CVE-2013-2916: Address bar spoofing related to the\n “204 No Content” status code\n\n + CVE-2013-2917: Out of bounds read in Web Audio\n\n + CVE-2013-2918: Use-after-free in DOM\n\n + CVE-2013-2919: Memory corruption in V8\n\n + CVE-2013-2920: Out of bounds read in URL parsing\n\n + CVE-2013-2921: Use-after-free in resource loader\n\n + CVE-2013-2922: Use-after-free in template element\n\n + CVE-2013-2923: Various fixes from internal audits,\n fuzzing and other initiatives \n\n + CVE-2013-2924: Use-after-free in ICU. Upstream bug\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-12/msg00049.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-31.0.1650.57-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-debuginfo-31.0.1650.57-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-31.0.1650.57-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debuginfo-31.0.1650.57-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debugsource-31.0.1650.57-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-gnome-31.0.1650.57-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-kde-31.0.1650.57-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-31.0.1650.57-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-debuginfo-31.0.1650.57-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-suid-helper-31.0.1650.57-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-suid-helper-debuginfo-31.0.1650.57-8.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:52:33", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\n - CVE-2013-2906 Atte Kettunen of OUSPG discovered race conditions in Web Audio.\n\n - CVE-2013-2907 Boris Zbarsky discovered an out-of-bounds read in window.prototype.\n\n - CVE-2013-2908 Chamal de Silva discovered an address bar spoofing issue.\n\n - CVE-2013-2909 Atte Kuttenen of OUSPG discovered a use-after-free issue in inline-block.\n\n - CVE-2013-2910 Byoungyoung Lee of the Georgia Tech Information Security Center discovered a use-after-free issue in Web Audio.\n\n - CVE-2013-2911 Atte Kettunen of OUSPG discovered a use-after-free in Blink's XSLT handling.\n\n - CVE-2013-2912 Chamal de Silva and 41.w4r10r(at)garage4hackers.com discovered a use-after-free issue in the Pepper Plug-in API.\n\n - CVE-2013-2913 cloudfuzzer discovered a use-after-free issue in Blink's XML document parsing.\n\n - CVE-2013-2915 Wander Groeneveld discovered an address bar spoofing issue.\n\n - CVE-2013-2916 Masato Kinugawa discovered an address bar spoofing issue.\n\n - CVE-2013-2917 Byoungyoung Lee and Tielei Wang discovered an out-of-bounds read issue in Web Audio.\n\n - CVE-2013-2918 Byoungyoung Lee discoverd an out-of-bounds read in Blink's DOM implementation.\n\n - CVE-2013-2919 Adam Haile of Concrete Data discovered a memory corruption issue in the V8 JavaScript library.\n\n - CVE-2013-2920 Atte Kuttunen of OUSPG discovered an out-of-bounds read in URL host resolving.\n\n - CVE-2013-2921 Byoungyoung Lee and Tielei Wang discovered a use-after-free issue in resource loading.\n\n - CVE-2013-2922 Jon Butler discovered a use-after-free issue in Blink's HTML template element implementation.\n\n - CVE-2013-2924 A use-after-free issue was discovered in the International Components for Unicode (ICU) library. \n\n - CVE-2013-2925 Atte Kettunen of OUSPG discover a use-after-free issue in Blink's XML HTTP request implementation.\n\n - CVE-2013-2926 cloudfuzzer discovered a use-after-free issue in the list indenting implementation.\n\n - CVE-2013-2927 cloudfuzzer discovered a use-after-free issue in the HTML form submission implementation. \n\n - CVE-2013-2923 and CVE-2013-2928 The chrome 30 development team found various issues from internal fuzzing, audits, and other studies.", "cvss3": {"score": null, "vector": null}, "published": "2013-10-27T00:00:00", "type": "nessus", "title": "Debian DSA-2785-1 : chromium-browser - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2906", "CVE-2013-2907", "CVE-2013-2908", "CVE-2013-2909", "CVE-2013-2910", "CVE-2013-2911", "CVE-2013-2912", "CVE-2013-2913", "CVE-2013-2915", "CVE-2013-2916", "CVE-2013-2917", "CVE-2013-2918", "CVE-2013-2919", "CVE-2013-2920", "CVE-2013-2921", "CVE-2013-2922", "CVE-2013-2923", "CVE-2013-2924", "CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2785.NASL", "href": "https://www.tenable.com/plugins/nessus/70636", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2785. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70636);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2906\", \"CVE-2013-2907\", \"CVE-2013-2908\", \"CVE-2013-2909\", \"CVE-2013-2910\", \"CVE-2013-2911\", \"CVE-2013-2912\", \"CVE-2013-2913\", \"CVE-2013-2915\", \"CVE-2013-2916\", \"CVE-2013-2917\", \"CVE-2013-2918\", \"CVE-2013-2919\", \"CVE-2013-2920\", \"CVE-2013-2921\", \"CVE-2013-2922\", \"CVE-2013-2923\", \"CVE-2013-2924\", \"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\");\n script_bugtraq_id(62752, 62968, 63024, 63025, 63026, 63028);\n script_xref(name:\"DSA\", value:\"2785\");\n\n script_name(english:\"Debian DSA-2785-1 : chromium-browser - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2013-2906\n Atte Kettunen of OUSPG discovered race conditions in Web\n Audio.\n\n - CVE-2013-2907\n Boris Zbarsky discovered an out-of-bounds read in\n window.prototype.\n\n - CVE-2013-2908\n Chamal de Silva discovered an address bar spoofing\n issue.\n\n - CVE-2013-2909\n Atte Kuttenen of OUSPG discovered a use-after-free issue\n in inline-block.\n\n - CVE-2013-2910\n Byoungyoung Lee of the Georgia Tech Information Security\n Center discovered a use-after-free issue in Web Audio.\n\n - CVE-2013-2911\n Atte Kettunen of OUSPG discovered a use-after-free in\n Blink's XSLT handling.\n\n - CVE-2013-2912\n Chamal de Silva and 41.w4r10r(at)garage4hackers.com\n discovered a use-after-free issue in the Pepper Plug-in\n API.\n\n - CVE-2013-2913\n cloudfuzzer discovered a use-after-free issue in Blink's\n XML document parsing.\n\n - CVE-2013-2915\n Wander Groeneveld discovered an address bar spoofing\n issue.\n\n - CVE-2013-2916\n Masato Kinugawa discovered an address bar spoofing\n issue.\n\n - CVE-2013-2917\n Byoungyoung Lee and Tielei Wang discovered an\n out-of-bounds read issue in Web Audio.\n\n - CVE-2013-2918\n Byoungyoung Lee discoverd an out-of-bounds read in\n Blink's DOM implementation.\n\n - CVE-2013-2919\n Adam Haile of Concrete Data discovered a memory\n corruption issue in the V8 JavaScript library.\n\n - CVE-2013-2920\n Atte Kuttunen of OUSPG discovered an out-of-bounds read\n in URL host resolving.\n\n - CVE-2013-2921\n Byoungyoung Lee and Tielei Wang discovered a\n use-after-free issue in resource loading.\n\n - CVE-2013-2922\n Jon Butler discovered a use-after-free issue in Blink's\n HTML template element implementation.\n\n - CVE-2013-2924\n A use-after-free issue was discovered in the\n International Components for Unicode (ICU) library. \n\n - CVE-2013-2925\n Atte Kettunen of OUSPG discover a use-after-free issue\n in Blink's XML HTTP request implementation.\n\n - CVE-2013-2926\n cloudfuzzer discovered a use-after-free issue in the\n list indenting implementation.\n\n - CVE-2013-2927\n cloudfuzzer discovered a use-after-free issue in the\n HTML form submission implementation. \n\n - CVE-2013-2923 and CVE-2013-2928\n The chrome 30 development team found various issues from\n internal fuzzing, audits, and other studies.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2909\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2913\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2916\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2918\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2920\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2921\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2922\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2924\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2927\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2785\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 30.0.1599.101-1~deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"chromium\", reference:\"30.0.1599.101-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser\", reference:\"30.0.1599.101-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-dbg\", reference:\"30.0.1599.101-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-inspector\", reference:\"30.0.1599.101-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-l10n\", reference:\"30.0.1599.101-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-dbg\", reference:\"30.0.1599.101-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-inspector\", reference:\"30.0.1599.101-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-l10n\", reference:\"30.0.1599.101-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-26T00:44:46", "description": "Chromium was updated to the 33.0.1750.152 stable channel uodate :\n\n - Security fixes :\n\n - CVE-2014-1713: Use-after-free in Blink bindings\n\n - CVE-2014-1714: Windows clipboard vulnerability\n\n - CVE-2014-1705: Memory corruption in V8\n\n - CVE-2014-1715: Directory traversal issue\n\nPrevious stable channel update 33.0.1750.149 :\n\n - Security fixes :\n\n - CVE-2014-1700: Use-after-free in speech\n\n - CVE-2014-1701: UXSS in events\n\n - CVE-2014-1702: Use-after-free in web database\n\n - CVE-2014-1703: Potential sandbox escape due to a use-after-free in web sockets\n\n - CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-SU-2014:0501-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1700", "CVE-2014-1701", "CVE-2014-1702", "CVE-2014-1703", "CVE-2014-1704", "CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1714", "CVE-2014-1715"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "p-cpe:/a:novell:opensuse:chromium-suid-helper", "p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo", "cpe:/o:novell:opensuse:12.3", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-280.NASL", "href": "https://www.tenable.com/plugins/nessus/75318", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-280.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75318);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\", \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\", \"CVE-2014-1715\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-SU-2014:0501-1)\");\n script_summary(english:\"Check for the openSUSE-2014-280 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to the 33.0.1750.152 stable channel uodate :\n\n - Security fixes :\n\n - CVE-2014-1713: Use-after-free in Blink bindings\n\n - CVE-2014-1714: Windows clipboard vulnerability\n\n - CVE-2014-1705: Memory corruption in V8\n\n - CVE-2014-1715: Directory traversal issue\n\nPrevious stable channel update 33.0.1750.149 :\n\n - Security fixes :\n\n - CVE-2014-1700: Use-after-free in speech\n\n - CVE-2014-1701: UXSS in events\n\n - CVE-2014-1702: Use-after-free in web database\n\n - CVE-2014-1703: Potential sandbox escape due to a\n use-after-free in web sockets\n\n - CVE-2014-1704: Multiple vulnerabilities in V8 fixed in\n version 3.23.17.18\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=866959\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-04/msg00023.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromedriver-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromedriver-debuginfo-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-debuginfo-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-debugsource-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-desktop-gnome-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-desktop-kde-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-ffmpegsumo-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-ffmpegsumo-debuginfo-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-suid-helper-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-suid-helper-debuginfo-33.0.1750.152-1.33.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-33.0.1750.152-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-debuginfo-33.0.1750.152-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-33.0.1750.152-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debuginfo-33.0.1750.152-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debugsource-33.0.1750.152-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-gnome-33.0.1750.152-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-kde-33.0.1750.152-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-33.0.1750.152-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-debuginfo-33.0.1750.152-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-suid-helper-33.0.1750.152-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-suid-helper-debuginfo-33.0.1750.152-25.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:52:24", "description": "Google Chrome Releases reports :\n\n25 security fixes in this release, including :\n\n- [268565] Medium CVE-2013-6621: Use after free related to speech input elements. Credit to Khalil Zhani.\n\n- [272786] High CVE-2013-6622: Use after free related to media elements. Credit to cloudfuzzer.\n\n- [282925] High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.\n\n- [290566] High CVE-2013-6624: Use after free related to 'id' attribute strings. Credit to Jon Butler.\n\n- [295010] High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer.\n\n- [295695] Low CVE-2013-6626: Address bar spoofing related to interstitial warnings. Credit to Chamal de Silva.\n\n- [299892] High CVE-2013-6627: Out of bounds read in HTTP parsing.\nCredit to skylined.\n\n- [306959] Medium CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco of INRIA Paris.\n\n- [315823] Medium-Critical CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.\n\n- [258723] Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo. Credit to Michal Zalewski of Google.\n\n- [299835] Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo. Credit to Michal Zalewski of Google.\n\n- [296804] High CVE-2013-6631: Use after free in libjingle. Credit to Patrik Hoglund of the Chromium project.", "cvss3": {"score": null, "vector": null}, "published": "2013-11-13T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (3bfc7016-4bcc-11e3-b0cf-00262d5ed8ee)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_3BFC70164BCC11E3B0CF00262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/nessus/70865", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2016 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70865);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\", \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (3bfc7016-4bcc-11e3-b0cf-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n25 security fixes in this release, including :\n\n- [268565] Medium CVE-2013-6621: Use after free related to speech\ninput elements. Credit to Khalil Zhani.\n\n- [272786] High CVE-2013-6622: Use after free related to media\nelements. Credit to cloudfuzzer.\n\n- [282925] High CVE-2013-6623: Out of bounds read in SVG. Credit to\nmiaubiz.\n\n- [290566] High CVE-2013-6624: Use after free related to 'id'\nattribute strings. Credit to Jon Butler.\n\n- [295010] High CVE-2013-6625: Use after free in DOM ranges. Credit to\ncloudfuzzer.\n\n- [295695] Low CVE-2013-6626: Address bar spoofing related to\ninterstitial warnings. Credit to Chamal de Silva.\n\n- [299892] High CVE-2013-6627: Out of bounds read in HTTP parsing.\nCredit to skylined.\n\n- [306959] Medium CVE-2013-6628: Issue with certificates not being\nchecked during TLS renegotiation. Credit to Antoine Delignat-Lavaud\nand Karthikeyan Bhargavan from Prosecco of INRIA Paris.\n\n- [315823] Medium-Critical CVE-2013-2931: Various fixes from internal\naudits, fuzzing and other initiatives.\n\n- [258723] Medium CVE-2013-6629: Read of uninitialized memory in\nlibjpeg and libjpeg-turbo. Credit to Michal Zalewski of Google.\n\n- [299835] Medium CVE-2013-6630: Read of uninitialized memory in\nlibjpeg-turbo. Credit to Michal Zalewski of Google.\n\n- [296804] High CVE-2013-6631: Use after free in libjingle. Credit to\nPatrik Hoglund of the Chromium project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://googlechromereleases.blogspot.nl/\"\n );\n # http://www.freebsd.org/ports/portaudit/3bfc7016-4bcc-11e3-b0cf-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?79f2f276\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<31.0.1650.48\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:54:16", "description": "The version of Google Chrome installed on the remote host is a version prior to 31.0.1650.48. It is, therefore, affected by multiple vulnerabilities :\n\n - Various, unspecified errors exist. (CVE-2013-2931)\n\n - Use-after-free errors exist related to speech input elements, media elements, 'id' attribute strings, DOM ranges, and libjingle. (CVE-2013-6621, CVE-2013-6622, CVE-2013-6624, CVE-2013-6625, CVE-2013-6631)\n\n - Out-of-bounds read errors exist in SVG and HTTP parsing. (CVE-2013-6623, CVE-2013-6627)\n\n - An address bar URI-spoofing vulnerability exists that is related to interstitial warnings. (CVE-2013-6626)\n\n - A certificate validation security bypass issue exists during TLS renegotiation. (CVE-2013-6628)\n\n - A memory corruption error exists in the libjpeg and libjpeg-turbo libraries when memory is uninitialized when decoding images with missing SOS data.\n (CVE-2013-6629)\n\n - A memory corruption error exists in the 'jdmarker.c' source file in the libjpeg-turbo library when processing Huffman tables. (CVE-2013-6630)", "cvss3": {"score": null, "vector": null}, "published": "2013-11-14T00:00:00", "type": "nessus", "title": "Google Chrome < 31.0.1650.48 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_31_0_1650_48.NASL", "href": "https://www.tenable.com/plugins/nessus/70916", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70916);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2013-2931\",\n \"CVE-2013-6621\",\n \"CVE-2013-6622\",\n \"CVE-2013-6623\",\n \"CVE-2013-6624\",\n \"CVE-2013-6625\",\n \"CVE-2013-6626\",\n \"CVE-2013-6627\",\n \"CVE-2013-6628\",\n \"CVE-2013-6629\",\n \"CVE-2013-6630\",\n \"CVE-2013-6631\"\n );\n script_bugtraq_id(\n 63667,\n 63669,\n 63670,\n 63671,\n 63672,\n 63673,\n 63674,\n 63675,\n 63676,\n 63677,\n 63678,\n 63679\n );\n\n script_name(english:\"Google Chrome < 31.0.1650.48 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is a version\nprior to 31.0.1650.48. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Various, unspecified errors exist. (CVE-2013-2931)\n\n - Use-after-free errors exist related to speech input\n elements, media elements, 'id' attribute strings, DOM\n ranges, and libjingle. (CVE-2013-6621, CVE-2013-6622,\n CVE-2013-6624, CVE-2013-6625, CVE-2013-6631)\n\n - Out-of-bounds read errors exist in SVG and HTTP\n parsing. (CVE-2013-6623, CVE-2013-6627)\n\n - An address bar URI-spoofing vulnerability exists that\n is related to interstitial warnings. (CVE-2013-6626)\n\n - A certificate validation security bypass issue exists\n during TLS renegotiation. (CVE-2013-6628)\n\n - A memory corruption error exists in the libjpeg and\n libjpeg-turbo libraries when memory is uninitialized\n when decoding images with missing SOS data.\n (CVE-2013-6629)\n\n - A memory corruption error exists in the 'jdmarker.c'\n source file in the libjpeg-turbo library when processing\n Huffman tables. (CVE-2013-6630)\");\n # http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b0a7b53d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 31.0.1650.48 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-2931\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\n# Check each installation.\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'31.0.1650.48', severity:SECURITY_HOLE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:51:42", "description": "The remote host has Google Chrome browser installed. Versions of Google Chrome prior to 31.0.1650.48 are affected by multiple vulnerabilities, some of which are highlighted below:\n\n - Use-after-free vulnerabilities related to speech input elements, media elements, DOM ranges, \"id\" attribute strings, and within the libjingle library, which can be triggered by a context-dependent attacker to potentially execute arbitrary code (CVE-2013-6621, CVE-2013-6622, CVE-2013-6624, CVE-2013-6625, CVE-2013-6631)\n\n - Out-of-bounds reading in HTTP parsing, SVG, and various jpeg libraries can be triggered via a specially crafted web page to cause a crash or potentially disclose memory contents. (CVE-CVE-2013-6623, CVE-2013-6627, CVE-2013-6629, CVE-2013-6630)\n\n - Address spoofing is possible via a flaw when displaying an interstitial webpage (CVE-2013-6626)\n\n - Certificates are not checked during TLS renegotiation, which may allow an attacker to present an invalid certification and have it accepted. (CVE-2013-6628)\n\nFurthermore, an updated version of Flash Player (version 11.9.900.152) has been included in this release.", "cvss3": {"score": null, "vector": null}, "published": "2013-12-05T00:00:00", "type": "nessus", "title": "Google Chrome < 31.0.1650.48 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6627", "CVE-2013-6624", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6621", "CVE-2013-6628", "CVE-2013-6631", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-2931"], "modified": "2013-12-05T00:00:00", "cpe": [], "id": "801611.PRM", "href": "https://www.tenable.com/plugins/lce/801611", "sourceData": "Binary data 801611.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:51:42", "description": "The remote host has Google Chrome browser installed. Versions of Google Chrome prior to 31.0.1650.48 are affected by multiple vulnerabilities, some of which are highlighted below:\n\n - Use-after-free vulnerabilities related to speech input elements, media elements, DOM ranges, 'id' attribute strings, and within the libjingle library, which can be triggered by a context-dependent attacker to potentially execute arbitrary code (CVE-2013-6621, CVE-2013-6622, CVE-2013-6624, CVE-2013-6625, CVE-2013-6631)\n\n - Out-of-bounds reading in HTTP parsing, SVG, and various jpeg libraries can be triggered via a specially crafted web page to cause a crash or potentially disclose memory contents. (CVE-CVE-2013-6623, CVE-2013-6627, CVE-2013-6629, CVE-2013-6630)\n\n - Address spoofing is possible via a flaw when displaying an interstitial webpage (CVE-2013-6626)\n\n - Certificates are not checked during TLS renegotiation, which may allow an attacker to present an invalid certification and have it accepted. (CVE-2013-6628)\n\nFurthermore, an updated version of Flash Player (version 11.9.900.152) has been included in this release.", "cvss3": {"score": null, "vector": null}, "published": "2013-12-05T00:00:00", "type": "nessus", "title": "Google Chrome < 31.0.1650.48 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6627", "CVE-2013-6624", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6621", "CVE-2013-6628", "CVE-2013-6631", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-2931"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "8059.PASL", "href": "https://www.tenable.com/plugins/nnm/8059", "sourceData": "Binary data 8059.pasl", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:52:17", "description": "The version of Google Chrome installed on the remote Mac OS X host is a version prior to 31.0.1650.48. It is, therefore, affected by multiple vulnerabilities :\n\n - Various, unspecified errors exist. (CVE-2013-2931)\n\n - Use-after-free errors exist related to speech input elements, media elements, 'id' attribute strings, DOM ranges, and libjingle. (CVE-2013-6621, CVE-2013-6622, CVE-2013-6624, CVE-2013-6625, CVE-2013-6631)\n\n - Out-of-bounds read errors exist in SVG and HTTP parsing. (CVE-2013-6623, CVE-2013-6627)\n\n - An address bar URI-spoofing vulnerability exists that is related to interstitial warnings. (CVE-2013-6626)\n\n - A certificate validation security bypass issue exists during TLS renegotiation. (CVE-2013-6628)\n\n - A memory corruption error exists in the libjpeg and libjpeg-turbo libraries when memory is uninitialized when decoding images with missing SOS data.\n (CVE-2013-6629)\n\n - A memory corruption error exists in the 'jdmarker.c' source file in the libjpeg-turbo library when processing Huffman tables. (CVE-2013-6630)", "cvss3": {"score": null, "vector": null}, "published": "2013-11-14T00:00:00", "type": "nessus", "title": "Google Chrome < 31.0.1650.48 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631"], "modified": "2019-11-27T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_31_0_1650_48.NASL", "href": "https://www.tenable.com/plugins/nessus/70917", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70917);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/11/27\");\n\n script_cve_id(\n \"CVE-2013-2931\",\n \"CVE-2013-6621\",\n \"CVE-2013-6622\",\n \"CVE-2013-6623\",\n \"CVE-2013-6624\",\n \"CVE-2013-6625\",\n \"CVE-2013-6626\",\n \"CVE-2013-6627\",\n \"CVE-2013-6628\",\n \"CVE-2013-6629\",\n \"CVE-2013-6630\",\n \"CVE-2013-6631\"\n );\n script_bugtraq_id(\n 63667,\n 63669,\n 63670,\n 63671,\n 63672,\n 63673,\n 63674,\n 63675,\n 63676,\n 63677,\n 63678,\n 63679\n );\n\n script_name(english:\"Google Chrome < 31.0.1650.48 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version number of Google Chrome\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is a\nversion prior to 31.0.1650.48. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Various, unspecified errors exist. (CVE-2013-2931)\n\n - Use-after-free errors exist related to speech input\n elements, media elements, 'id' attribute strings, DOM\n ranges, and libjingle. (CVE-2013-6621, CVE-2013-6622,\n CVE-2013-6624, CVE-2013-6625, CVE-2013-6631)\n\n - Out-of-bounds read errors exist in SVG and HTTP\n parsing. (CVE-2013-6623, CVE-2013-6627)\n\n - An address bar URI-spoofing vulnerability exists that is\n related to interstitial warnings. (CVE-2013-6626)\n\n - A certificate validation security bypass issue exists\n during TLS renegotiation. (CVE-2013-6628)\n\n - A memory corruption error exists in the libjpeg and\n libjpeg-turbo libraries when memory is uninitialized\n when decoding images with missing SOS data.\n (CVE-2013-6629)\n\n - A memory corruption error exists in the 'jdmarker.c'\n source file in the libjpeg-turbo library when processing\n Huffman tables. (CVE-2013-6630)\");\n # http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b0a7b53d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 31.0.1650.48 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-2931\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'31.0.1650.48', severity:SECURITY_HOLE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:49:18", "description": "- Update to Chromium 31.0.1650.63 Stable channel update :\n\n - Security fixes :\n\n - CVE-2013-6634: Session fixation in sync related to 302 redirects\n\n - CVE-2013-6635: Use-after-free in editing\n\n - CVE-2013-6636: Address bar spoofing related to modal dialogs\n\n - CVE-2013-6637: Various fixes from internal audits, fuzzing and other initiatives.\n\n - CVE-2013-6638: Buffer overflow in v8\n\n - CVE-2013-6639: Out of bounds write in v8.\n\n - CVE-2013-6640: Out of bounds read in v8\n\n - and 12 other security fixes.\n\n - Remove the build flags to build according to the Chrome ffmpeg branding and the proprietary codecs. (bnc#847971)\n\n - Update to Chromium 31.0.1650.57 Stable channel update :\n\n - Security Fixes :\n\n - CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 Stable Channel update :\n\n - Security fixes :\n\n - CVE-2013-6621: Use after free related to speech input elements..\n\n - CVE-2013-6622: Use after free related to media elements. \n\n - CVE-2013-6623: Out of bounds read in SVG.\n\n - CVE-2013-6624: Use after free related to “id” attribute strings.\n\n - CVE-2013-6625: Use after free in DOM ranges.\n\n - CVE-2013-6626: Address bar spoofing related to interstitial warnings.\n\n - CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n - CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation.\n\n - CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.\n\n - CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo.\n\n - CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.\n\n - CVE-2013-6631: Use after free in libjingle.\n\n - Added patch chromium-fix-chromedriver-build.diff to fix the chromedriver build\n\n - Enable ARM build for Chromium. \n\n - Added patches chromium-arm-webrtc-fix.patch, chromium-fix-arm-icu.patch and chromium-fix-arm-sysroot.patch to resolve ARM specific build issues\n\n - Update to Chromium 30.0.1599.114 Stable Channel update:\n fix build for 32bit systems\n\n - Drop patch chromium-fix-chromedriver-build.diff. This is now fixed upstream\n\n - For openSUSE versions lower than 13.1, build against the in-tree libicu\n\n - Update to Chromium 30.0.1599.101\n\n - Security Fixes :\n\n + CVE-2013-2925: Use after free in XHR\n\n + CVE-2013-2926: Use after free in editing\n\n + CVE-2013-2927: Use after free in forms.\n\n + CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.\n\n - Update to Chromium 30.0.1599.66\n\n - Easier searching by image \n\n - A number of new apps/extension APIs \n\n - Lots of under the hood changes for stability and performance\n\n - Security fixes :\n\n + CVE-2013-2906: Races in Web Audio\n\n + CVE-2013-2907: Out of bounds read in Window.prototype object\n\n + CVE-2013-2908: Address bar spoofing related to the “204 No Content” status code\n\n + CVE-2013-2909: Use after free in inline-block rendering\n\n + CVE-2013-2910: Use-after-free in Web Audio\n\n + CVE-2013-2911: Use-after-free in XSLT\n\n + CVE-2013-2912: Use-after-free in PPAPI\n\n + CVE-2013-2913: Use-after-free in XML document parsing\n\n + CVE-2013-2914: Use after free in the Windows color chooser dialog\n\n + CVE-2013-2915: Address bar spoofing via a malformed scheme\n\n + CVE-2013-2916: Address bar spoofing related to the “204 No Content” status code\n\n + CVE-2013-2917: Out of bounds read in Web Audio\n\n + CVE-2013-2918: Use-after-free in DOM\n\n + CVE-2013-2919: Memory corruption in V8\n\n + CVE-2013-2920: Out of bounds read in URL parsing\n\n + CVE-2013-2921: Use-after-free in resource loader\n\n + CVE-2013-2922: Use-after-free in template element\n\n + CVE-2013-2923: Various fixes from internal audits, fuzzing and other initiatives \n\n + CVE-2013-2924: Use-after-free in ICU. Upstream bug", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-SU-2014:0065-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2906", "CVE-2013-2907", "CVE-2013-2908", "CVE-2013-2909", "CVE-2013-2910", "CVE-2013-2911", "CVE-2013-2912", "CVE-2013-2913", "CVE-2013-2914", "CVE-2013-2915", "CVE-2013-2916", "CVE-2013-2917", "CVE-2013-2918", "CVE-2013-2919", "CVE-2013-2920", "CVE-2013-2921", "CVE-2013-2922", "CVE-2013-2923", "CVE-2013-2924", "CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928", "CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631", "CVE-2013-6632", "CVE-2013-6634", "CVE-2013-6635", "CVE-2013-6636", "CVE-2013-6637", "CVE-2013-6638", "CVE-2013-6639", "CVE-2013-6640"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "p-cpe:/a:novell:opensuse:chromium-suid-helper", "p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-37.NASL", "href": "https://www.tenable.com/plugins/nessus/75366", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-37.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75366);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2906\", \"CVE-2013-2907\", \"CVE-2013-2908\", \"CVE-2013-2909\", \"CVE-2013-2910\", \"CVE-2013-2911\", \"CVE-2013-2912\", \"CVE-2013-2913\", \"CVE-2013-2914\", \"CVE-2013-2915\", \"CVE-2013-2916\", \"CVE-2013-2917\", \"CVE-2013-2918\", \"CVE-2013-2919\", \"CVE-2013-2920\", \"CVE-2013-2921\", \"CVE-2013-2922\", \"CVE-2013-2923\", \"CVE-2013-2924\", \"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\", \"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\", \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\", \"CVE-2013-6632\", \"CVE-2013-6634\", \"CVE-2013-6635\", \"CVE-2013-6636\", \"CVE-2013-6637\", \"CVE-2013-6638\", \"CVE-2013-6639\", \"CVE-2013-6640\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-SU-2014:0065-1)\");\n script_summary(english:\"Check for the openSUSE-2014-37 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to Chromium 31.0.1650.63 Stable channel update :\n\n - Security fixes :\n\n - CVE-2013-6634: Session fixation in sync related to 302\n redirects\n\n - CVE-2013-6635: Use-after-free in editing\n\n - CVE-2013-6636: Address bar spoofing related to modal\n dialogs\n\n - CVE-2013-6637: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - CVE-2013-6638: Buffer overflow in v8\n\n - CVE-2013-6639: Out of bounds write in v8.\n\n - CVE-2013-6640: Out of bounds read in v8\n\n - and 12 other security fixes.\n\n - Remove the build flags to build according to the Chrome\n ffmpeg branding and the proprietary codecs. (bnc#847971)\n\n - Update to Chromium 31.0.1650.57 Stable channel update :\n\n - Security Fixes :\n\n - CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 Stable Channel update :\n\n - Security fixes :\n\n - CVE-2013-6621: Use after free related to speech input\n elements..\n\n - CVE-2013-6622: Use after free related to media elements. \n\n - CVE-2013-6623: Out of bounds read in SVG.\n\n - CVE-2013-6624: Use after free related to\n “id” attribute strings.\n\n - CVE-2013-6625: Use after free in DOM ranges.\n\n - CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n\n - CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n - CVE-2013-6628: Issue with certificates not being checked\n during TLS renegotiation.\n\n - CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - CVE-2013-6629: Read of uninitialized memory in libjpeg\n and libjpeg-turbo.\n\n - CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n\n - CVE-2013-6631: Use after free in libjingle.\n\n - Added patch chromium-fix-chromedriver-build.diff to fix\n the chromedriver build\n\n - Enable ARM build for Chromium. \n\n - Added patches chromium-arm-webrtc-fix.patch,\n chromium-fix-arm-icu.patch and\n chromium-fix-arm-sysroot.patch to resolve ARM specific\n build issues\n\n - Update to Chromium 30.0.1599.114 Stable Channel update:\n fix build for 32bit systems\n\n - Drop patch chromium-fix-chromedriver-build.diff. This is\n now fixed upstream\n\n - For openSUSE versions lower than 13.1, build against the\n in-tree libicu\n\n - Update to Chromium 30.0.1599.101\n\n - Security Fixes :\n\n + CVE-2013-2925: Use after free in XHR\n\n + CVE-2013-2926: Use after free in editing\n\n + CVE-2013-2927: Use after free in forms.\n\n + CVE-2013-2928: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - Update to Chromium 30.0.1599.66\n\n - Easier searching by image \n\n - A number of new apps/extension APIs \n\n - Lots of under the hood changes for stability and\n performance\n\n - Security fixes :\n\n + CVE-2013-2906: Races in Web Audio\n\n + CVE-2013-2907: Out of bounds read in Window.prototype\n object\n\n + CVE-2013-2908: Address bar spoofing related to the\n “204 No Content” status code\n\n + CVE-2013-2909: Use after free in inline-block rendering\n\n + CVE-2013-2910: Use-after-free in Web Audio\n\n + CVE-2013-2911: Use-after-free in XSLT\n\n + CVE-2013-2912: Use-after-free in PPAPI\n\n + CVE-2013-2913: Use-after-free in XML document parsing\n\n + CVE-2013-2914: Use after free in the Windows color\n chooser dialog\n\n + CVE-2013-2915: Address bar spoofing via a malformed\n scheme\n\n + CVE-2013-2916: Address bar spoofing related to the\n “204 No Content” status code\n\n + CVE-2013-2917: Out of bounds read in Web Audio\n\n + CVE-2013-2918: Use-after-free in DOM\n\n + CVE-2013-2919: Memory corruption in V8\n\n + CVE-2013-2920: Out of bounds read in URL parsing\n\n + CVE-2013-2921: Use-after-free in resource loader\n\n + CVE-2013-2922: Use-after-free in template element\n\n + CVE-2013-2923: Various fixes from internal audits,\n fuzzing and other initiatives \n\n + CVE-2013-2924: Use-after-free in ICU. Upstream bug\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=847971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=854472\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=854473\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-31.0.1650.63-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-debuginfo-31.0.1650.63-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-31.0.1650.63-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debuginfo-31.0.1650.63-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debugsource-31.0.1650.63-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-gnome-31.0.1650.63-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-kde-31.0.1650.63-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-31.0.1650.63-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-debuginfo-31.0.1650.63-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-suid-helper-31.0.1650.63-13.7\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-suid-helper-debuginfo-31.0.1650.63-13.7\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:49:36", "description": "Chromium was updated to 31.0.1650.57: Stable channel update :\n\n - Security Fixes :\n\n - CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 (bnc#850430) Stable Channel update :\n\n - Security fixes :\n\n - CVE-2013-6621: Use after free related to speech input elements..\n\n - CVE-2013-6622: Use after free related to media elements. \n\n - CVE-2013-6623: Out of bounds read in SVG.\n\n - CVE-2013-6624: Use after free related to “id” attribute strings.\n\n - CVE-2013-6625: Use after free in DOM ranges.\n\n - CVE-2013-6626: Address bar spoofing related to interstitial warnings.\n\n - CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n - CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation.\n\n - CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.\n\n - CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo.\n\n - CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.\n\n - CVE-2013-6631: Use after free in libjingle.\n\n - Added patch chromium-fix-chromedriver-build.diff to fix the chromedriver build", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-SU-2013:1777-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631", "CVE-2013-6632"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "p-cpe:/a:novell:opensuse:chromium-suid-helper", "p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-904.NASL", "href": "https://www.tenable.com/plugins/nessus/75213", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-904.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75213);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\", \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\", \"CVE-2013-6632\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-SU-2013:1777-1)\");\n script_summary(english:\"Check for the openSUSE-2013-904 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 31.0.1650.57: Stable channel update :\n\n - Security Fixes :\n\n - CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 (bnc#850430) Stable\n Channel update :\n\n - Security fixes :\n\n - CVE-2013-6621: Use after free related to speech input\n elements..\n\n - CVE-2013-6622: Use after free related to media elements. \n\n - CVE-2013-6623: Out of bounds read in SVG.\n\n - CVE-2013-6624: Use after free related to\n “id” attribute strings.\n\n - CVE-2013-6625: Use after free in DOM ranges.\n\n - CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n\n - CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n - CVE-2013-6628: Issue with certificates not being checked\n during TLS renegotiation.\n\n - CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - CVE-2013-6629: Read of uninitialized memory in libjpeg\n and libjpeg-turbo.\n\n - CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n\n - CVE-2013-6631: Use after free in libjingle.\n\n - Added patch chromium-fix-chromedriver-build.diff to fix\n the chromedriver build\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=850430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-11/msg00108.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromedriver-31.0.1650.57-1.54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromedriver-debuginfo-31.0.1650.57-1.54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-31.0.1650.57-1.54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-debuginfo-31.0.1650.57-1.54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-debugsource-31.0.1650.57-1.54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-desktop-gnome-31.0.1650.57-1.54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-desktop-kde-31.0.1650.57-1.54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-ffmpegsumo-31.0.1650.57-1.54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-ffmpegsumo-debuginfo-31.0.1650.57-1.54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-suid-helper-31.0.1650.57-1.54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chromium-suid-helper-debuginfo-31.0.1650.57-1.54.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:52:10", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\n - CVE-2013-2931 The chrome 31 development team found various issues from internal fuzzing, audits, and other studies.\n\n - CVE-2013-6621 Khalil Zhani discovered a use-after-free issue in speech input handling.\n\n - CVE-2013-6622 'cloudfuzzer' discovered a use-after-free issue in HTMLMediaElement.\n\n - CVE-2013-6623 'miaubiz' discovered an out-of-bounds read in the Blink/Webkit SVG implementation.\n\n - CVE-2013-6624 Jon Butler discovered a use-after-free issue in id attribute strings.\n\n - CVE-2013-6625 'cloudfuzzer' discovered a use-after-free issue in the Blink/Webkit DOM implementation.\n\n - CVE-2013-6626 Chamal de Silva discovered an address bar spoofing issue.\n\n - CVE-2013-6627 'skylined' discovered an out-of-bounds read in the HTTP stream parser.\n\n - CVE-2013-6628 Antoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris discovered that a different (unverified) certificate could be used after successful TLS renegotiation with a valid certificate.\n\n - CVE-2013-6629 Michal Zalewski discovered an uninitialized memory read in the libjpeg and libjpeg-turbo libraries.\n\n - CVE-2013-6630 Michal Zalewski discovered another uninitialized memory read in the libjpeg and libjpeg-turbo libraries.\n\n - CVE-2013-6631 Patrik Hoglund discovered a use-free issue in the libjingle library.\n\n - CVE-2013-6632 Pinkie Pie discovered multiple memory corruption issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-11-21T00:00:00", "type": "nessus", "title": "Debian DSA-2799-1 : chromium-browser - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631", "CVE-2013-6632"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2799.NASL", "href": "https://www.tenable.com/plugins/nessus/70986", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2799. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70986);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\", \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\", \"CVE-2013-6632\");\n script_xref(name:\"DSA\", value:\"2799\");\n\n script_name(english:\"Debian DSA-2799-1 : chromium-browser - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2013-2931\n The chrome 31 development team found various issues from\n internal fuzzing, audits, and other studies.\n\n - CVE-2013-6621\n Khalil Zhani discovered a use-after-free issue in speech\n input handling.\n\n - CVE-2013-6622\n 'cloudfuzzer' discovered a use-after-free issue in\n HTMLMediaElement.\n\n - CVE-2013-6623\n 'miaubiz' discovered an out-of-bounds read in the\n Blink/Webkit SVG implementation.\n\n - CVE-2013-6624\n Jon Butler discovered a use-after-free issue in id\n attribute strings.\n\n - CVE-2013-6625\n 'cloudfuzzer' discovered a use-after-free issue in the\n Blink/Webkit DOM implementation.\n\n - CVE-2013-6626\n Chamal de Silva discovered an address bar spoofing\n issue.\n\n - CVE-2013-6627\n 'skylined' discovered an out-of-bounds read in the HTTP\n stream parser.\n\n - CVE-2013-6628\n Antoine Delignat-Lavaud and Karthikeyan Bhargavan of\n INRIA Paris discovered that a different (unverified)\n certificate could be used after successful TLS\n renegotiation with a valid certificate.\n\n - CVE-2013-6629\n Michal Zalewski discovered an uninitialized memory read\n in the libjpeg and libjpeg-turbo libraries.\n\n - CVE-2013-6630\n Michal Zalewski discovered another uninitialized memory\n read in the libjpeg and libjpeg-turbo libraries.\n\n - CVE-2013-6631\n Patrik Hoglund discovered a use-free issue in the\n libjingle library.\n\n - CVE-2013-6632\n Pinkie Pie discovered multiple memory corruption issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6622\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6623\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6624\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6628\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6630\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6631\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6632\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2799\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 31.0.1650.57-1~deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"chromium\", reference:\"31.0.1650.57-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser\", reference:\"31.0.1650.57-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-dbg\", reference:\"31.0.1650.57-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-inspector\", reference:\"31.0.1650.57-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-l10n\", reference:\"31.0.1650.57-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-dbg\", reference:\"31.0.1650.57-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-inspector\", reference:\"31.0.1650.57-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-l10n\", reference:\"31.0.1650.57-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:53:35", "description": "Several vulnerabilities have been discovered in the Chromium web browser.\n\n - CVE-2013-2853 The HTTPS implementation does not ensure that headers are terminated by \\r\\n\\r\\n (carriage return, newline, carriage return, newline).\n\n - CVE-2013-2867 Chrome does not properly prevent pop-under windows.\n\n - CVE-2013-2868 common/extensions/sync_helper.cc proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting.\n\n - CVE-2013-2869 Denial of service (out-of-bounds read) via a crafted JPEG2000 image.\n\n - CVE-2013-2870 Use-after-free vulnerability in network sockets.\n\n - CVE-2013-2871 Use-after-free vulnerability in input handling.\n\n - CVE-2013-2873 Use-after-free vulnerability in resource loading.\n\n - CVE-2013-2875 Out-of-bounds read in SVG file handling.\n\n - CVE-2013-2876 Chromium does not properly enforce restrictions on the capture of screenshots by extensions, which could lead to information disclosure from previous page visits.\n\n - CVE-2013-2877 Out-of-bounds read in XML file handling.\n\n - CVE-2013-2878 Out-of-bounds read in text handling.\n\n - CVE-2013-2879 The circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations were not propertly checked.\n\n - CVE-2013-2880 The Chromium 28 development team found various issues from internal fuzzing, audits, and other studies.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-19T00:00:00", "type": "nessus", "title": "Debian DSA-2724-1 : chromium-browser - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2853", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2873", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2877", "CVE-2013-2878", "CVE-2013-2879", "CVE-2013-2880"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2724.NASL", "href": "https://www.tenable.com/plugins/nessus/68970", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2724. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68970);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2853\", \"CVE-2013-2867\", \"CVE-2013-2868\", \"CVE-2013-2869\", \"CVE-2013-2870\", \"CVE-2013-2871\", \"CVE-2013-2873\", \"CVE-2013-2875\", \"CVE-2013-2876\", \"CVE-2013-2877\", \"CVE-2013-2878\", \"CVE-2013-2879\", \"CVE-2013-2880\");\n script_bugtraq_id(61046, 61047, 61049, 61050, 61051, 61052, 61054, 61055, 61056, 61057, 61059, 61060, 61061);\n script_xref(name:\"DSA\", value:\"2724\");\n\n script_name(english:\"Debian DSA-2724-1 : chromium-browser - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Chromium web\nbrowser.\n\n - CVE-2013-2853\n The HTTPS implementation does not ensure that headers\n are terminated by \\r\\n\\r\\n (carriage return, newline,\n carriage return, newline).\n\n - CVE-2013-2867\n Chrome does not properly prevent pop-under windows.\n\n - CVE-2013-2868\n common/extensions/sync_helper.cc proceeds with sync\n operations for NPAPI extensions without checking for a\n certain plugin permission setting.\n\n - CVE-2013-2869\n Denial of service (out-of-bounds read) via a crafted\n JPEG2000 image.\n\n - CVE-2013-2870\n Use-after-free vulnerability in network sockets.\n\n - CVE-2013-2871\n Use-after-free vulnerability in input handling.\n\n - CVE-2013-2873\n Use-after-free vulnerability in resource loading.\n\n - CVE-2013-2875\n Out-of-bounds read in SVG file handling.\n\n - CVE-2013-2876\n Chromium does not properly enforce restrictions on the\n capture of screenshots by extensions, which could lead\n to information disclosure from previous page visits.\n\n - CVE-2013-2877\n Out-of-bounds read in XML file handling.\n\n - CVE-2013-2878\n Out-of-bounds read in text handling.\n\n - CVE-2013-2879\n The circumstances in which a renderer process can be\n considered a trusted process for sign-in and subsequent\n sync operations were not propertly checked.\n\n - CVE-2013-2880\n The Chromium 28 development team found various issues\n from internal fuzzing, audits, and other studies.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2867\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2869\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2879\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2724\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 28.0.1500.71-1~deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"chromium\", reference:\"28.0.1500.71-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser\", reference:\"28.0.1500.71-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-dbg\", reference:\"28.0.1500.71-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-inspector\", reference:\"28.0.1500.71-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-l10n\", reference:\"28.0.1500.71-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-dbg\", reference:\"28.0.1500.71-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-inspector\", reference:\"28.0.1500.71-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-l10n\", reference:\"28.0.1500.71-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:53:58", "description": "Google Chrome Releases reports :\n\nA special reward for Andrey Labunets for his combination of CVE-2013-2879 and CVE-2013-2868 along with some (since fixed) server-side bugs.\n\n[252216] Low CVE-2013-2867: Block pop-unders in various scenarios.\n\n[252062] High CVE-2013-2879: Confusion setting up sign-in and sync.\nCredit to Andrey Labunets.\n\n[252034] Medium CVE-2013-2868: Incorrect sync of NPAPI extension component. Credit to Andrey Labunets.\n\n[245153] Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling. Credit to Felix Groebert of Google Security Team.\n\n[244746] [242762] Critical CVE-2013-2870: Use-after-free with network sockets. Credit to Collin Payne.\n\n[244260] Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco at INRIA Paris.\n\n[243991] [243818] High CVE-2013-2871: Use-after-free in input handling. Credit to miaubiz.\n\n[Mac only] [242702] Low CVE-2013-2872: Possible lack of entropy in renderers. Credit to Eric Rescorla.\n\n[241139] High CVE-2013-2873: Use-after-free in resource loading.\nCredit to miaubiz.\n\n[233848] Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to miaubiz.\n\n[229504] Medium CVE-2013-2876: Extensions permissions confusion with interstitials. Credit to Dev Akhawe.\n\n[229019] Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki Helin of OUSPG.\n\n[196636] None: Remove the 'viewsource' attribute on iframes. Credit to Collin Jackson.\n\n[177197] Medium CVE-2013-2878: Out-of-bounds read in text handling.\nCredit to Atte Kettunen of OUSPG.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-11T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (3b80104f-e96c-11e2-8bac-00262d5ed8ee)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2853", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2872", "CVE-2013-2873", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2877", "CVE-2013-2878", "CVE-2013-2879"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_3B80104FE96C11E28BAC00262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/nessus/67237", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67237);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-2853\", \"CVE-2013-2867\", \"CVE-2013-2868\", \"CVE-2013-2869\", \"CVE-2013-2870\", \"CVE-2013-2871\", \"CVE-2013-2872\", \"CVE-2013-2873\", \"CVE-2013-2875\", \"CVE-2013-2876\", \"CVE-2013-2877\", \"CVE-2013-2878\", \"CVE-2013-2879\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (3b80104f-e96c-11e2-8bac-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\nA special reward for Andrey Labunets for his combination of\nCVE-2013-2879 and CVE-2013-2868 along with some (since fixed)\nserver-side bugs.\n\n[252216] Low CVE-2013-2867: Block pop-unders in various scenarios.\n\n[252062] High CVE-2013-2879: Confusion setting up sign-in and sync.\nCredit to Andrey Labunets.\n\n[252034] Medium CVE-2013-2868: Incorrect sync of NPAPI extension\ncomponent. Credit to Andrey Labunets.\n\n[245153] Medium CVE-2013-2869: Out-of-bounds read in JPEG2000\nhandling. Credit to Felix Groebert of Google Security Team.\n\n[244746] [242762] Critical CVE-2013-2870: Use-after-free with network\nsockets. Credit to Collin Payne.\n\n[244260] Medium CVE-2013-2853: Man-in-the-middle attack against HTTP\nin SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan\nfrom Prosecco at INRIA Paris.\n\n[243991] [243818] High CVE-2013-2871: Use-after-free in input\nhandling. Credit to miaubiz.\n\n[Mac only] [242702] Low CVE-2013-2872: Possible lack of entropy in\nrenderers. Credit to Eric Rescorla.\n\n[241139] High CVE-2013-2873: Use-after-free in resource loading.\nCredit to miaubiz.\n\n[233848] Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to\nmiaubiz.\n\n[229504] Medium CVE-2013-2876: Extensions permissions confusion with\ninterstitials. Credit to Dev Akhawe.\n\n[229019] Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit\nto Aki Helin of OUSPG.\n\n[196636] None: Remove the 'viewsource' attribute on iframes. Credit to\nCollin Jackson.\n\n[177197] Medium CVE-2013-2878: Out-of-bounds read in text handling.\nCredit to Atte Kettunen of OUSPG.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://googlechromereleases.blogspot.nl/\"\n );\n # http://www.freebsd.org/ports/portaudit/3b80104f-e96c-11e2-8bac-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6523f6c3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<28.0.1500.71\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:44:06", "description": "The version of Google Chrome installed on the remote host is a version prior to 28.0.1500.71 and is, therefore, affected by multiple vulnerabilities :\n\n - A vulnerability exists that exposes HTTP in SSL to a man-in-the-middle attack. (CVE-2013-2853)\n\n - Block pop-unders in various scenarios. (CVE-2013-2867)\n\n - An error exists related to an incorrect sync of the NPAPI extension component. (CVE-2013-2868)\n\n - An unspecified flaw exists due to a lack of entropy in renderers. (CVE-2013-2872)\n\n - Use-after-free errors exist related to network sockets, input handling, and resource loading. (CVE-2013-2870, CVE-2013-2871, CVE-2013-2873)\n\n - A screen data leak error exists related to GL textures.\n (CVE-2013-2874)\n\n - An extension permission error exists related to interstitials. (CVE-2013-2876)\n\n - Multiple out-of-bounds errors exist related to JPEG2000, SVG, text handling and XML parsing. (CVE-2013-2869, CVE-2013-2875, CVE-2013-2877, CVE-2013-2878)\n\n - An unspecified error exists when setting up sign-in and sync. (CVE-2013-2879)\n\n - The vendor reports various, unspecified errors exist.\n (CVE-2013-2880)", "cvss3": {"score": null, "vector": null}, "published": "2013-07-10T00:00:00", "type": "nessus", "title": "Google Chrome < 28.0.1500.71 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2853", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2872", "CVE-2013-2873", "CVE-2013-2874", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2877", "CVE-2013-2878", "CVE-2013-2879", "CVE-2013-2880"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_28_0_1500_71.NASL", "href": "https://www.tenable.com/plugins/nessus/67232", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67232);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2013-2853\",\n \"CVE-2013-2867\",\n \"CVE-2013-2868\",\n \"CVE-2013-2869\",\n \"CVE-2013-2870\",\n \"CVE-2013-2871\",\n \"CVE-2013-2872\",\n \"CVE-2013-2873\",\n \"CVE-2013-2874\",\n \"CVE-2013-2875\",\n \"CVE-2013-2876\",\n \"CVE-2013-2877\",\n \"CVE-2013-2878\",\n \"CVE-2013-2879\",\n \"CVE-2013-2880\"\n );\n script_bugtraq_id(\n 61046,\n 61047,\n 61049,\n 61050,\n 61051,\n 61052,\n 61053,\n 61054,\n 61055,\n 61056,\n 61057,\n 61058,\n 61059,\n 61060,\n 61061\n );\n\n script_name(english:\"Google Chrome < 28.0.1500.71 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is a version\nprior to 28.0.1500.71 and is, therefore, affected by multiple\nvulnerabilities :\n\n - A vulnerability exists that exposes HTTP in SSL to a\n man-in-the-middle attack. (CVE-2013-2853)\n\n - Block pop-unders in various scenarios. (CVE-2013-2867)\n\n - An error exists related to an incorrect sync of the\n NPAPI extension component. (CVE-2013-2868)\n\n - An unspecified flaw exists due to a lack of entropy in\n renderers. (CVE-2013-2872)\n\n - Use-after-free errors exist related to network sockets,\n input handling, and resource loading. (CVE-2013-2870,\n CVE-2013-2871, CVE-2013-2873)\n\n - A screen data leak error exists related to GL textures.\n (CVE-2013-2874)\n\n - An extension permission error exists related to\n interstitials. (CVE-2013-2876)\n\n - Multiple out-of-bounds errors exist related to JPEG2000,\n SVG, text handling and XML parsing. (CVE-2013-2869,\n CVE-2013-2875, CVE-2013-2877, CVE-2013-2878)\n\n - An unspecified error exists when setting up sign-in and\n sync. (CVE-2013-2879)\n\n - The vendor reports various, unspecified errors exist.\n (CVE-2013-2880)\");\n # https://chromereleases.googleblog.com/2013/07/stable-channel-update.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f68d8c39\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 28.0.1500.71 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-2870\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\n\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\ngoogle_chrome_check_version(installs:installs, fix:'28.0.1500.71', severity:SECURITY_HOLE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:53:27", "description": "Versions prior to Google Chrome 28.0.1500.71 are potentially affected by the multiple vulnerabilities, the more serious of which are as follows:\n\n - Several remote code execution vulnerabilities exist due to use-after-free errors in multiple areas. A remote attacker can leverage this to execute arbitrary code in the context of the application. (CVE-2013-2870, CVE-2013-2871, CVE-2013-2873, CVE-2013-2879)\n\n - Memory corruption vulnerabilities exist which may be exploitable to induce arbitrary code execution. (CVE-2013-2869, CVE-2013-2878, CVE-2013-2875)\n\n - Information disclosure vulnerabilities exist that may be exploited by remote attackers to obtain information that can aid in further attacks. (CVE-2013-2853, CVE-2013-2874)\n\n - A security bypass vulnerability exists due to confusion in extensions permissions, which a remote attacker could exploit to bypass intended security restrictions to perform unauthorized actions. (CVE-2013-2876)", "cvss3": {"score": null, "vector": null}, "published": "2013-07-11T00:00:00", "type": "nessus", "title": "Google Chrome < 28.0.1500.71 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2877", "CVE-2013-2853", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2872", "CVE-2013-2874", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2878", "CVE-2013-2879", "CVE-2013-2880"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "6920.PASL", "href": "https://www.tenable.com/plugins/nnm/6920", "sourceData": "Binary data 6920.pasl", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:53:27", "description": "Versions prior to Google Chrome 28.0.1500.71 are potentially affected by the multiple vulnerabilities, the more serious of which are as follows:\n\n - Several remote code execution vulnerabilities exist due to use-after-free errors in multiple areas. A remote attacker can leverage this to execute arbitrary code in the context of the application. (CVE-2013-2870, CVE-2013-2871, CVE-2013-2873, CVE-2013-2879)\n\n - Memory corruption vulnerabilities exist which may be exploitable to induce arbitrary code execution. (CVE-2013-2869, CVE-2013-2878, CVE-2013-2875)\n\n - Information disclosure vulnerabilities exist that may be exploited by remote attackers to obtain information that can aid in further attacks. (CVE-2013-2853, CVE-2013-2874)\n\n - A security bypass vulnerability exists due to confusion in extensions permissions, which a remote attacker could exploit to bypass intended security restrictions to perform unauthorized actions. (CVE-2013-2876)\n", "cvss3": {"score": null, "vector": null}, "published": "2013-07-11T00:00:00", "type": "nessus", "title": "Google Chrome < 28.0.1500.71 Multiple Security Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2877", "CVE-2013-2853", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2872", "CVE-2013-2874", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2878", "CVE-2013-2879", "CVE-2013-2880"], "modified": "2013-07-11T00:00:00", "cpe": [], "id": "801411.PRM", "href": "https://www.tenable.com/plugins/lce/801411", "sourceData": "Binary data 801411.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:51", "description": "The remote host is affected by the vulnerability described in GLSA-201403-01 (Chromium, V8: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.\n Impact :\n\n A context-dependent attacker could entice a user to open a specially crafted website or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass security restrictions or have other unspecified impact.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2014-03-06T00:00:00", "type": "nessus", "title": "GLSA-201403-01 : Chromium, V8: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2906", "CVE-2013-2907", "CVE-2013-2908", "CVE-2013-2909", "CVE-2013-2910", "CVE-2013-2911", "CVE-2013-2912", "CVE-2013-2913", "CVE-2013-2915", "CVE-2013-2916", "CVE-2013-2917", "CVE-2013-2918", "CVE-2013-2919", "CVE-2013-2920", "CVE-2013-2921", "CVE-2013-2922", "CVE-2013-2923", "CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928", "CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6632", "CVE-2013-6634", "CVE-2013-6635", "CVE-2013-6636", "CVE-2013-6637", "CVE-2013-6638", "CVE-2013-6639", "CVE-2013-6640", "CVE-2013-6641", "CVE-2013-6643", "CVE-2013-6644", "CVE-2013-6645", "CVE-2013-6646", "CVE-2013-6649", "CVE-2013-6650", "CVE-2013-6652", "CVE-2013-6653", "CVE-2013-6654", "CVE-2013-6655", "CVE-2013-6656", "CVE-2013-6657", "CVE-2013-6658", "CVE-2013-6659", "CVE-2013-6660", "CVE-2013-6661", "CVE-2013-6663", "CVE-2013-6664", "CVE-2013-6665", "CVE-2013-6666", "CVE-2013-6667", "CVE-2013-6668", "CVE-2013-6802", "CVE-2014-1681"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:chromium", "p-cpe:/a:gentoo:linux:v8", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201403-01.NASL", "href": "https://www.tenable.com/plugins/nessus/72851", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201403-01.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72851);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-2906\", \"CVE-2013-2907\", \"CVE-2013-2908\", \"CVE-2013-2909\", \"CVE-2013-2910\", \"CVE-2013-2911\", \"CVE-2013-2912\", \"CVE-2013-2913\", \"CVE-2013-2915\", \"CVE-2013-2916\", \"CVE-2013-2917\", \"CVE-2013-2918\", \"CVE-2013-2919\", \"CVE-2013-2920\", \"CVE-2013-2921\", \"CVE-2013-2922\", \"CVE-2013-2923\", \"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\", \"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\", \"CVE-2013-6632\", \"CVE-2013-6634\", \"CVE-2013-6635\", \"CVE-2013-6636\", \"CVE-2013-6637\", \"CVE-2013-6638\", \"CVE-2013-6639\", \"CVE-2013-6640\", \"CVE-2013-6641\", \"CVE-2013-6643\", \"CVE-2013-6644\", \"CVE-2013-6645\", \"CVE-2013-6646\", \"CVE-2013-6649\", \"CVE-2013-6650\", \"CVE-2013-6652\", \"CVE-2013-6653\", \"CVE-2013-6654\", \"CVE-2013-6655\", \"CVE-2013-6656\", \"CVE-2013-6657\", \"CVE-2013-6658\", \"CVE-2013-6659\", \"CVE-2013-6660\", \"CVE-2013-6661\", \"CVE-2013-6663\", \"CVE-2013-6664\", \"CVE-2013-6665\", \"CVE-2013-6666\", \"CVE-2013-6667\", \"CVE-2013-6668\", \"CVE-2013-6802\", \"CVE-2014-1681\");\n script_bugtraq_id(62752, 63024, 63025, 63026, 63028, 63667, 63669, 63670, 63671, 63672, 63674, 63675, 63677, 63678, 63727, 63729, 64078, 64354, 64805, 64981, 65168, 65172, 65232, 65699, 65779, 65930);\n script_xref(name:\"GLSA\", value:\"201403-01\");\n\n script_name(english:\"GLSA-201403-01 : Chromium, V8: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201403-01\n(Chromium, V8: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and V8. Please\n review the CVE identifiers and release notes referenced below for\n details.\n \nImpact :\n\n A context-dependent attacker could entice a user to open a specially\n crafted website or JavaScript program using Chromium or V8, possibly\n resulting in the execution of arbitrary code with the privileges of the\n process or a Denial of Service condition. Furthermore, a remote attacker\n may be able to bypass security restrictions or have other unspecified\n impact.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201403-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-33.0.1750.146'\n Gentoo has discontinued support for separate V8 package. We recommend\n that users unmerge V8:\n # emerge --unmerge 'dev-lang/v8'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:v8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 33.0.1750.146\"), vulnerable:make_list(\"lt 33.0.1750.146\"))) flag++;\nif (qpkg_check(package:\"dev-lang/v8\", unaffected:make_list(), vulnerable:make_list(\"lt 3.20.17.13\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium / V8\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-16T14:02:07", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\n - CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser.\n\n - CVE-2013-6654 TheShow3511 discovered an issue in SVG handling.\n\n - CVE-2013-6655 cloudfuzzer discovered a use-after-free issue in dom event handling.\n\n - CVE-2013-6656 NeexEmil discovered an information leak in the XSS auditor.\n\n - CVE-2013-6657 NeexEmil discovered a way to bypass the Same Origin policy in the XSS auditor.\n\n - CVE-2013-6658 cloudfuzzer discovered multiple use-after-free issues surrounding the updateWidgetPositions function.\n\n - CVE-2013-6659 Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was possible to trigger an unexpected certificate chain during TLS renegotiation.\n\n - CVE-2013-6660 bishopjeffreys discovered an information leak in the drag and drop implementation.\n\n - CVE-2013-6661 The Google Chrome team discovered and fixed multiple issues in version 33.0.1750.117.\n\n - CVE-2013-6663 Atte Kettunen discovered a use-after-free issue in SVG handling.\n\n - CVE-2013-6664 Khalil Zhani discovered a use-after-free issue in the speech recognition feature.\n\n - CVE-2013-6665 cloudfuzzer discovered a buffer overflow issue in the software renderer.\n\n - CVE-2013-6666 netfuzzer discovered a restriction bypass in the Pepper Flash plugin.\n\n - CVE-2013-6667 The Google Chrome team discovered and fixed multiple issues in version 33.0.1750.146.\n\n - CVE-2013-6668 Multiple vulnerabilities were fixed in version 3.24.35.10 of the V8 JavaScript library.\n\n - CVE-2014-1700 Chamal de Silva discovered a use-after-free issue in speech synthesis.\n\n - CVE-2014-1701 aidanhs discovered a cross-site scripting issue in event handling.\n\n - CVE-2014-1702 Colin Payne discovered a use-after-free issue in the web database implementation.\n\n - CVE-2014-1703 VUPEN discovered a use-after-free issue in web sockets that could lead to a sandbox escape.\n\n - CVE-2014-1704 Multiple vulnerabilities were fixed in version 3.23.17.18 of the V8 JavaScript library.\n\n - CVE-2014-1705 A memory corruption issue was discovered in the V8 JavaScript library.\n\n - CVE-2014-1713 A use-after-free issue was discovered in the AttributeSetter function.\n\n - CVE-2014-1715 A directory traversal issue was found and fixed.", "cvss3": {"score": null, "vector": null}, "published": "2014-03-25T00:00:00", "type": "nessus", "title": "Debian DSA-2883-1 : chromium-browser - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6653", "CVE-2013-6654", "CVE-2013-6655", "CVE-2013-6656", "CVE-2013-6657", "CVE-2013-6658", "CVE-2013-6659", "CVE-2013-6660", "CVE-2013-6661", "CVE-2013-6663", "CVE-2013-6664", "CVE-2013-6665", "CVE-2013-6666", "CVE-2013-6667", "CVE-2013-6668", "CVE-2014-1700", "CVE-2014-1701", "CVE-2014-1702", "CVE-2014-1703", "CVE-2014-1704", "CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1715"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2883.NASL", "href": "https://www.tenable.com/plugins/nessus/73164", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2883. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73164);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-6653\", \"CVE-2013-6654\", \"CVE-2013-6655\", \"CVE-2013-6656\", \"CVE-2013-6657\", \"CVE-2013-6658\", \"CVE-2013-6659\", \"CVE-2013-6660\", \"CVE-2013-6661\", \"CVE-2013-6663\", \"CVE-2013-6664\", \"CVE-2013-6665\", \"CVE-2013-6666\", \"CVE-2013-6667\", \"CVE-2013-6668\", \"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\", \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1715\");\n script_bugtraq_id(65699, 65930, 66120, 66239, 66243, 66249);\n script_xref(name:\"DSA\", value:\"2883\");\n\n script_name(english:\"Debian DSA-2883-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2013-6653\n Khalil Zhani discovered a use-after-free issue in\n chromium's web contents color chooser.\n\n - CVE-2013-6654\n TheShow3511 discovered an issue in SVG handling.\n\n - CVE-2013-6655\n cloudfuzzer discovered a use-after-free issue in dom\n event handling.\n\n - CVE-2013-6656\n NeexEmil discovered an information leak in the XSS\n auditor.\n\n - CVE-2013-6657\n NeexEmil discovered a way to bypass the Same Origin\n policy in the XSS auditor.\n\n - CVE-2013-6658\n cloudfuzzer discovered multiple use-after-free issues\n surrounding the updateWidgetPositions function.\n\n - CVE-2013-6659\n Antoine Delignat-Lavaud and Karthikeyan Bhargavan\n discovered that it was possible to trigger an unexpected\n certificate chain during TLS renegotiation.\n\n - CVE-2013-6660\n bishopjeffreys discovered an information leak in the\n drag and drop implementation.\n\n - CVE-2013-6661\n The Google Chrome team discovered and fixed multiple\n issues in version 33.0.1750.117.\n\n - CVE-2013-6663\n Atte Kettunen discovered a use-after-free issue in SVG\n handling.\n\n - CVE-2013-6664\n Khalil Zhani discovered a use-after-free issue in the\n speech recognition feature.\n\n - CVE-2013-6665\n cloudfuzzer discovered a buffer overflow issue in the\n software renderer.\n\n - CVE-2013-6666\n netfuzzer discovered a restriction bypass in the Pepper\n Flash plugin.\n\n - CVE-2013-6667\n The Google Chrome team discovered and fixed multiple\n issues in version 33.0.1750.146.\n\n - CVE-2013-6668\n Multiple vulnerabilities were fixed in version\n 3.24.35.10 of the V8 JavaScript library.\n\n - CVE-2014-1700\n Chamal de Silva discovered a use-after-free issue in\n speech synthesis.\n\n - CVE-2014-1701\n aidanhs discovered a cross-site scripting issue in event\n handling.\n\n - CVE-2014-1702\n Colin Payne discovered a use-after-free issue in the web\n database implementation.\n\n - CVE-2014-1703\n VUPEN discovered a use-after-free issue in web sockets\n that could lead to a sandbox escape.\n\n - CVE-2014-1704\n Multiple vulnerabilities were fixed in version\n 3.23.17.18 of the V8 JavaScript library.\n\n - CVE-2014-1705\n A memory corruption issue was discovered in the V8\n JavaScript library.\n\n - CVE-2014-1713\n A use-after-free issue was discovered in the\n AttributeSetter function.\n\n - CVE-2014-1715\n A directory traversal issue was found and fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6653\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6655\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6659\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6663\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6665\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-2883\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 33.0.1750.152-1~deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"chromium\", reference:\"33.0.1750.152-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser\", reference:\"33.0.1750.152-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-dbg\", reference:\"33.0.1750.152-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-inspector\", reference:\"33.0.1750.152-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-l10n\", reference:\"33.0.1750.152-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-dbg\", reference:\"33.0.1750.152-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-inspector\", reference:\"33.0.1750.152-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-l10n\", reference:\"33.0.1750.152-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:48:55", "description": "The remote host is affected by the vulnerability described in GLSA-201408-16 (Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could conduct a number of attacks which include: cross site scripting attacks, bypassing of sandbox protection, potential execution of arbitrary code with the privileges of the process, or cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2014-08-30T00:00:00", "type": "nessus", "title": "GLSA-201408-16 : Chromium: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0538", "CVE-2014-1700", "CVE-2014-1701", "CVE-2014-1702", "CVE-2014-1703", "CVE-2014-1704", "CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1714", "CVE-2014-1715", "CVE-2014-1716", "CVE-2014-1717", "CVE-2014-1718", "CVE-2014-1719", "CVE-2014-1720", "CVE-2014-1721", "CVE-2014-1722", "CVE-2014-1723", "CVE-2014-1724", "CVE-2014-1725", "CVE-2014-1726", "CVE-2014-1727", "CVE-2014-1728", "CVE-2014-1729", "CVE-2014-1730", "CVE-2014-1731", "CVE-2014-1732", "CVE-2014-1733", "CVE-2014-1734", "CVE-2014-1735", "CVE-2014-1740", "CVE-2014-1741", "CVE-2014-1742", "CVE-2014-1743", "CVE-2014-1744", "CVE-2014-1745", "CVE-2014-1746", "CVE-2014-1747", "CVE-2014-1748", "CVE-2014-1749", "CVE-2014-3154", "CVE-2014-3155", "CVE-2014-3156", "CVE-2014-3157", "CVE-2014-3160", "CVE-2014-3162", "CVE-2014-3165", "CVE-2014-3166", "CVE-2014-3167", "CVE-2014-3168", "CVE-2014-3169", "CVE-2014-3170", "CVE-2014-3171", "CVE-2014-3172", "CVE-2014-3173", "CVE-2014-3174", "CVE-2014-3175", "CVE-2014-3176", "CVE-2014-3177"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:chromium", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201408-16.NASL", "href": "https://www.tenable.com/plugins/nessus/77460", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201408-16.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77460);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-0538\", \"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\", \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\", \"CVE-2014-1715\", \"CVE-2014-1716\", \"CVE-2014-1717\", \"CVE-2014-1718\", \"CVE-2014-1719\", \"CVE-2014-1720\", \"CVE-2014-1721\", \"CVE-2014-1722\", \"CVE-2014-1723\", \"CVE-2014-1724\", \"CVE-2014-1725\", \"CVE-2014-1726\", \"CVE-2014-1727\", \"CVE-2014-1728\", \"CVE-2014-1729\", \"CVE-2014-1730\", \"CVE-2014-1731\", \"CVE-2014-1732\", \"CVE-2014-1733\", \"CVE-2014-1734\", \"CVE-2014-1735\", \"CVE-2014-1740\", \"CVE-2014-1741\", \"CVE-2014-1742\", \"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\", \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\", \"CVE-2014-3160\", \"CVE-2014-3162\", \"CVE-2014-3165\", \"CVE-2014-3166\", \"CVE-2014-3167\", \"CVE-2014-3168\", \"CVE-2014-3169\", \"CVE-2014-3170\", \"CVE-2014-3171\", \"CVE-2014-3172\", \"CVE-2014-3173\", \"CVE-2014-3174\", \"CVE-2014-3175\", \"CVE-2014-3176\", \"CVE-2014-3177\");\n script_bugtraq_id(66120, 66239, 66243, 66249, 66252, 66704, 67082, 67374, 67375, 67376, 67517, 67572, 67972, 67977, 67980, 67981, 68677, 69192, 69201, 69202, 69203, 69398, 69400, 69401, 69402, 69403, 69405, 69406, 69407);\n script_xref(name:\"GLSA\", value:\"201408-16\");\n\n script_name(english:\"GLSA-201408-16 : Chromium: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201408-16\n(Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could conduct a number of attacks which include: cross\n site scripting attacks, bypassing of sandbox protection, potential\n execution of arbitrary code with the privileges of the process, or cause\n a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201408-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-37.0.2062.94'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 37.0.2062.94\"), vulnerable:make_list(\"lt 37.0.2062.94\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T19:11:44", "description": "Multiple memory corruptions, restrictions bypass.", "edition": 2, "cvss3": {}, "published": "2014-04-03T00:00:00", "title": "Apple Safari multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-1289", "CVE-2014-1307", "CVE-2014-1309", "CVE-2013-2926", "CVE-2014-1292", "CVE-2014-1291", "CVE-2014-1312", "CVE-2014-1308", "CVE-2014-1301", "CVE-2013-6625", "CVE-2014-1303", "CVE-2014-1290", "CVE-2014-1304", "CVE-2014-1297", "CVE-2014-1713", "CVE-2014-1293", "CVE-2013-2871", "CVE-2014-1298", "CVE-2014-1313", "CVE-2014-1305", "CVE-2014-1310", "CVE-2014-1300", "CVE-2014-1302", "CVE-2013-2928", "CVE-2014-1299", "CVE-2014-1294", "CVE-2014-1311"], "modified": "2014-04-03T00:00:00", "id": "SECURITYVULNS:VULN:13662", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13662", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:47:15", "description": "Unsafe cookie handling, protection ypass, information leakage, multiple WebKit vulnerabilities.", "edition": 2, "cvss3": {}, "published": "2014-05-04T00:00:00", "title": "Apple iOS multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-1307", "CVE-2014-1309", "CVE-2014-1312", "CVE-2014-1308", "CVE-2014-1296", "CVE-2014-1320", "CVE-2014-1303", "CVE-2014-1295", "CVE-2014-1304", "CVE-2014-1713", "CVE-2013-2871", "CVE-2014-1298", "CVE-2014-1313", "CVE-2014-1305", "CVE-2014-1310", "CVE-2014-1300", "CVE-2014-1302", "CVE-2014-1299", "CVE-2014-1311"], "modified": "2014-05-04T00:00:00", "id": "SECURITYVULNS:VULN:13712", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13712", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:51", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-04-22-2 iOS 7.1.1\r\n\r\niOS 7.1.1 is now available and addresses the following:\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a privileged network position can obtain web\r\nsite credentials\r\nDescription: Set-Cookie HTTP headers would be processed even if the\r\nconnection closed before the header line was complete. An attacker\r\ncould strip security settings from the cookie by forcing the\r\nconnection to close before the security settings were sent, and then\r\nobtain the value of the unprotected cookie. This issue was addressed\r\nby ignoring incomplete HTTP header lines.\r\nCVE-ID\r\nCVE-2014-1296 : Antoine Delignat-Lavaud of Prosecco at Inria Paris\r\n\r\nIOKit Kernel\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user can read kernel pointers, which can be used to\r\nbypass kernel address space layout randomization\r\nDescription: A set of kernel pointers stored in an IOKit object\r\ncould be retrieved from userland. This issue was addressed through\r\nremoving the pointers from the object.\r\nCVE-ID\r\nCVE-2014-1320 : Ian Beer of Google Project Zero working with HP's\r\nZero Day Initiative\r\n\r\nSecurity - Secure Transport\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may capture\r\ndata or change the operations performed in sessions protected by SSL\r\nDescription: In a 'triple handshake' attack, it was possible for an\r\nattacker to establish two connections which had the same encryption\r\nkeys and handshake, insert the attacker's data in one connection, and\r\nrenegotiate so that the connections may be forwarded to each other.\r\nTo prevent attacks based on this scenario, Secure Transport was\r\nchanged so that, by default, a renegotiation must present the same\r\nserver certificate as was presented in the original connection.\r\nCVE-ID\r\nCVE-2014-1295 : Antoine Delignat-Lavaud, Karthikeyan Bhargavan and\r\nAlfredo Pironti of Prosecco at Inria Paris\r\n\r\nWebKit\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2013-2871 : miaubiz\r\nCVE-2014-1298 : Google Chrome Security Team\r\nCVE-2014-1299 : Google Chrome Security Team, Apple, Renata Hodovan of\r\nUniversity of Szeged / Samsung Electronics\r\nCVE-2014-1300 : Ian Beer of Google Project Zero working with HP's\r\nZero Day Initiative\r\nCVE-2014-1302 : Google Chrome Security Team, Apple\r\nCVE-2014-1303 : KeenTeam working with HP's Zero Day Initiative\r\nCVE-2014-1304 : Apple\r\nCVE-2014-1305 : Apple\r\nCVE-2014-1307 : Google Chrome Security Team\r\nCVE-2014-1308 : Google Chrome Security Team\r\nCVE-2014-1309 : cloudfuzzer\r\nCVE-2014-1310 : Google Chrome Security Team\r\nCVE-2014-1311 : Google Chrome Security Team\r\nCVE-2014-1312 : Google Chrome Security Team\r\nCVE-2014-1313 : Google Chrome Security Team\r\nCVE-2014-1713 : VUPEN working with HP's Zero Day Initiative\r\n\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "7.1.1".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJTVet5AAoJEPefwLHPlZEwx3YP/iL/NwYn7T1q1ezvAVHQ6T3F\r\n9X+ylJYZ+Ago+ij0wdzlDNJfVLPPbWde3biss6p10zDtLHHJK1jOQJLcZOBHtABG\r\n7+OjIxFw5ZZCmWfOkF/GkfL/kBZllN0GuDCb7v4DVUf6GQPtWBsszQ9pre9Peotx\r\nTZOHxpPd2TBdz1GkLoFSd4I2yXIT5uIkRfvv9vgDXeNihDMlrJdq8ZBSlfKt+eXT\r\nkQ3+hGW2knT7np3BdWPQgqo9+YIfcAXN4Rnj0rPXVzzeKwpUrVjLwJgivecwhB7w\r\nmF+AWfH5oajw+ANzMeFm/DirlAADcM5LgdxtHnXH2Xh1NV5tOCSnaYWyFK4Nadex\r\nrVEWTOW4VxSb881dOikwY182kBlpaMjVgpvb04GA5zMAW+MtS7o4hj/H6ywGe7zm\r\nt7ZdyAo7i3QRFwBGEcJw1KjyTWnP1ILuBC9dekek+3DmxRAeQuBsrbPz2cxXPf9V\r\njlvnxwiRzc/VqgAIyhCtgj0S3sEAMxnVXYSrbZpTpi1ZifiTriyyX291mS8xZBcF\r\nLZaNUzusQnEkyE+iGODKi+OPvgUnACIK8gWjMIDbwX99Fmd3LXU1fTpvdlkeuDBS\r\nLKBvZQs0JyYqOxkhU7PsRI6WN1F2nQHuMnb0mlFruejTrRbgyHxvMK6lpVP0nMoK\r\nAv6eIuVxA8q9Lm6TCh+h\r\n=ilSw\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2014-05-04T00:00:00", "title": "APPLE-SA-2014-04-22-2 iOS 7.1.1", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-1307", "CVE-2014-1309", "CVE-2014-1312", "CVE-2014-1308", "CVE-2014-1296", "CVE-2014-1320", "CVE-2014-1303", "CVE-2014-1295", "CVE-2014-1304", "CVE-2014-1713", "CVE-2013-2871", "CVE-2014-1298", "CVE-2014-1313", "CVE-2014-1305", "CVE-2014-1310", "CVE-2014-1300", "CVE-2014-1302", "CVE-2014-1299", "CVE-2014-1311"], "modified": "2014-05-04T00:00:00", "id": "SECURITYVULNS:DOC:30551", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30551", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:51", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-04-22-3 Apple TV 6.1.1\r\n\r\nApple TV 6.1.1 is now available and addresses the following:\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: An attacker in a privileged network position can obtain web\r\nsite credentials\r\nDescription: Set-Cookie HTTP headers would be processed even if the\r\nconnection closed before the header line was complete. An attacker\r\ncould strip security settings from the cookie by forcing the\r\nconnection to close before the security settings were sent, and then\r\nobtain the value of the unprotected cookie. This issue was addressed\r\nby ignoring incomplete HTTP header lines.\r\nCVE-ID\r\nCVE-2014-1296 : Antoine Delignat-Lavaud of Prosecco at Inria Paris\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: A local user can read kernel pointers, which can be used to\r\nbypass kernel address space layout randomization\r\nDescription: A set of kernel pointers stored in an IOKit object\r\ncould be retrieved from userland. This issue was addressed through\r\nremoving the pointers from the object.\r\nCVE-ID\r\nCVE-2014-1320 : Ian Beer of Google Project Zero working with HP's\r\nZero Day Initiative\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: An attacker with a privileged network position may capture\r\ndata or change the operations performed in sessions protected by SSL\r\nDescription: In a 'triple handshake' attack, it was possible for an\r\nattacker to establish two connections which had the same encryption\r\nkeys and handshake, insert the attacker's data in one connection, and\r\nrenegotiate so that the connections may be forwarded to each other.\r\nTo prevent attacks based on this scenario, Secure Transport was\r\nchanged so that, by default, a renegotiation must present the same\r\nserver certificate as was presented in the original connection.\r\nCVE-ID\r\nCVE-2014-1295 : Antoine Delignat-Lavaud, Karthikeyan Bhargavan and\r\nAlfredo Pironti of Prosecco at Inria Paris\r\n\r\nAppel TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: An attacker with a privileged network position may cause an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2013-2871 : miaubiz\r\nCVE-2014-1298 : Google Chrome Security Team\r\nCVE-2014-1299 : Google Chrome Security Team, Apple, Renata Hodovan of\r\nUniversity of Szeged / Samsung Electronics\r\nCVE-2014-1300 : Ian Beer of Google Project Zero working with HP's\r\nZero Day Initiative\r\nCVE-2014-1302 : Google Chrome Security Team, Apple\r\nCVE-2014-1303 : KeenTeam working with HP's Zero Day Initiative\r\nCVE-2014-1304 : Apple\r\nCVE-2014-1305 : Apple\r\nCVE-2014-1307 : Google Chrome Security Team\r\nCVE-2014-1308 : Google Chrome Security Team\r\nCVE-2014-1309 : cloudfuzzer\r\nCVE-2014-1310 : Google Chrome Security Team\r\nCVE-2014-1311 : Google Chrome Security Team\r\nCVE-2014-1312 : Google Chrome Security Team\r\nCVE-2014-1313 : Google Chrome Security Team\r\nCVE-2014-1713 : VUPEN working with HP's Zero Day Initiative\r\n\r\n\r\nInstallation note:\r\n\r\nApple TV will periodically check for software updates. Alternatively,\r\nyou may manually check for software updates by selecting\r\n"Settings -> General -> Update Software".\r\n\r\nTo check the current version of software, select\r\n"Settings -> General -> About".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJTVeuDAAoJEPefwLHPlZEwi1gQAKQn8w9zSwYjMTj7wLrucXdc\r\n19j5H2gpJUZOc+banSg49DKorF+rJY7EF+cL2FzYC93aYa4E+LMXNpgl/xbiNKSZ\r\nO8RxAGs/6YlgT6iU/kHjx5CX+g4whFBVx56QlPv3CUFGwa1XSv5CdXqjGZANgkHz\r\nuTWxI6E2avi5uMUnyAuVcNDaq50rUxkCzSFDvdkCOAhWkeicR0QsYXq82W6mo6p9\r\nrEueQ9KjM8hZEsGc6stBdXCsd7Thk3eHhQS/OasPz8GLUoc213goqmjaSPRQFRlS\r\nYa6YDLtyY0OdL2wNeiSC33EBhoPCjCbyMUFD2iLDZNblMwRa21MhlDXVSOaF03/8\r\nQHeLacDY1+poax0e+VxZukhyDNNXjtOgCkd9kx86/vyinb/GqOKm+6tkaSriusc8\r\nImWorSbb32EfmSXIGnDL1TzTDES/UigOU6zgwappGH/DS9djHQxVFZ++N+WaVBiX\r\ndhFPLNjKB8yWXBnHb95UzKJuWU0h13rkE9FlsGkSGxeZJRGPrvK/K4XAIviqU1yc\r\nYePX4MY8yywD4jg74QrsZRLgkfn3N/T5LCsC3KD4ejrIkvLxui3hqRGVOK7Vdssk\r\nF43/4FKOXk46s3xIuwlYcLuwCyLyisxrVawAsf8R6ReadKlmch2fJrnG9YqKZwki\r\n74O1bqU5Zc80vDx+/x2O\r\n=sFDM\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2014-05-04T00:00:00", "title": "APPLE-SA-2014-04-22-3 Apple TV 6.1.1", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-1307", "CVE-2014-1309", "CVE-2014-1312", "CVE-2014-1308", "CVE-2014-1296", "CVE-2014-1320", "CVE-2014-1303", "CVE-2014-1295", "CVE-2014-1304", "CVE-2014-1713", "CVE-2013-2871", "CVE-2014-1298", "CVE-2014-1313", "CVE-2014-1305", "CVE-2014-1310", "CVE-2014-1300", "CVE-2014-1302", "CVE-2014-1299", "CVE-2014-1311"], "modified": "2014-05-04T00:00:00", "id": "SECURITYVULNS:DOC:30552", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30552", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:47:14", "description": "Unsafe cookie handling, protection ypass, information leakage, multiple WebKit vulnerabilities.", "edition": 2, "cvss3": {}, "published": "2014-05-04T00:00:00", "title": "Apple TV multiple security vulnerabitilies", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-1307", "CVE-2014-1309", "CVE-2014-1312", "CVE-2014-1308", "CVE-2014-1296", "CVE-2014-1320", "CVE-2014-1303", "CVE-2014-1295", "CVE-2014-1304", "CVE-2014-1713", "CVE-2013-2871", "CVE-2014-1298", "CVE-2014-1313", "CVE-2014-1305", "CVE-2014-1310", "CVE-2014-1300", "CVE-2014-1302", "CVE-2014-1299", "CVE-2014-1311"], "modified": "2014-05-04T00:00:00", "id": "SECURITYVULNS:VULN:13713", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13713", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:57", "description": "\r\n\r\n------------------------------------------------------------------------\r\nWebKitGTK+ Security Advisory WSA-2015-0001\r\n------------------------------------------------------------------------\r\n\r\nDate reported : January 26, 2015\r\nAdvisory ID : WSA-2015-0001\r\nAdvisory URL : http://webkitgtk.org/security/WSA-2015-0001.html\r\nAffected versions : 2.4 series before 2.4.1, 2.4.2 and 2.4.8.\r\nCVE identifiers : CVE-2013-2871, CVE-2014-1292, CVE-2014-1298,\r\n CVE-2014-1299, CVE-2014-1300, CVE-2014-1303,\r\n CVE-2014-1304, CVE-2014-1305, CVE-2014-1307,\r\n CVE-2014-1308, CVE-2014-1309, CVE-2014-1311,\r\n CVE-2014-1313, CVE-2014-1713, CVE-2014-1297,\r\n CVE-2013-2875, CVE-2013-2927, CVE-2014-1323,\r\n CVE-2014-1326, CVE-2014-1329, CVE-2014-1330,\r\n CVE-2014-1331, CVE-2014-1333, CVE-2014-1334,\r\n CVE-2014-1335, CVE-2014-1336, CVE-2014-1337,\r\n CVE-2014-1338, CVE-2014-1339, CVE-2014-1341,\r\n CVE-2014-1342, CVE-2014-1343, CVE-2014-1731,\r\n CVE-2014-1346, CVE-2014-1344, CVE-2014-1384,\r\n CVE-2014-1385, CVE-2014-1387, CVE-2014-1388,\r\n CVE-2014-1389, CVE-2014-1390.\r\n\r\nSeveral vulnerabilities were discovered on the 2.4 stable series of\r\nWebKitGTK+.\r\n\r\nCVE-2013-2871\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to miaubiz.\r\n Use-after-free vulnerability in Google Chrome before 28.0.1500.71\r\n allows remote attackers to cause a denial of service or possibly\r\n have unspecified other impact via vectors related to the handling of\r\n input.\r\n\r\nCVE-2014-1292\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than CVE-2014-1289,\r\n CVE-2014-1290, CVE-2014-1291, CVE-2014-1293, and CVE-2014-1294.\r\n\r\nCVE-2014-1298\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-04-01-1.\r\n\r\nCVE-2014-1299\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Google Chrome Security Team, Apple, Renata Hodovan of\r\n University of Szeged / Samsung Electronics.\r\n WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-04-01-1.\r\n\r\nCVE-2014-1300\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Ian Beer of Google Project Zero working with HP's Zero Day\r\n Initiative.\r\n Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows\r\n remote attackers to execute arbitrary code with root privileges via\r\n unknown vectors, as demonstrated by Google during a Pwn4Fun\r\n competition at CanSecWest 2014.\r\n\r\nCVE-2014-1303\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to KeenTeam working with HP's Zero Day Initiative.\r\n Heap-based buffer overflow in Apple Safari 7.0.2 allows remote\r\n attackers to execute arbitrary code and bypass a sandbox protection\r\n mechanism via unspecified vectors, as demonstrated by Liang Chen\r\n during a Pwn2Own competition at CanSecWest 2014.\r\n\r\nCVE-2014-1304\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-04-01-1.\r\n\r\nCVE-2014-1305\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-04-01-1.\r\n\r\nCVE-2014-1307\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-04-01-1.\r\n\r\nCVE-2014-1308\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-04-01-1.\r\n\r\nCVE-2014-1309\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to cloudfuzzer.\r\n WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-04-01-1.\r\n\r\nCVE-2014-1311\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-04-01-1.\r\n\r\nCVE-2014-1313\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-04-01-1.\r\n\r\nCVE-2014-1713\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to VUPEN working with HP's Zero Day Initiative.\r\n Use-after-free vulnerability in the AttributeSetter function in\r\n bindings/templates/attributes.cpp in the bindings in Blink, as used\r\n in Google Chrome before 33.0.1750.152 on OS X and Linux and before\r\n 33.0.1750.154 on Windows, allows remote attackers to cause a denial\r\n of service or possibly have unspecified other impact via vectors\r\n involving the document.location value.\r\n\r\nCVE-2014-1297\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.1.\r\n Credit to Ian Beer of Google Project Zero.\r\n WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3,\r\n does not properly validate WebProcess IPC messages, which allows\r\n remote attackers to bypass a sandbox protection mechanism and read\r\n arbitrary files by leveraging WebProcess access.\r\n\r\nCVE-2013-2875\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to miaubiz.\r\n core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in\r\n Blink, as used in Google Chrome before 28.0.1500.71, allows remote\r\n attackers to cause a denial of service (out-of-bounds read) via\r\n unspecified vectors.\r\n\r\nCVE-2013-2927\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to cloudfuzzer.\r\n Use-after-free vulnerability in the\r\n HTMLFormElement::prepareForSubmission function in\r\n core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome\r\n before 30.0.1599.101, allows remote attackers to cause a denial of\r\n service or possibly have unspecified other impact via vectors\r\n related to submission for FORM elements.\r\n\r\nCVE-2014-1323\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to banty.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1326\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1329\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1330\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1331\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to cloudfuzzer.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1333\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1334\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1335\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1336\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1337\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1338\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1339\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Atte Kettunen of OUSPG.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1341\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1342\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1343\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1731\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to an anonymous member of the Blink development community.\r\n core/html/HTMLSelectElement.cpp in the DOM implementation in Blink,\r\n as used in Google Chrome before 34.0.1847.131 on Windows and OS X\r\n and before 34.0.1847.132 on Linux, does not properly check renderer\r\n state upon a focus event, which allows remote attackers to cause a\r\n denial of service or possibly have unspecified other impact via\r\n vectors that leverage "type confusion" for SELECT elements.\r\n\r\nCVE-2014-1346\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.2.\r\n Credit to Erling Ellingsen of Facebook.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n does not properly interpret Unicode encoding, which allows remote\r\n attackers to spoof a postMessage origin, and bypass intended\r\n restrictions on sending a message to a connected frame or window,\r\n via crafted characters in a URL.\r\n\r\nCVE-2014-1344\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.8.\r\n Credit to Ian Beer of Google Project Zero.\r\n WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n APPLE-SA-2014-05-21-1.\r\n\r\nCVE-2014-1384\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.8.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n HT6367.\r\n\r\nCVE-2014-1385\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.8.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n HT6367.\r\n\r\nCVE-2014-1387\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.8.\r\n Credit to Google Chrome Security Team.\r\n WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n HT6367.\r\n\r\nCVE-2014-1388\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.8.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n HT6367.\r\n\r\nCVE-2014-1389\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.8.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n HT6367.\r\n\r\nCVE-2014-1390\r\n Versions affected: WebKitGTK+ 2.4.X before 2.4.8.\r\n Credit to Apple.\r\n WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6,\r\n allows remote attackers to execute arbitrary code or cause a denial\r\n of service (memory corruption and application crash) via a crafted\r\n web site, a different vulnerability than other WebKit CVEs listed in\r\n HT6367.\r\n\r\n\r\nFor the 2.4 series, these problems have been fixed in release 2.4.8.\r\n\r\nFurther information about WebKitGTK+ Security Advisories can be found\r\nat: http://webkitgtk.org/security.html\r\n\r\nThe WebKitGTK+ team,\r\nJanuary 26, 2015\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-02-02T00:00:00", "title": "WebKitGTK+ Security Advisory WSA-2015-0001", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-1342", "CVE-2014-1289", "CVE-2014-1307", "CVE-2014-1335", "CVE-2014-1387", "CVE-2014-1323", "CVE-2014-1346", "CVE-2014-1309", "CVE-2014-1389", "CVE-2014-1292", "CVE-2014-1338", "CVE-2014-1291", "CVE-2014-1385", "CVE-2014-1336", "CVE-2014-1308", "CVE-2014-1337", "CVE-2014-1303", "CVE-2014-1331", "CVE-2013-2875", "CVE-2014-1731", "CVE-2014-1344", "CVE-2014-1290", "CVE-2014-1304", "CVE-2014-1297", "CVE-2014-1330", "CVE-2014-1713", "CVE-2014-1334", "CVE-2014-1329", "CVE-2014-1293", "CVE-2014-1326", "CVE-2014-1384", "CVE-2013-2927", "CVE-2014-1343", "CVE-2013-2871", "CVE-2014-1333", "CVE-2014-1341", "CVE-2014-1298", "CVE-2014-1313", "CVE-2014-1305", "CVE-2014-1390", "CVE-2014-1300", "CVE-2014-1388", "CVE-2014-1339", "CVE-2014-1299", "CVE-2014-1294", "CVE-2014-1311"], "modified": "2015-02-02T00:00:00", "id": "SECURITYVULNS:DOC:31686", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31686", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:18:16", "description": "84 vulnerabilities on different formats and protocols parsing.", "edition": 2, "cvss3": {}, "published": "2014-10-18T00:00:00", "title": "Apple iTunes multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6635", "CVE-2014-1363", "CVE-2014-1324", "CVE-2014-4413", "CVE-2013-5228", "CVE-2014-1366", "CVE-2014-1386", "CVE-2014-1365", "CVE-2014-1342", "CVE-2014-1289", "CVE-2014-4412", "CVE-2014-1364", "CVE-2014-1307", "CVE-2014-1335", "CVE-2014-1387", "CVE-2014-1323", "CVE-2014-1309", "CVE-2013-2926", "CVE-2014-1389", "CVE-2014-1270", "CVE-2014-1292", "CVE-2014-1338", "CVE-2014-1268", "CVE-2014-4411", "CVE-2014-1291", "CVE-2014-1382", "CVE-2014-4415", "CVE-2013-5197", "CVE-2014-1385", "CVE-2013-5196", "CVE-2014-1368", "CVE-2014-1327", "CVE-2013-5225", "CVE-2014-1325", "CVE-2014-1336", "CVE-2014-1312", "CVE-2014-1308", "CVE-2014-1362", "CVE-2014-1301", "CVE-2013-5198", "CVE-2013-6663", "CVE-2014-1340", "CVE-2013-6625", "CVE-2014-1269", "CVE-2014-1337", "CVE-2014-1303", "CVE-2014-1331", "CVE-2013-2875", "CVE-2014-1731", "CVE-2013-5199", "CVE-2014-1344", "CVE-2014-1290", "CVE-2014-1304", "CVE-2014-1330", "CVE-2014-1367", "CVE-2013-5195", "CVE-2014-1713", "CVE-2014-1334", "CVE-2014-1329", "CVE-2014-1293", "CVE-2014-1326", "CVE-2014-1384", "CVE-2013-2927", "CVE-2014-4410", "CVE-2014-1343", "CVE-2013-2871", "CVE-2013-2909", "CVE-2014-4414", "CVE-2014-1333", "CVE-2014-1341", "CVE-2014-1298", "CVE-2014-1313", "CVE-2014-1305", "CVE-2014-1310", "CVE-2014-1300", "CVE-2014-1302", "CVE-2014-1388", "CVE-2013-2928", "CVE-2014-1339", "CVE-2014-1299", "CVE-2014-1294", "CVE-2014-1311"], "modified": "2014-10-18T00:00:00", "id": "SECURITYVULNS:VULN:14051", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14051", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:55", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-10-16-6 iTunes 12.0.1\r\n\r\niTunes 12.0.1 is now available and addresses the following:\r\n\r\niTunes\r\nAvailable for: Windows 8, Windows 7, Vista, XP SP2 or later\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may lead to an unexpected application termination or\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2013-2871 : miaubiz\r\nCVE-2013-2875 : miaubiz\r\nCVE-2013-2909 : Atte Kettunen of OUSPG\r\nCVE-2013-2926 : cloudfuzzer\r\nCVE-2013-2927 : cloudfuzzer\r\nCVE-2013-2928 : Google Chrome Security Team\r\nCVE-2013-5195 : Apple\r\nCVE-2013-5196 : Google Chrome Security Team\r\nCVE-2013-5197 : Google Chrome Security Team\r\nCVE-2013-5198 : Apple\r\nCVE-2013-5199 : Apple\r\nCVE-2013-5225 : Google Chrome Security Team\r\nCVE-2013-5228 : Keen Team (@K33nTeam) working with HP's Zero Day\r\nInitiative\r\nCVE-2013-6625 : cloudfuzzer\r\nCVE-2013-6635 : cloudfuzzer\r\nCVE-2013-6663 : Atte Kettunen of OUSPG\r\nCVE-2014-1268 : Apple\r\nCVE-2014-1269 : Apple\r\nCVE-2014-1270 : Apple\r\nCVE-2014-1289 : Apple\r\nCVE-2014-1290 : ant4g0nist (SegFault) working with HP's Zero Day\r\nInitiative, Google Chrome Security Team\r\nCVE-2014-1291 : Google Chrome Security Team\r\nCVE-2014-1292 : Google Chrome Security Team\r\nCVE-2014-1293 : Google Chrome Security Team\r\nCVE-2014-1294 : Google Chrome Security Team\r\nCVE-2014-1298 : Google Chrome Security Team\r\nCVE-2014-1299 : Google Chrome Security Team, Apple, Renata Hodovan of\r\nUniversity of Szeged / Samsung Electronics\r\nCVE-2014-1300 : Ian Beer of Google Project Zero working with HP's\r\nZero Day Initiative\r\nCVE-2014-1301 : Google Chrome Security Team\r\nCVE-2014-1302 : Google Chrome Security Team, Apple\r\nCVE-2014-1303 : KeenTeam working with HP's Zero Day Initiative\r\nCVE-2014-1304 : Apple\r\nCVE-2014-1305 : Apple\r\nCVE-2014-1307 : Google Chrome Security Team\r\nCVE-2014-1308 : Google Chrome Security Team\r\nCVE-2014-1309 : cloudfuzzer\r\nCVE-2014-1310 : Google Chrome Security Team\r\nCVE-2014-1311 : Google Chrome Security Team\r\nCVE-2014-1312 : Google Chrome Security Team\r\nCVE-2014-1313 : Google Chrome Security Team\r\nCVE-2014-1323 : banty\r\nCVE-2014-1324 : Google Chrome Security Team\r\nCVE-2014-1325 : Apple\r\nCVE-2014-1326 : Apple\r\nCVE-2014-1327 : Google Chrome Security Team, Apple\r\nCVE-2014-1329 : Google Chrome Security Team\r\nCVE-2014-1330 : Google Chrome Security Team\r\nCVE-2014-1331 : cloudfuzzer\r\nCVE-2014-1333 : Google Chrome Security Team\r\nCVE-2014-1334 : Apple\r\nCVE-2014-1335 : Google Chrome Security Team\r\nCVE-2014-1336 : Apple\r\nCVE-2014-1337 : Apple\r\nCVE-2014-1338 : Google Chrome Security Team\r\nCVE-2014-1339 : Atte Kettunen of OUSPG\r\nCVE-2014-1340 : Apple\r\nCVE-2014-1341 : Google Chrome Security Team\r\nCVE-2014-1342 : Apple\r\nCVE-2014-1343 : Google Chrome Security Team\r\nCVE-2014-1344 : Ian Beer of Google Project Zero\r\nCVE-2014-1362 : Apple, miaubiz\r\nCVE-2014-1363 : Apple\r\nCVE-2014-1364 : Apple\r\nCVE-2014-1365 : Apple, Google Chrome Security Team\r\nCVE-2014-1366 : Apple\r\nCVE-2014-1367 : Apple\r\nCVE-2014-1368 : Wushi of Keen Team (Research Team of Keen Cloud Tech)\r\nCVE-2014-1382 : Renata Hodovan of University of Szeged / Samsung\r\nElectronics\r\nCVE-2014-1384 : Apple\r\nCVE-2014-1385 : Apple\r\nCVE-2014-1386 : an anonymous researcher\r\nCVE-2014-1387 : Google Chrome Security Team\r\nCVE-2014-1388 : Apple\r\nCVE-2014-1389 : Apple\r\nCVE-2014-1390 : Apple\r\nCVE-2014-1713 : VUPEN working with HP's Zero Day Initiative\r\nCVE-2014-1731 : an anonymous member of the Blink development\r\ncommunity\r\nCVE-2014-4410 : Eric Seidel of Google\r\nCVE-2014-4411 : Google Chrome Security Team\r\nCVE-2014-4412 : Apple\r\nCVE-2014-4413 : Apple\r\nCVE-2014-4414 : Apple\r\nCVE-2014-4415 : Apple\r\n\r\n\r\niTunes 12.0.1 may be obtained from:\r\nhttp://www.apple.com/itunes/download/\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJUQCKuAAoJEBcWfLTuOo7t3cgP/RCpdvSrkHZM2SsNXSVtaCfW\r\nauW4hMgN5s2OkYxWwiHDhnKB6dM5Jb4aC5a4j7JECUMRZ7MxIw4EgfV0SJDfRP7M\r\n90YhewGKLaapfc6SRYl1lws+Me+OXf0tjzgBEyD+3qdhFDCCQzWh2F+rpjj4Bzbo\r\ncWrPn454dEEvJvDRc7/U13xvbSNm94jedzZjuCDkiA8+1UFF1fWqxU1Iw8HjW1U2\r\nKUe0Uzrpyul85shviO/nO4hnuGMT3i85ZBmTWjMhsOteLsp/ZRSHrvuKps3XM0qg\r\nrBp8W//gFgYreMUP3m779SkCAPznmA7XnufCZBdbLJwdQBac+xdcjdQa+RdjUfXA\r\nFb8sDaNQm1qJVfo8kDWe6ED7MbnxbwrpKswQFN2Mft3wXLNdfdViLmQ4A3mJ+1ju\r\n0RoR8SuoZiZrClbPW0C08i6Y4EZfVeG1lNzJQySlqg2ZhFPcrdQMyLr0mSs58ClE\r\n19km+0fMKWzb8XJsQZkir41P5sheldAVsqtQBud2Q25xnM8LmTDuX1ywXUEvTKO8\r\nSRAZ4EF1vvfVpHE9w/XgBzRC9J23scN1/WnzDeoVMxkz4YrvsZdV3bjJJMJ4bDs6\r\n85hjnwYe8QFnfaZPoMcstwWQMxA8Hl4mhu3B+1PKWlT6FENpCKCCc5W5MxWrAXnp\r\nK0B4Ue5bqvDqVL0KLkrB\r\n=+heG\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2014-10-18T00:00:00", "title": "APPLE-SA-2014-10-16-6 iTunes 12.0.1", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6635", "CVE-2014-1363", "CVE-2014-1324", "CVE-2014-4413", "CVE-2013-5228", "CVE-2014-1366", "CVE-2014-1386", "CVE-2014-1365", "CVE-2014-1342", "CVE-2014-1289", "CVE-2014-4412", "CVE-2014-1364", "CVE-2014-1307", "CVE-2014-1335", "CVE-2014-1387", "CVE-2014-1323", "CVE-2014-1309", "CVE-2013-2926", "CVE-2014-1389", "CVE-2014-1270", "CVE-2014-1292", "CVE-2014-1338", "CVE-2014-1268", "CVE-2014-4411", "CVE-2014-1291", "CVE-2014-1382", "CVE-2014-4415", "CVE-2013-5197", "CVE-2014-1385", "CVE-2013-5196", "CVE-2014-1368", "CVE-2014-1327", "CVE-2013-5225", "CVE-2014-1325", "CVE-2014-1336", "CVE-2014-1312", "CVE-2014-1308", "CVE-2014-1362", "CVE-2014-1301", "CVE-2013-5198", "CVE-2013-6663", "CVE-2014-1340", "CVE-2013-6625", "CVE-2014-1269", "CVE-2014-1337", "CVE-2014-1303", "CVE-2014-1331", "CVE-2013-2875", "CVE-2014-1731", "CVE-2013-5199", "CVE-2014-1344", "CVE-2014-1290", "CVE-2014-1304", "CVE-2014-1330", "CVE-2014-1367", "CVE-2013-5195", "CVE-2014-1713", "CVE-2014-1334", "CVE-2014-1329", "CVE-2014-1293", "CVE-2014-1326", "CVE-2014-1384", "CVE-2013-2927", "CVE-2014-4410", "CVE-2014-1343", "CVE-2013-2871", "CVE-2013-2909", "CVE-2014-4414", "CVE-2014-1333", "CVE-2014-1341", "CVE-2014-1298", "CVE-2014-1313", "CVE-2014-1305", "CVE-2014-1310", "CVE-2014-1390", "CVE-2014-1300", "CVE-2014-1302", "CVE-2014-1388", "CVE-2013-2928", "CVE-2014-1339", "CVE-2014-1299", "CVE-2014-1294", "CVE-2014-1311"], "modified": "2014-10-18T00:00:00", "id": "SECURITYVULNS:DOC:31304", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31304", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:50", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-03-10-2 Apple TV 6.1\r\n\r\nApple TV 6.1 is now available and addresses the following:\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: An attacker with access to an Apple TV may access sensitive\r\nuser information from logs\r\nDescription: Sensitive user information was logged. This issue was\r\naddressed by logging less information.\r\nCVE-ID\r\nCVE-2014-1279 : David Schuetz working at Intrepidus Group\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Profile expiration dates were not honored\r\nDescription: Expiration dates of mobile configuration profiles were\r\nnot evaluated correctly. The issue was resolved through improved\r\nhandling of configuration profiles.\r\nCVE-ID\r\nCVE-2014-1267\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: A malicious application can cause an unexpected system\r\ntermination\r\nDescription: A reachable assertion issue existed in CoreCapture's\r\nhandling of IOKit API calls. The issue was addressed through\r\nadditional validation of input from IOKit.\r\nCVE-ID\r\nCVE-2014-1271 : Filippo Bigarella\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: A local user may be able to change permissions on arbitrary\r\nfiles\r\nDescription: CrashHouseKeeping followed symbolic links while\r\nchanging permissions on files. This issue was addressed by not\r\nfollowing symbolic links when changing permissions on files.\r\nCVE-ID\r\nCVE-2014-1272 : evad3rs\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Code signing requirements may be bypassed\r\nDescription: Text relocation instructions in dynamic libraries may\r\nbe loaded by dyld without code signature validation. This issue was\r\naddressed by ignoring text relocation instructions.\r\nCVE-ID\r\nCVE-2014-1273 : evad3rs\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JPEG2000\r\nimages in PDF files. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2014-1275 : Felix Groebert of the Google Security Team\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted TIFF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in libtiff's handling of TIFF\r\nimages. This issue was addressed through additional validation of\r\nTIFF images.\r\nCVE-ID\r\nCVE-2012-2088\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted JPEG file may lead to the\r\ndisclosure of memory contents\r\nDescription: An uninitialized memory access issue existed in\r\nlibjpeg's handling of JPEG markers, resulting in the disclosure of\r\nmemory contents. This issue was addressed through additional\r\nvalidation of JPEG files.\r\nCVE-ID\r\nCVE-2013-6629 : Michal Zalewski\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: A local user may be able to cause an unexpected system\r\ntermination or arbitrary code execution in the kernel\r\nDescription: An out of bounds memory access issue existed in the ARM\r\nptmx_get_ioctl function. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2014-1278 : evad3rs\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: A configuration profile may be hidden from the user\r\nDescription: A configuration profile with a long name could be\r\nloaded onto the device but was not displayed in the profile UI. The\r\nissue was addressed through improved handling of profile names.\r\nCVE-ID\r\nCVE-2014-1282 : Assaf Hefetz, Yair Amit and Adi Sharabani of Skycure\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: A person with physical access to the device may be able to\r\ncause arbitrary code execution in kernel mode\r\nDescription: A memory corruption issue existed in the handling of\r\nUSB messages. This issue was addressed through additional validation\r\nof USB messages.\r\nCVE-ID\r\nCVE-2014-1287 : Andy Davis of NCC Group\r\n\r\nWebKit\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2013-2909 : Atte Kettunen of OUSPG\r\nCVE-2013-2926 : cloudfuzzer\r\nCVE-2013-2928 : Google Chrome Security Team\r\nCVE-2013-5196 : Google Chrome Security Team\r\nCVE-2013-5197 : Google Chrome Security Team\r\nCVE-2013-5198 : Apple\r\nCVE-2013-5199 : Apple\r\nCVE-2013-5225 : Google Chrome Security Team\r\nCVE-2013-5228 : Keen Team (@K33nTeam) working with HP's Zero Day\r\nInitiative\r\nCVE-2013-6625 : cloudfuzzer\r\nCVE-2013-6635 : cloudfuzzer\r\nCVE-2014-1269 : Apple\r\nCVE-2014-1270 : Apple\r\nCVE-2014-1289 : Apple\r\nCVE-2014-1290 : ant4g0nist (SegFault) working with HP's Zero Day\r\nInitiative, Google Chrome Security Team\r\nCVE-2014-1291 : Google Chrome Security Team\r\nCVE-2014-1292 : Google Chrome Security Team\r\nCVE-2014-1293 : Google Chrome Security Team\r\nCVE-2014-1294 : Google Chrome Security Team\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Playing a maliciously crafted video could lead to the device\r\nbecoming unresponsive\r\nDescription: A null dereference issue existed in the handling of\r\nMPEG-4 encoded files. This issue was addressed through improved\r\nmemory handling.\r\nCVE-ID\r\nCVE-2014-1280 : rg0rd\r\n\r\n\r\nInstallation note:\r\n\r\nApple TV will periodically check for software updates. Alternatively,\r\nyou may manually check for software updates by selecting\r\n"Settings -> General -> Update Software".\r\n\r\nTo check the current version of software, select\r\n"Settings -> General -> About".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJTGlvfAAoJEPefwLHPlZEw8GEP/ikatTiohUPRvpjubarcXePV\r\nz6ixKxmqUUvSy+AlyFTsCpvB1IEipSx5hKbYsxk5+4qAVsYG3VEpLNJKBarUHQN8\r\nK1+I77xF5osLxrypWV6vEDqqFDcZyflumtvfdj7EmWf/FcWnOooRQt7wVVrzrCCh\r\n40nfspy1YjNi1EO2p6dDlzi+yvEGF5CHg8R1zSFf7ozLPoCABlnbdzXxh+nYoI+E\r\ny65R4Eo7OBhVH5mJvBczjsHu/GljR3y/yi3NSnoV5ga5SfaaOlwa8emgNooeEs3u\r\nghkfm2UxkjtdNkpVMfwFp35oLESIl6pMd2dtH2sU4MwRK3h8rvFeS/zJRZmwEIXO\r\n5+9tNop1hmF52aVKRZAJ4/A9kbTC3pKd0PxvKsveB6Pgxbq9eDfueMC/r6FtOZDa\r\nis95LuLtf26h8xQt8FovY7Cm80ckOT4mJnvzfmpGmUSK4PHsNfJwfJOBa1yMHTJg\r\nCDfg+jGhHy7DJuawekzQjcvkz34YWg7Lp25ZJilvZf8dGB2R4g+hikdOrWKI4vFj\r\nx7LGZg6IPaHFt0MPgjnoV1FhABnXksD41uIAQP2LhDrHWnRgTeJoGwQ2SuZjSA6w\r\nT/DzhicTLq6MDSBjlbt6EJ4gtxWlYDfeAfJcFb/Aret+2L7570q18EkLRbiI8e6k\r\n3NksAqBIKSpadFt+M8wt\r\n=xjrI\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2014-03-13T00:00:00", "title": "APPLE-SA-2014-03-10-2 Apple TV 6.1", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6635", "CVE-2014-1278", "CVE-2013-5228", "CVE-2014-1289", "CVE-2014-1280", "CVE-2014-1271", "CVE-2013-2926", "CVE-2014-1270", "CVE-2014-1292", "CVE-2014-1287", "CVE-2014-1291", "CVE-2014-1272", "CVE-2013-5197", "CVE-2013-5196", "CVE-2013-5225", "CVE-2013-5198", "CVE-2013-6625", "CVE-2014-1269", "CVE-2014-1275", "CVE-2013-5199", "CVE-2014-1290", "CVE-2014-1282", "CVE-2014-1293", "CVE-2014-1273", "CVE-2013-2909", "CVE-2012-2088", "CVE-2013-6629", "CVE-2014-1279", "CVE-2013-2928", "CVE-2014-1267", "CVE-2014-1294"], "modified": "2014-03-13T00:00:00", "id": "SECURITYVULNS:DOC:30358", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30358", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:50", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-03-10-1 iOS 7.1\r\n\r\niOS 7.1 is now available and addresses the following:\r\n\r\nBackup\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A maliciously crafted backup can alter the filesystem\r\nDescription: A symbolic link in a backup would be restored, allowing\r\nsubsequent operations during the restore to write to the rest of the\r\nfilesystem. This issue was addressed by checking for symbolic links\r\nduring the restore process.\r\nCVE-ID\r\nCVE-2013-5133 : evad3rs\r\n\r\nCertificate Trust Policy\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Root certificates have been updated\r\nDescription: Several certificates were added to or removed from the\r\nlist of system roots.\r\n\r\nConfiguration Profiles\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Profile expiration dates were not honored\r\nDescription: Expiration dates of mobile configuration profiles were\r\nnot evaluated correctly. The issue was resolved through improved\r\nhandling of configuration profiles.\r\nCVE-ID\r\nCVE-2014-1267\r\n\r\nCoreCapture\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application can cause an unexpected system\r\ntermination\r\nDescription: A reachable assertion issue existed in CoreCapture's\r\nhandling of IOKit API calls. The issue was addressed through\r\nadditional validation of input from IOKit.\r\nCVE-ID\r\nCVE-2014-1271 : Filippo Bigarella\r\n\r\nCrash Reporting\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to change permissions on arbitrary\r\nfiles\r\nDescription: CrashHouseKeeping followed symbolic links while\r\nchanging permissions on files. This issue was addressed by not\r\nfollowing symbolic links when changing permissions on files.\r\nCVE-ID\r\nCVE-2014-1272 : evad3rs\r\n\r\ndyld\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Code signing requirements may be bypassed\r\nDescription: Text relocation instructions in dynamic libraries may\r\nbe loaded by dyld without code signature validation. This issue was\r\naddressed by ignoring text relocation instructions.\r\nCVE-ID\r\nCVE-2014-1273 : evad3rs\r\n\r\nFaceTime\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to the device may be able to\r\naccess FaceTime contacts from the lock screen\r\nDescription: FaceTime contacts on a locked device could be exposed\r\nby making a failed FaceTime call from the lock screen. This issue was\r\naddressed through improved handling of FaceTime calls.\r\nCVE-ID\r\nCVE-2014-1274\r\n\r\nImageIO\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JPEG2000\r\nimages in PDF files. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2014-1275 : Felix Groebert of the Google Security Team\r\n\r\nImageIO\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted TIFF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in libtiff's handling of TIFF\r\nimages. This issue was addressed through additional validation of\r\nTIFF images.\r\nCVE-ID\r\nCVE-2012-2088\r\n\r\nImageIO\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted JPEG file may lead to the\r\ndisclosure of memory contents\r\nDescription: An uninitialized memory access issue existed in\r\nlibjpeg's handling of JPEG markers, resulting in the disclosure of\r\nmemory contents. This issue was addressed through additional\r\nvalidation of JPEG files.\r\nCVE-ID\r\nCVE-2013-6629 : Michal Zalewski\r\n\r\nIOKit HID Event\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may monitor on user actions in other\r\napps\r\nDescription: An interface in IOKit framework allowed malicious apps\r\nto monitor on user actions in other apps. This issue was addressed\r\nthrough improved access control policies in the framework.\r\nCVE-ID\r\nCVE-2014-1276 : Min Zheng, Hui Xue, and Dr. Tao (Lenx) Wei of FireEye\r\n\r\niTunes Store\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A man-in-the-middle attacker may entice a user into\r\ndownloading a malicious app via Enterprise App Download\r\nDescription: An attacker with a privileged network position could\r\nspoof network communications to entice a user into downloading a\r\nmalicious app. This issue was mitigated by using SSL and prompting\r\nthe user during URL redirects.\r\nCVE-ID\r\nCVE-2014-1277 : Stefan Esser\r\n\r\nKernel\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to cause an unexpected system\r\ntermination or arbitrary code execution in the kernel\r\nDescription: An out of bounds memory access issue existed in the ARM\r\nptmx_get_ioctl function. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2014-1278 : evad3rs\r\n\r\nOffice Viewer\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Opening a maliciously crafted Microsoft Word document may\r\nlead to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: A double free issue existed in the handling of\r\nMicrosoft Word documents. This issue was addressed through improved\r\nmemory management.\r\nCVE-ID\r\nCVE-2014-1252 : Felix Groebert of the Google Security Team\r\n\r\nPhotos Backend\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Deleted images may still appear in the Photos app underneath\r\ntransparent images\r\nDescription: Deleting an image from the asset library did not delete\r\ncached versions of the image. This issue was addressed through\r\nimproved cache management.\r\nCVE-ID\r\nCVE-2014-1281 : Walter Hoelblinger of Hoelblinger.com, Morgan Adams,\r\nTom Pennington\r\n\r\nProfiles\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A configuration profile may be hidden from the user\r\nDescription: A configuration profile with a long name could be\r\nloaded onto the device but was not displayed in the profile UI. The\r\nissue was addressed through improved handling of profile names.\r\nCVE-ID\r\nCVE-2014-1282 : Assaf Hefetz, Yair Amit and Adi Sharabani of Skycure\r\n\r\nSafari\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: User credentials may be disclosed to an unexpected site via\r\nautofill\r\nDescription: Safari may have autofilled user names and passwords\r\ninto a subframe from a different domain than the main frame. This\r\nissue was addressed through improved origin tracking.\r\nCVE-ID\r\nCVE-2013-5227 : Niklas Malmgren of Klarna AB\r\n\r\nSettings - Accounts\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to the device may be able to\r\ndisable Find My iPhone without entering an iCloud password\r\nDescription: A state management issue existed in the handling of the\r\nFind My iPhone state. This issue was addressed through improved\r\nhandling of Find My iPhone state.\r\nCVE-ID\r\nCVE-2014-1284\r\n\r\nSpringboard\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to the device may be able to\r\nsee the home screen of the device even if the device has not been\r\nactivated\r\nDescription: An unexpected application termination during activation\r\ncould cause the phone to show the home screen. The issue was\r\naddressed through improved error handling during activation.\r\nCVE-ID\r\nCVE-2014-1285 : Roboboi99\r\n\r\nSpringBoard Lock Screen\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A remote attacker may be able to cause the lock screen to\r\nbecome unresponsive\r\nDescription: A state management issue existed in the lock screen.\r\nThis issue was addressed through improved state management.\r\nCVE-ID\r\nCVE-2014-1286 : Bogdan Alecu of M-sec.net\r\n\r\nTelephonyUI Framework\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A webpage could trigger a FaceTime audio call without user\r\ninteraction\r\nDescription: Safari did not consult the user before launching\r\nfacetime-audio:// URLs. This issue was addressed with the addition of\r\na confirmation prompt.\r\nCVE-ID\r\nCVE-2013-6835 : Guillaume Ross\r\n\r\nUSB Host\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to the device may be able to\r\ncause arbitrary code execution in kernel mode\r\nDescription: A memory corruption issue existed in the handling of\r\nUSB messages. This issue was addressed through additional validation\r\nof USB messages.\r\nCVE-ID\r\nCVE-2014-1287 : Andy Davis of NCC Group\r\n\r\nVideo Driver\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Playing a maliciously crafted video could lead to the device\r\nbecoming unresponsive\r\nDescription: A null dereference issue existed in the handling of\r\nMPEG-4 encoded files. This issue was addressed through improved\r\nmemory handling.\r\nCVE-ID\r\nCVE-2014-1280 : rg0rd\r\n\r\nWebKit\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2013-2909 : Atte Kettunen of OUSPG\r\nCVE-2013-2926 : cloudfuzzer\r\nCVE-2013-2928 : Google Chrome Security Team\r\nCVE-2013-5196 : Google Chrome Security Team\r\nCVE-2013-5197 : Google Chrome Security Team\r\nCVE-2013-5198 : Apple\r\nCVE-2013-5199 : Apple\r\nCVE-2013-5225 : Google Chrome Security Team\r\nCVE-2013-5228 : Keen Team (@K33nTeam) working with HP's Zero Day\r\nInitiative\r\nCVE-2013-6625 : cloudfuzzer\r\nCVE-2013-6635 : cloudfuzzer\r\nCVE-2014-1269 : Apple\r\nCVE-2014-1270 : Apple\r\nCVE-2014-1289 : Apple\r\nCVE-2014-1290 : ant4g0nist (SegFault) working with HP's Zero Day\r\nInitiative, Google Chrome Security Team\r\nCVE-2014-1291 : Google Chrome Security Team\r\nCVE-2014-1292 : Google Chrome Security Team\r\nCVE-2014-1293 : Google Chrome Security Team\r\nCVE-2014-1294 : Google Chrome Security Team\r\n\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "7.1".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJTGlvJAAoJEPefwLHPlZEwh2cP/iOvfDbgv78TKX2hsxttcy8l\r\nNTK4EbpYO0rEpqbQukIHwBrb+PtEWK4tdxWPNQV+8GnCPaLqmMXWxHZPkI02qXjI\r\nUxYNgPq+9MPcoFFdbbptz4azcwFa0rdsQtxL0MYRrUqW5ml86zjGsVWUDGMDFu9R\r\nfuujvU/JOGoIYVxFQziEScnMfryw61b/JObcT/mDzXv/IcKhuMzMfp4cbnXq7Mmx\r\nNOpIQ0syx5oH7jadJA72iX7UyUuoydAcD3gaJDbLLfjEM8giDTL/TmH1HpuJjDHq\r\nZmj0NMlMqAztoFzpHZxlJ6kYjFYs7heyWgm3HQ+dwT0cDajFEZUEJGuBBO+P6dwp\r\ncVlhDJ87crsP2ctUn46EUGFw5fFZRPEUqm4r0M/3o8z2ZPDqFxIBwMHEEV2LJtuN\r\nlKjHYYWTO9BZOg87pm/HLpNqqTEz7J1eDWVJiRh5kZarp8w5KgZhBhYkltlPKwOo\r\nUh1SvUH+CjgNQTObSLv+e2EJ0So8gi3xBGHOrOdcof33fTsyL4WDvHEIvs4l1jUY\r\nf29uha46K3dVZpJtFV3xTiwm6fodWgTR4xhWSAAVI2V8V4KLQMEHu7+eV+cURmme\r\nJLdVgzxXw0uZHP874Uy60qR+6KBdEkIvgAoDHmd9jLnZMJTQAcn7PjcZz2z/V25u\r\n3bQ2RrEc85Xqs7adpinL\r\n=W1ik\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2014-03-13T00:00:00", "title": "APPLE-SA-2014-03-10-1 iOS 7.1", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6635", "CVE-2014-1278", "CVE-2013-5228", "CVE-2014-1289", "CVE-2014-1280", "CVE-2013-5133", "CVE-2014-1284", "CVE-2014-1271", "CVE-2014-1281", "CVE-2014-1276", "CVE-2013-2926", "CVE-2014-1270", "CVE-2014-1292", "CVE-2014-1287", "CVE-2014-1291", "CVE-2014-1272", "CVE-2013-5197", "CVE-2013-6835", "CVE-2013-5196", "CVE-2013-5225", "CVE-2013-5198", "CVE-2014-1252", "CVE-2013-6625", "CVE-2014-1269", "CVE-2014-1275", "CVE-2013-5199", "CVE-2014-1290", "CVE-2014-1286", "CVE-2013-5227", "CVE-2014-1282", "CVE-2014-1274", "CVE-2014-1285", "CVE-2014-1293", "CVE-2014-1273", "CVE-2013-2909", "CVE-2014-1277", "CVE-2012-2088", "CVE-2013-6629", "CVE-2013-2928", "CVE-2014-1267", "CVE-2014-1294"], "modified": "2014-03-13T00:00:00", "id": "SECURITYVULNS:DOC:30357", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30357", "cvss": {"score": 8.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:47:15", "description": "Symbolic links vulnerability, root certificates problems, protection bypass, DoS, privilege escalation, memory corruption, information leakage, code execution.", "edition": 2, "cvss3": {}, "published": "2014-03-31T00:00:00", "title": "Apple iOS multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6635", "CVE-2014-1278", "CVE-2013-5228", "CVE-2014-1289", "CVE-2014-1280", "CVE-2013-5133", "CVE-2014-1284", "CVE-2014-1271", "CVE-2014-1281", "CVE-2014-1276", "CVE-2013-2926", "CVE-2014-1270", "CVE-2014-1292", "CVE-2014-1287", "CVE-2014-1291", "CVE-2014-1272", "CVE-2013-5197", "CVE-2013-6835", "CVE-2013-5196", "CVE-2013-5225", "CVE-2013-5198", "CVE-2014-1252", "CVE-2013-6625", "CVE-2014-1269", "CVE-2014-1275", "CVE-2013-5199", "CVE-2014-1290", "CVE-2014-1286", "CVE-2013-5227", "CVE-2014-1282", "CVE-2014-1274", "CVE-2014-1285", "CVE-2014-1293", "CVE-2014-1273", "CVE-2013-2909", "CVE-2014-1277", "CVE-2012-2088", "CVE-2013-6629", "CVE-2013-2928", "CVE-2014-1267", "CVE-2014-1294"], "modified": "2014-03-31T00:00:00", "id": "SECURITYVULNS:VULN:13600", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13600", "cvss": {"score": 8.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:49", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2797-1 security@debian.org\r\nhttp://www.debian.org/security/ Michael Gilbert\r\nNovember 16, 2013 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : chromium-browser\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2013-2931 CVE-2013-6621 CVE-2013-6622 CVE-2013-6623 \r\n CVE-2013-6624 CVE-2013-6625 CVE-2013-6626 CVE-2013-6627\r\n CVE-2013-6628 CVE-2013-6629 CVE-2013-6630 CVE-2013-6631\r\n CVE-2013-6632\r\n\r\nSeveral vulnerabilities have been discovered in the chromium web browser.\r\n\r\nCVE-2013-2931\r\n\r\n The chrome 31 development team found various issues from internal\r\n fuzzing, audits, and other studies.\r\n\r\nCVE-2013-6621\r\n\r\n Khalil Zhani discovered a use-after-free issue in speech input\r\n handling.\r\n\r\nCVE-2013-6622\r\n\r\n cloudfuzzer discovered a use-after-free issue in HTMLMediaElement.\r\n\r\nCVE-2013-6623\r\n\r\n miaubiz discovered an out-of-bounds read in the Blink/Webkit SVG\r\n implementation.\r\n\r\nCVE-2013-6624\r\n\r\n Jon Butler discovered a use-after-free issue in id attribute strings.\r\n\r\nCVE-2013-6625\r\n\r\n cloudfuzzer discovered a use-after-free issue in the Blink/Webkit\r\n DOM implementation.\r\n\r\nCVE-2013-6626\r\n\r\n Chamal de Silva discovered an address bar spoofing issue.\r\n\r\nCVE-2013-6627\r\n\r\n skylined discovered an out-of-bounds read in the HTTP stream parser.\r\n\r\nCVE-2013-6628\r\n\r\n Antoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris\r\n discovered that a different (unverified) certificate could be used\r\n after successful TLS renegotiation with a valid certificate.\r\n\r\nCVE-2013-6629\r\n\r\n Michal Zalewski discovered an uninitialized memory read in the\r\n libjpeg and libjpeg-turbo libraries.\r\n\r\nCVE-2013-6630\r\n\r\n Michal Zalewski discovered another uninitialized memory read in\r\n the libjpeg and libjpeg-turbo libraries.\r\n\r\nCVE-2013-6631\r\n\r\n Patrik H\u0423\u0416glund discovered a use-free issue in the libjingle library.\r\n\r\nCVE-2013-6632\r\n\r\n Pinkie Pie discovered multiple memory corruption issues.\r\n\r\nFor the stable distribution (wheezy), these problems have been fixed in\r\nversion 31.0.1650.57-1~deb7u1.\r\n\r\nFor the testing distribution (jessie), these problems will be fixed soon.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 31.0.1650.57-1.\r\n\r\nWe recommend that you upgrade your chromium-browser packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.15 (GNU/Linux)\r\n\r\niQQcBAEBCgAGBQJSiChzAAoJELjWss0C1vRzU4Qf/RvGDovXCQzKN1JKFWr+VDhu\r\nOfwJAd5DZUd/EAe8ZgfTrmivl6gTYYLI6ulRcyhlQyDXuQcg7+pz33/97Q/At77f\r\nnm6jfo1eZQN674NZ+H5lL3ZcVmnxubXGa0Ro+Q5QghS6lcvQ3G684j+t8wnyAu9s\r\nIYcwxgjVlIUvHMa6j4jep6x/hL3UWEnWNGBx6FtL9vR+832BRU9L9ngZsy7BLsKy\r\ngAn2XvU2R1GUkPfwG0gu0dXSHG0DTYeDSGdcAblFgnDUgcZLr1VXfNqRv3y47LVS\r\nnpL/a4HWqqFBbEsa4Pho1zepADs5RRgnOple90xIsCIcmq+YZ/AvDP0N+AFOY4FV\r\n0NNOWOwfsVhcSengrJmsc6+W5RX1VtDVzhrtkQYD+dEgVj2HLdRKzju7qLMj2sJz\r\nnzzVGMcZ8Gz3CnR31mEioeE9fj8DzRXPMf+6oyqpfzttprGg6F3s7elVEFjKfRbf\r\ncrxjm1Rok9g4vGNFEfNPFEqzFvjgzd7zkT6Xrd2HPqOSrnWjAWOxhdaBQmtuUmYt\r\nQqkJWLUREWwqXLYE6PMSmLO6dAO1z8DU25R37TdD3aa5U2qzabAxwsUCQ2iLt9W8\r\n/xY8RTdR/L28wa0zC1xEWdObdgAj5+B8ZAw8sbENlVytLV8o4GlfDaX7PaC8YYAn\r\n0/N+CjDWS2QEnQgBuL8pNpbFc1cyEpLqmboE4k5Vg4hAjUsAvE+KimTv/pdmfEwU\r\nD9qzA37NM17hfU7KOMBtYLJ5pQLS5JnyHVDwy8iCQUP72HS8dvc4nvrW6feTE7w3\r\njseUvtwG2MLdp/lUXDzGw8Vr60wXmAMFU298jOb8d38YajzMdSbkihNDq1OWCZ+v\r\nlvFBjfOlxZtR+xIYJjrfe41oAD84Dk7j31o9o4OHelCP0Ur7o49PlFWkaRegMeyL\r\n/F82W1oyKNKaoiAGenlRBJFwmqKlC4uebkYL2juRuRcTd0D4tNKmlFK04LlGkTMG\r\nRzfO20owjh2e4CQYbf96zXod0MurhbzdBIzEEQDhxSAQJHFmzO9zKa0opsVteXNU\r\negcxdp7xTk744q9uyb9mJOyswer6YyYiRxT9I5Je3+DCJcQVnoZZICV4cqZ020hj\r\nyNJjepdJgNg48fg5HwpVJYx7BFdmU4DFga0zcr22r0oCw0Ywnbnq9ePvjX2ZUsfM\r\nQVXeh6oGz8u2+9su5uDvba+r3gEg+pxhMFp1Ce4gvBISdzvydpPERN5mqA5QVGSE\r\n+B1NwTdf9UzJ/CbA4seh03Kq+CYxmnNzekTIa6kTX49xkuroV/bAkU4UuZqdYORE\r\nm7onNL073yMBpS4jfPgq0zEFIohseX0m8+Cdd1maCV819HeopjTaajY94DL2Hrk=\r\n=jrjN\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2013-11-26T00:00:00", "title": "[SECURITY] [DSA 2797-1] chromium-browser security update", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6632", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2013-11-26T00:00:00", "id": "SECURITYVULNS:DOC:30037", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30037", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:51:20", "description": "Multiple memory corruptions, address bar spoofing, TLS renegatiation vulnerability.", "edition": 2, "cvss3": {}, "published": "2013-11-26T00:00:00", "title": "Google Chrome / Chromium multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6632", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2013-11-26T00:00:00", "id": "SECURITYVULNS:VULN:13432", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13432", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:48", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2724-1 security@debian.org\r\nhttp://www.debian.org/security/ Michael Gilbert\r\nJuly 17, 2013 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : chromium-browser\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2013-2853 CVE-2013-2867 CVE-2013-2868 CVE-2013-2869\r\n CVE-2013-2870 CVE-2013-2871 CVE-2013-2873 CVE-2013-2875\r\n CVE-2013-2876 CVE-2013-2877 CVE-2013-2878 CVE-2013-2879\r\n CVE-2013-2880\r\n\r\nSeveral vulnerabilities have been discovered in the Chromium web browser.\r\n\r\nCVE-2013-2853\r\n\r\n The HTTPS implementation does not ensure that headers are terminated\r\n by \r\n\r\n (carriage return, newline, carriage return, newline).\r\n\r\nCVE-2013-2867\r\n\r\n Chrome does not properly prevent pop-under windows.\r\n\r\nCVE-2013-2868\r\n\r\n common/extensions/sync_helper.cc proceeds with sync operations for\r\n NPAPI extensions without checking for a certain plugin permission\r\n setting.\r\n\r\nCVE-2013-2869\r\n\r\n Denial of service (out-of-bounds read) via a crafted JPEG2000\r\n image.\r\n\r\nCVE-2013-2870\r\n\r\n Use-after-free vulnerability in network sockets.\r\n\r\nCVE-2013-2871\r\n\r\n Use-after-free vulnerability in input handling.\r\n\r\nCVE-2013-2873\r\n\r\n Use-after-free vulnerability in resource loading.\r\n\r\nCVE-2013-2875\r\n\r\n Out-of-bounds read in SVG file handling.\r\n\r\nCVE-2013-2876\r\n\r\n Chrome does not properly enforce restrictions on the capture of\r\n screenshots by extensions, which could lead to information\r\n disclosure from previous page visits.\r\n\r\nCVE-2013-2877\r\n\r\n Out-of-bounds read in XML file handling.\r\n\r\nCVE-2013-2878\r\n\r\n Out-of-bounds read in text handling.\r\n\r\nCVE-2013-2879\r\n\r\n The circumstances in which a renderer process can be considered a\r\n trusted process for sign-in and subsequent sync operations were\r\n not propertly checked.\r\n\r\nCVE-2013-2880\r\n\r\n The chrome 28 development team found various issues from internal\r\n fuzzing, audits, and other studies.\r\n\r\nFor the stable distribution (wheezy), these problems have been fixed in\r\nversion 28.0.1500.71-1~deb7u1.\r\n\r\nFor the testing distribution (jessie), these problems will be fixed soon.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 28.0.1500.71-1.\r\n\r\nWe recommend that you upgrade your chromium-browser packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niQQcBAEBCgAGBQJR5z1ZAAoJELjWss0C1vRzXNcgALd1S9ITVHdzvjtnyZ9j2o8c\r\nWThFzzbsuq5NQdmvd05rgVE9DM4gZqw+iDDraeDPkNwG6u5v3DsjwQubRBCcsRT8\r\ncPMVuV2hromqAmd5ghqbWQ4w4/I73JDJbrnGszJPL/SCKx7/6XYFl6HOgr3rNUxz\r\nFCODDsahUPo/BJ39QImC2nLqaI0B+81CTMzna0oMRDXrAsHHo74U8o8Uf5W6W5ux\r\nLnxdw/mB+Ebh+2X73K4+xCHzzC5UEH7YR2VH2Ljex4D9SWdKUEk16Wb7qDXUuZ5D\r\nY30WQ7NRmZWfzrAHi510+I4gVyBY6F1n5wlb81jUcm6fk/Mgo17fe1DSaXn2TQf5\r\nikFvRaXVS+fT/RIhteyTJsGmIudFOmTt38vzH5sjMc3NV8o5EORA8GtE4q22ewiI\r\nwyFYN4wFQgp684XHntcALnEOXGVM2Q9W+bfdqvKWQFYustzNjoHIlj0bEV1e+Ifg\r\n2jhvE1hu5xj/UoIfUniqd1XwIx/bPMdk6Z8Ltb0D1cyHJ48H6VdAI2JQY7a3Xusq\r\n1Aqk9DyIFdp+iR5FT+Ume03ucpwbnSx5qJxdGqb7tbmeNShY9xgyWZhRimrVt44c\r\nhA+wqHXIBeK5Rq4+0RCfWTlTje61ZlGFzmxUVIBweFWXzHHMBDSIzMv944O6tQQx\r\noNHl2GinPZKs3H7ETIagV64qnB/829spKbktnBRJ4PMyOHMzVLs8r/ohL1VJMbKr\r\n0rdnv/YHS+dMiFHI9L8S+oY/F7kkUVh+t3UvEXvMNhb9Y4xuT3jRzh89yT9btMTb\r\nNABbqp0ADY5gVMqM8W5zfYklyD/kf+iyU233JArS6j3YZxJsZGfsUycmq118vygJ\r\nWItOsInHTEsa53oCwMM9wrk96lFO44HqZ2ssyWK+Oi9CN8vihr10dirnk8hhXQrs\r\nnwQiqxRUhPdVSrCYUM19k78lfPcR3fXzydiC9gPp3jD/7XxG7PWEfz4I8zVG1IFt\r\nj/3BeWE6nJoK+G95ZrNeUdBSBdIM2JUjcFdsUJCAy+HWdOhJnRu6/CZsRjvND/H3\r\nAATuIMBkfjj0sHeYN6MeUaaeVo3+QH3tJ+EbSiY2X8LIb97dTCa/lV0CZnA6ZpQw\r\nIAPcfCajfPSQ0RmmwNm4bm+a+oRwalDnbjkOEWDIJmo74jpefgyDqYUVKKO8HVF0\r\nuBsB7kvJwg6MyR6QMRj+6Ema0j5cbuXx8AVQtU2pGEqFTHTYL0DkYdojevegFqwM\r\ngiaO8ILAcR6C0BI8IrWSMde49piy4n8GHnAUhkVU5waJTiU5vTAv9yORkfFQEpfb\r\nZRIebEJdbxXbiyVdTVI/zmEf36kxLGUNge8sPreeQv8lGTkMxWNrPEeaDFSWk1s=\r\n=gQNK\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2013-07-19T00:00:00", "title": "[SECURITY] [DSA 2724-1] chromium-browser security update", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-2880", "CVE-2013-2867", "CVE-2013-2878", "CVE-2013-2853", "CVE-2013-2876", "CVE-2013-2870", "CVE-2013-2877", "CVE-2013-2875", "CVE-2013-2869", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2868", "CVE-2013-2879"], "modified": "2013-07-19T00:00:00", "id": "SECURITYVULNS:DOC:29625", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29625", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:51:20", "description": "Protection bypass, privilege escalation, DoS, use-after-free, information leakage, memory corruptions.", "edition": 2, "cvss3": {}, "published": "2013-08-12T00:00:00", "title": "Chromium / Google Chrome multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-2882", "CVE-2013-2880", "CVE-2013-2867", "CVE-2013-2878", "CVE-2013-2853", "CVE-2013-2876", "CVE-2013-2886", "CVE-2013-2884", "CVE-2013-2870", "CVE-2013-2877", "CVE-2013-2875", "CVE-2013-2881", "CVE-2013-2869", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2868", "CVE-2013-2879", "CVE-2013-2883", "CVE-2013-2885"], "modified": "2013-08-12T00:00:00", "id": "SECURITYVULNS:VULN:13200", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13200", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:50", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2883-1 security@debian.org\r\nhttp://www.debian.org/security/ Michael Gilbert\r\nMarch 23, 2014 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : chromium-browser\r\nCVE ID : CVE-2013-6653 CVE-2013-6654 CVE-2013-6655 CVE-2013-6656 \r\n CVE-2013-6657 CVE-2013-6658 CVE-2013-6659 CVE-2013-6660\r\n CVE-2013-6661 CVE-2013-6663 CVE-2013-6664 CVE-2013-6665\r\n CVE-2013-6666 CVE-2013-6667 CVE-2013-6668 CVE-2014-1700\r\n CVE-2014-1701 CVE-2014-1702 CVE-2014-1703 CVE-2014-1704\r\n CVE-2014-1705 CVE-2014-1713 CVE-2014-1715\r\n\r\nSeveral vulnerabilities have been discovered in the chromium web browser.\r\n\r\nCVE-2013-6653\r\n\r\n Khalil Zhani discovered a use-after-free issue in chromium's web\r\n contents color chooser.\r\n\r\nCVE-2013-6654\r\n\r\n TheShow3511 discovered an issue in SVG handling.\r\n\r\nCVE-2013-6655\r\n\r\n cloudfuzzer discovered a use-after-free issue in dom event handling.\r\n\r\nCVE-2013-6656\r\n\r\n NeexEmil discovered an information leak in the XSS auditor.\r\n\r\nCVE-2013-6657\r\n\r\n NeexEmil discovered a way to bypass the Same Origin policy in the\r\n XSS auditor.\r\n\r\nCVE-2013-6658\r\n\r\n cloudfuzzer discovered multiple use-after-free issues surrounding\r\n the updateWidgetPositions function.\r\n\r\nCVE-2013-6659\r\n\r\n Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that\r\n it was possible to trigger an unexpected certificate chain during\r\n TLS renegotiation.\r\n\r\nCVE-2013-6660\r\n\r\n bishopjeffreys discovered an information leak in the drag and drop\r\n implementation.\r\n\r\nCVE-2013-6661\r\n\r\n The Google Chrome team discovered and fixed multiple issues in\r\n version 33.0.1750.117.\r\n\r\nCVE-2013-6663\r\n\r\n Atte Kettunen discovered a use-after-free issue in SVG handling.\r\n\r\nCVE-2013-6664\r\n\r\n Khalil Zhani discovered a use-after-free issue in the speech\r\n recognition feature.\r\n\r\nCVE-2013-6665\r\n\r\n cloudfuzzer discovered a buffer overflow issue in the software\r\n renderer.\r\n\r\nCVE-2013-6666\r\n\r\n netfuzzer discovered a restriction bypass in the Pepper Flash\r\n plugin.\r\n\r\nCVE-2013-6667\r\n\r\n The Google Chrome team discovered and fixed multiple issues in\r\n version 33.0.1750.146.\r\n\r\nCVE-2013-6668\r\n\r\n Multiple vulnerabilities were fixed in version 3.24.35.10 of\r\n the V8 javascript library.\r\n\r\nCVE-2014-1700\r\n\r\n Chamal de Silva discovered a use-after-free issue in speech\r\n synthesis.\r\n\r\nCVE-2014-1701\r\n\r\n aidanhs discovered a cross-site scripting issue in event handling.\r\n\r\nCVE-2014-1702\r\n\r\n Colin Payne discovered a use-after-free issue in the web database\r\n implementation.\r\n\r\nCVE-2014-1703\r\n\r\n VUPEN discovered a use-after-free issue in web sockets that\r\n could lead to a sandbox escape.\r\n\r\nCVE-2014-1704\r\n\r\n Multiple vulnerabilities were fixed in version 3.23.17.18 of\r\n the V8 javascript library.\r\n\r\nCVE-2014-1705\r\n\r\n A memory corruption issue was discovered in the V8 javascript\r\n library.\r\n\r\nCVE-2014-1713\r\n\r\n A use-after-free issue was discovered in the AttributeSetter\r\n function. \r\n\r\nCVE-2014-1715\r\n\r\n A directory traversal issue was found and fixed.\r\n\r\nFor the stable distribution (wheezy), these problems have been fixed in\r\nversion 33.0.1750.152-1~deb7u1.\r\n\r\nFor the testing distribution (jessie), these problems will be fixed soon.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 33.0.1750.152-1.\r\n\r\nWe recommend that you upgrade your chromium-browser packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQQcBAEBCgAGBQJTL4L5AAoJELjWss0C1vRzmmkf/3IwJbpRQ+HKdWFLjEqap7hN\r\no5p82LhmXthyNNBTfOoylxN03hBPfwvNC6zYZ9wMp0qBJJKvPVvswg3FdpvHMiUS\r\n4N96l0rDyf8HRrd7goQnsagn2RrqDROHHEFsFdwuiC6pB3rLEKN8lPAmpo6VZHkH\r\nLQ5zO0uI/fi3q8Ad2VCeG8O6kdcHUmmvFuB49Sl3YFKpfIVLv5XVaMJBlKSbt62T\r\npbs4/iB4gYTwSeFuN20z17mAchFj31hxuT/UlCD6tn0cIkN9DpL2TDkxG3boVLne\r\nFgDkgSIqV8Zy2mCK3fz7M4INHlyeIh/xiBK+k+VECaVlznUqctCTlQFXXotf19ch\r\nV19rjXMyXMIwe8nVR0C7PoQT225aH9QYBem/S2v6D0hQjpLcDIoZbHvB9zw/7g/o\r\nY8wUhiBsgLTOqy3tsKt1aVGGbElMjBCTqAJ+/SzJZNtZEwNXGkTz2k3EwdarHsaG\r\nea2f1xhiJJaVdXXALGjQwWoKWFEN56WhX749DsFC1jD3F2CTHSI9BN38voMUm1wq\r\nRcoXfc56OR9S+7f+5rDQQ3c2zeDCFgo7Ue3E4/9ZP2IvBdc8qhsZCViZVCE1nCz4\r\ne/NzbauOyLOI1IB4IJkctiRyszvGD30TZYSx8JX6YY6T58HH7HbgLSEEGaLj/dcG\r\nFx4GQHnufVaBPrbpdrXQRqcUwJh2rJO7DM0BsxVKbgNCKQNI65FTNpWn/P7rJ/72\r\ni7VsTUzDT3pcScJ1oqM+egvpEqKnbsPO97+iuzeD5UhJK3s5H23ErGHzwV2ZcHnD\r\ncdc6VwHHCo0gJQ+EA9D/W8/S9MdJscetOb4AzafGUnCq5kGjcs5wFnNh2CWgxNHc\r\n/JJA027nMSRwUnW4kkcJAMiOfTPmNLN0QDy1wok6fJUuOtCP6/I5ptR87gDyX3FW\r\n0JBxbZ6sZigXsIcMNaGJoPxd454dCAFAlLbehm+7i7d9U9Yb3c5o2F81WT4Qx0bu\r\nXdKw5xhFz9OL5TA66GQ2Cr5aaKfrHqW1SzeiOeDJPqJ0ZbPHlIY0c+XJRRKepV22\r\nlBbZzHVMOzv0jkhQjZV4ulf9Rv7xlcSmq2JF7TdjejoS7YrbU8+qg9h9LZ38XDtI\r\nAr/w05YNpZRVtT4XP2v7eYw/vJ7c+6dLwqSqGFVe4VOjkazbM15tB6QoDVjmr1y+\r\nTi/cfFsQAH45joi3v7HXWTXu4NVPN1oQypur/MBO1EvtigbBwxmRdn95mx6zotfY\r\nvoLocT7KLWwPTklh5wtUZ6/DGWv0dXcb7tcbNeEo4e9lhrAP0694huGkJprW5Z09\r\nyItPaD9PNnHySK3FWvz91MpIVqAIlU+7HFuvs7N7Y/RTsQx9bFEjUrn1epeGNL0=\r\n=tb+u\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2014-03-25T00:00:00", "title": "[SECURITY] [DSA 2883-1] chromium-browser security update", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6667", "CVE-2013-6655", "CVE-2013-6658", "CVE-2013-6661", "CVE-2013-6660", "CVE-2014-1703", "CVE-2013-6665", "CVE-2013-6666", "CVE-2013-6656", "CVE-2014-1705", "CVE-2013-6654", "CVE-2013-6653", "CVE-2013-6663", "CVE-2013-6659", "CVE-2014-1713", "CVE-2014-1701", "CVE-2014-1704", "CVE-2013-6657", "CVE-2014-1715", "CVE-2013-6668", "CVE-2014-1702", "CVE-2013-6664", "CVE-2014-1700"], "modified": "2014-03-25T00:00:00", "id": "SECURITYVULNS:DOC:30384", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30384", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:51:20", "description": "Memory corruprions, information leakage, certificate validation issues, protection bypass, crossite scripting, directory traversal.", "edition": 2, "cvss3": {}, "published": "2014-03-27T00:00:00", "title": "Chromium / Google Chrome multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6667", "CVE-2013-6655", "CVE-2013-6658", "CVE-2013-6661", "CVE-2013-6660", "CVE-2014-1703", "CVE-2013-6665", "CVE-2013-6666", "CVE-2013-6656", "CVE-2014-1705", "CVE-2013-6654", "CVE-2013-6653", "CVE-2013-6663", "CVE-2013-6659", "CVE-2014-1713", "CVE-2014-1701", "CVE-2014-1704", "CVE-2013-6657", "CVE-2014-1715", "CVE-2013-6668", "CVE-2014-1702", "CVE-2013-6664", "CVE-2014-1700"], "modified": "2014-03-27T00:00:00", "id": "SECURITYVULNS:VULN:13629", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13629", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-05-29T18:37:45", "description": "This host is installed with Apple Safari and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2014-04-07T00:00:00", "type": "openvas", "title": "Apple Safari Multiple Memory Corruption Vulnerabilities-02 Apr14 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1307", "CVE-2014-1309", "CVE-2014-1312", "CVE-2014-1308", "CVE-2014-1301", "CVE-2014-1304", "CVE-2014-1297", "CVE-2014-1298", "CVE-2014-1313", "CVE-2014-1305", "CVE-2014-1310", "CVE-2014-1302", "CVE-2014-1299", "CVE-2014-1311"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310804534", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804534", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_safari_mult_vuln02_apr14_macosx.nasl 14318 2019-03-19 11:44:05Z cfischer $\n#\n# Apple Safari Multiple Memory Corruption Vulnerabilities-02 Apr14 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804534\");\n script_version(\"$Revision: 14318 $\");\n script_cve_id(\"CVE-2014-1297\", \"CVE-2014-1298\", \"CVE-2014-1299\", \"CVE-2014-1301\",\n \"CVE-2014-1302\", \"CVE-2014-1304\", \"CVE-2014-1305\", \"CVE-2014-1307\",\n \"CVE-2014-1308\", \"CVE-2014-1309\", \"CVE-2014-1310\", \"CVE-2014-1311\",\n \"CVE-2014-1312\", \"CVE-2014-1313\");\n script_bugtraq_id(66580, 66576, 66581, 66584, 66585, 66586, 66587,\n 66572, 66573, 66574, 66575, 66577, 66578, 66579);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 12:44:05 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-07 13:22:25 +0530 (Mon, 07 Apr 2014)\");\n script_name(\"Apple Safari Multiple Memory Corruption Vulnerabilities-02 Apr14 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Flaws are due to muliple unspecified errors in the WebKit\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to bypass a sandbox protection\n mechanism, execute arbitrary code with root privileges via unknown vectors and corrupt memory.\");\n script_tag(name:\"affected\", value:\"Apple Safari version 6.x before 6.1.3 and 7.x before 7.0.3 on Mac OS X\");\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 6.1.3 or 7.0.3 or later.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT6181\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/57688\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:safVer, test_version:\"6.0\", test_version2:\"6.1.2\") ||\n version_in_range(version:safVer, test_version:\"7.0\", test_version2:\"7.0.2\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-22T17:04:02", "description": "This host is installed with Apple Safari and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2014-04-07T00:00:00", "type": "openvas", "title": "Apple Safari Multiple Memory Corruption Vulnerabilities-01 Apr14 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1303", "CVE-2014-1300"], "modified": "2020-04-20T00:00:00", "id": "OPENVAS:1361412562310804533", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804533", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Multiple Memory Corruption Vulnerabilities-01 Apr14 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804533\");\n script_version(\"2020-04-20T13:31:49+0000\");\n script_cve_id(\"CVE-2014-1300\", \"CVE-2014-1303\");\n script_bugtraq_id(66583, 66242);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-04-07 12:52:16 +0530 (Mon, 07 Apr 2014)\");\n script_name(\"Apple Safari Multiple Memory Corruption Vulnerabilities-01 Apr14 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Flaws are due to muliple unspecified errors in the WebKit\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to bypass a sandbox protection\n mechanism, execute arbitrary code with root privileges via unknown vectors and corrupt memory.\");\n script_tag(name:\"affected\", value:\"Apple Safari version 7.0.2 on Mac OS X\");\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 7.0.3 or later.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT6181\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/57688\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_equal(version:safVer, test_version:\"7.0.2\"))\n{\n report = report_fixed_ver(installed_version:safVer, vulnerable_range:\"Equal to 7.0.2\");\n security_message(port:0, data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-23T19:05:50", "description": "This host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2013-10-23T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Oct2013 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2926", "CVE-2013-2925", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2020-04-21T00:00:00", "id": "OPENVAS:1361412562310804116", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804116", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-02 Oct2013 (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804116\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-2928\", \"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\");\n script_bugtraq_id(63024, 63026, 63028, 63025);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-10-23 16:00:38 +0530 (Wed, 23 Oct 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Oct2013 (Linux)\");\n\n\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"Upgrade to version 30.0.1599.101 or later.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Use-after-free vulnerability in the HTMLFormElement 'prepareForSubmission'\nfunction in core/html/HTMLFormElement.cpp.\n\n - Use-after-free vulnerability in the IndentOutdentCommand\n'tryIndentingAsListItem' function in core/editing/IndentOutdentCommand.cpp.\n\n - Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp.\n\n - Another unspecified error.\");\n script_tag(name:\"affected\", value:\"Google Chrome before 30.0.1599.101\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause a denial of\nservice or possibly have other impact via vectors related to submission\nfor FORM elements, vectors related to list elements, vectors that trigger\nmultiple conflicting uses of the same XMLHttpRequest object or via unknown\nvectors.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/63025\");\n script_xref(name:\"URL\", value:\"http://en.securitylab.ru/nvd/446283.php\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/10/stable-channel-update_15.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"30.0.1599.101\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"30.0.1599.101\");\n security_message(port: 0, data: report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-23T19:05:32", "description": "This host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2013-10-23T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Oct2013 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2926", "CVE-2013-2925", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2020-04-21T00:00:00", "id": "OPENVAS:1361412562310804115", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804115", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-02 Oct2013 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804115\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-2928\", \"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\");\n script_bugtraq_id(63024, 63026, 63028, 63025);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-10-23 15:30:38 +0530 (Wed, 23 Oct 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Oct2013 (Mac OS X)\");\n\n\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"Upgrade to version 30.0.1599.101 or later.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Use-after-free vulnerability in the HTMLFormElement 'prepareForSubmission'\nfunction in core/html/HTMLFormElement.cpp.\n\n - Use-after-free vulnerability in the IndentOutdentCommand\n'tryIndentingAsListItem' function in core/editing/IndentOutdentCommand.cpp.\n\n - Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp.\n\n - Another unspecified error.\");\n script_tag(name:\"affected\", value:\"Google Chrome before 30.0.1599.101\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause a denial of\nservice or possibly have other impact via vectors related to submission\nfor FORM elements, vectors related to list elements, vectors that trigger\nmultiple conflicting uses of the same XMLHttpRequest object or via unknown\nvectors.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/63025\");\n script_xref(name:\"URL\", value:\"http://en.securitylab.ru/nvd/446283.php\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/10/stable-channel-update_15.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"30.0.1599.101\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"30.0.1599.101\");\n security_message(port: 0, data: report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-23T19:05:46", "description": "This host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2013-10-23T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Oct2013 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2926", "CVE-2013-2925", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2020-04-21T00:00:00", "id": "OPENVAS:1361412562310804114", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804114", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-02 Oct2013 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804114\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-2928\", \"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\");\n script_bugtraq_id(63024, 63026, 63028, 63025);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-10-23 14:30:38 +0530 (Wed, 23 Oct 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Oct2013 (Windows)\");\n\n\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"Upgrade to version 30.0.1599.101 or later.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Use-after-free vulnerability in the HTMLFormElement 'prepareForSubmission'\nfunction in core/html/HTMLFormElement.cpp.\n\n - Use-after-free vulnerability in the IndentOutdentCommand\n'tryIndentingAsListItem' function in core/editing/IndentOutdentCommand.cpp.\n\n - Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp.\n\n - Another unspecified error.\");\n script_tag(name:\"affected\", value:\"Google Chrome before 30.0.1599.101\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause a denial of\nservice or possibly have other impact via vectors related to submission\nfor FORM elements, vectors related to list elements, vectors that trigger\nmultiple conflicting uses of the same XMLHttpRequest object or via unknown\nvectors.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/63025\");\n script_xref(name:\"URL\", value:\"http://en.securitylab.ru/nvd/446283.php\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/10/stable-channel-update_15.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"30.0.1599.101\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"30.0.1599.101\");\n security_message(port: 0, data: report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-18T11:08:45", "description": "Check for the Version of chromium", "cvss3": {}, "published": "2013-12-03T00:00:00", "type": "openvas", "title": "SuSE Update for chromium openSUSE-SU-2013:1776-1 (chromium)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-2926", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-2925", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-2927", "CVE-2013-6632", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629", "CVE-2013-2928"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:850556", "href": "http://plugins.openvas.org/nasl.php?oid=850556", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_1776_1.nasl 8448 2018-01-17 16:18:06Z teissa $\n#\n# SuSE Update for chromium openSUSE-SU-2013:1776-1 (chromium)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(850556);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-03 14:47:17 +0530 (Tue, 03 Dec 2013)\");\n script_cve_id(\"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\",\n \"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\",\n \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\",\n \"CVE-2013-6628\", \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\",\n \"CVE-2013-6632\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for chromium openSUSE-SU-2013:1776-1 (chromium)\");\n\n tag_insight = \"\n Security and bugfix update to Chromium 31.0.1650.57\n\n - Update to Chromium 31.0.1650.57:\n - Security Fixes:\n * CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 Stable Channel update:\n - Security fixes:\n * CVE-2013-6621: Use after free related to speech input\n elements..\n * CVE-2013-6622: Use after free related to media\n elements.\n * CVE-2013-6623: Out of bounds read in SVG.\n * CVE-2013-6624: Use after free related to id\n attribute strings.\n * CVE-2013-6625: Use after free in DOM ranges.\n * CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n * CVE-2013-6627: Out of bounds read in HTTP parsing.\n * CVE-2013-6628: Issue with certificates not being\n checked during TLS renegotiation.\n * CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n * CVE-2013-6629: Read of uninitialized memory in\n libjpeg and libjpeg-turbo.\n * CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n * CVE-2013-6631: Use after free in libjingle.\n\n - Stable Channel update: fix build for 32bit systems\n\n - Update to Chromium 30.0.1599.101\n - Security Fixes:\n + CVE-2013-2925: Use after free in XHR\n + CVE-2013-2926: Use after free in editing\n + CVE-2013-2927: Use after free in forms.\n + CVE-2013-2928: Various fixes from internal audits,\n fuzzing and other initiatives.\n - Enable ARM build for Chromium.\";\n\n tag_affected = \"chromium on openSUSE 12.3\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2013:1776_1\");\n script_tag(name: \"summary\" , value: \"Check for the Version of chromium\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-31T18:41:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-12-03T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2013:1776-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-2926", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-2925", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-2927", "CVE-2013-6632", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629", "CVE-2013-2928"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850556", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850556", "sourceData": "# Copyright (C) 2013 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850556\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-12-03 14:47:17 +0530 (Tue, 03 Dec 2013)\");\n script_cve_id(\"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\",\n \"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\",\n \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\",\n \"CVE-2013-6628\", \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\",\n \"CVE-2013-6632\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2013:1776-1)\");\n\n script_tag(name:\"affected\", value:\"chromium on openSUSE 12.3\");\n\n script_tag(name:\"insight\", value:\"Security and bugfix update to Chromium 31.0.1650.57\n\n - Update to Chromium 31.0.1650.57:\n\n - Security Fixes:\n\n * CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 Stable Channel update:\n\n - Security fixes:\n\n * CVE-2013-6621: Use after free related to speech input\n elements..\n\n * CVE-2013-6622: Use after free related to media\n elements.\n\n * CVE-2013-6623: Out of bounds read in SVG.\n\n * CVE-2013-6624: Use after free related to id\n attribute strings.\n\n * CVE-2013-6625: Use after free in DOM ranges.\n\n * CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n\n * CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n * CVE-2013-6628: Issue with certificates not being\n checked during TLS renegotiation.\n\n * CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n * CVE-2013-6629: Read of uninitialized memory in\n libjpeg and libjpeg-turbo.\n\n * CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n\n * CVE-2013-6631: Use after free in libjingle.\n\n - Stable Channel update: fix build for 32bit systems\n\n - Update to Chromium 30.0.1599.101\n\n - Security Fixes:\n + CVE-2013-2925: Use after free in XHR\n + CVE-2013-2926: Use after free in editing\n + CVE-2013-2927: Use after free in forms.\n + CVE-2013-2928: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - Enable ARM build for Chromium.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2013:1776-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE12\\.3\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE12.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~31.0.1650.57~1.17.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-22T17:03:34", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2014-03-19T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-03 Mar2014 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1705", "CVE-2014-1714", "CVE-2014-1713", "CVE-2014-1715"], "modified": "2020-04-20T00:00:00", "id": "OPENVAS:1361412562310804343", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804343", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-03 Mar2014 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804343\");\n script_version(\"2020-04-20T13:31:49+0000\");\n script_cve_id(\"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\", \"CVE-2014-1715\");\n script_bugtraq_id(66252, 66243, 66249, 66239);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-03-19 14:00:04 +0530 (Wed, 19 Mar 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-03 Mar2014 (Mac OS X)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An unspecified error within V8.\n\n - A use-after-free error within 'AttributeSetter' function in the bindings in\n Blink.\n\n - Improper verification of certain format value by\n 'ScopedClipboardWriter::WritePickledData' function.\n\n - Insufficient sanitization of user input by 'CreatePlatformFileUnsafe'\n function.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct denial of\nservice, compromise a user's system and possibly unspecified other impacts.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 33.0.1750.152 on Mac OS X.\");\n script_tag(name:\"solution\", value:\"Upgrade to version 33.0.1750.152 or later.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/57439\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/03/stable-channel-update_14.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"33.0.1750.152\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"33.0.1750.152\");\n security_message(port:0, data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-22T17:03:57", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2014-03-19T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-03 Mar2014 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1705", "CVE-2014-1714", "CVE-2014-1713", "CVE-2014-1715"], "modified": "2020-04-20T00:00:00", "id": "OPENVAS:1361412562310804342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804342", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-03 Mar2014 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804342\");\n script_version(\"2020-04-20T13:31:49+0000\");\n script_cve_id(\"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\", \"CVE-2014-1715\");\n script_bugtraq_id(66252, 66243, 66249, 66239);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-03-19 14:00:04 +0530 (Wed, 19 Mar 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-03 Mar2014 (Windows)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An unspecified error within V8.\n\n - A use-after-free error within 'AttributeSetter' function in the bindings in\n Blink.\n\n - Improper verification of certain format value by\n 'ScopedClipboardWriter::WritePickledData' function.\n\n - Insufficient sanitization of user input by 'CreatePlatformFileUnsafe'\n function.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct denial of\nservice, compromise a user's system and possibly unspecified other impacts.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 33.0.1750.154 on Windows.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome 33.0.1750.154 or later.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/57439\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/03/stable-channel-update_14.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"33.0.1750.154\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"33.0.1750.154\");\n security_message(port:0, data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-22T17:04:01", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2014-03-19T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-03 Mar2014 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1705", "CVE-2014-1714", "CVE-2014-1713", "CVE-2014-1715"], "modified": "2020-04-20T00:00:00", "id": "OPENVAS:1361412562310804344", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804344", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-03 Mar2014 (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804344\");\n script_version(\"2020-04-20T13:31:49+0000\");\n script_cve_id(\"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\", \"CVE-2014-1715\");\n script_bugtraq_id(66252, 66243, 66249, 66239);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-03-19 14:00:04 +0530 (Wed, 19 Mar 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-03 Mar2014 (Linux)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An unspecified error within V8.\n\n - A use-after-free error within 'AttributeSetter' function in the bindings in\n Blink.\n\n - Improper verification of certain format value by\n 'ScopedClipboardWriter::WritePickledData' function.\n\n - Insufficient sanitization of user input by 'CreatePlatformFileUnsafe'\n function.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct denial of\nservice, compromise a user's system and possibly unspecified other impacts.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 33.0.1750.152 on Linux.\");\n script_tag(name:\"solution\", value:\"Upgrade to version 33.0.1750.152 or later.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/57439\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/03/stable-channel-update_14.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"33.0.1750.152\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"33.0.1750.152\");\n security_message(port:0, data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-12T11:14:54", "description": "Check for the Version of chromium", "cvss3": {}, "published": "2013-12-17T00:00:00", "type": "openvas", "title": "SuSE Update for chromium openSUSE-SU-2013:1861-1 (chromium)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2922", "CVE-2013-2915", "CVE-2013-2920", "CVE-2013-2931", "CVE-2013-2926", "CVE-2013-2907", "CVE-2013-2919", "CVE-2013-2921", "CVE-2013-2908", "CVE-2013-2913", "CVE-2013-6631", "CVE-2013-2914", "CVE-2013-2912", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-2917", "CVE-2013-2910", "CVE-2013-2916", "CVE-2013-2925", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-2924", "CVE-2013-2927", "CVE-2013-2906", "CVE-2013-2923", "CVE-2013-6632", "CVE-2013-2911", "CVE-2013-2909", "CVE-2013-6622", "CVE-2013-2918", "CVE-2013-6623", "CVE-2013-6629", "CVE-2013-2928"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850558", "href": "http://plugins.openvas.org/nasl.php?oid=850558", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_1861_1.nasl 8045 2017-12-08 08:39:37Z santu $\n#\n# SuSE Update for chromium openSUSE-SU-2013:1861-1 (chromium)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(850558);\n script_version(\"$Revision: 8045 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 09:39:37 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-17 12:01:59 +0530 (Tue, 17 Dec 2013)\");\n script_cve_id(\"CVE-2013-2906\", \"CVE-2013-2907\", \"CVE-2013-2908\", \"CVE-2013-2909\",\n \"CVE-2013-2910\", \"CVE-2013-2911\", \"CVE-2013-2912\", \"CVE-2013-2913\",\n \"CVE-2013-2914\", \"CVE-2013-2915\", \"CVE-2013-2916\", \"CVE-2013-2917\",\n \"CVE-2013-2918\", \"CVE-2013-2919\", \"CVE-2013-2920\", \"CVE-2013-2921\",\n \"CVE-2013-2922\", \"CVE-2013-2923\", \"CVE-2013-2924\", \"CVE-2013-2925\",\n \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\", \"CVE-2013-2931\",\n \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\",\n \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\",\n \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\", \"CVE-2013-6632\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for chromium openSUSE-SU-2013:1861-1 (chromium)\");\n\n tag_insight = \"\n Chromium was updated to 31.0.1650.57: Stable channel update:\n - Security Fixes:\n * CVE-2013-6632: Multiple memory corruption issues.\n - Update to Chromium 31.0.1650.48 Stable Channel update:\n - Security fixes:\n * CVE-2013-6621: Use after free related to speech input\n elements..\n * CVE-2013-6622: Use after free related to media\n elements.\n * CVE-2013-6623: Out of bounds read in SVG.\n * CVE-2013-6624: Use after free related to id\n attribute strings.\n * CVE-2013-6625: Use after free in DOM ranges.\n * CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n * CVE-2013-6627: Out of bounds read in HTTP parsing.\n * CVE-2013-6628: Issue with certificates not being\n checked during TLS renegotiation.\n * CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n * CVE-2013-6629: Read of uninitialized memory in\n libjpeg and libjpeg-turbo.\n * CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n * CVE-2013-6631: Use after free in libjingle.\n - Added patch chromium-fix-chromedriver-build.diff to fix\n the chromedriver build\n\n - Enable ARM build for Chromium.\n * Added patches chromium-arm-webrtc-fix.patch,\n chromium-fix-arm-icu.patch and\n chromium-fix-arm-sysroot.patch to resolve ARM specific\n build issues\n\n - Update to Chromium 30.0.1599.114 Stable Channel update:\n fix build for 32bit systems\n - Drop patch chromium-fix-chromedriver-build.diff. This is\n now fixed upstream\n - For openSUSE versions lower than 13.1, build against the\n in-tree libicu\n\n - Update to Chromium 30.0.1599.101\n - Security Fixes:\n + CVE-2013-2925: Use after free in XHR\n + CVE-2013-2926: Use after free in editing\n + CVE-2013-2927: Use after free in forms.\n + CVE-2013-2928: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - Update to Chromium 30.0.1599.66\n - Easier searching by image\n - A number of new apps/extension APIs\n - Lots of under the hood changes for stability and\n performance\n - Security fixes:\n + CVE-2013-2906: Races in Web Audio\n + CVE-2013-2907: Out of bounds read in Window.prototype\n object\n + CVE-2013-2908: Address bar spoofing related to the\n 204 No Content status code\n + CVE-2013-2909: Use after free in inline-block rendering\n + CVE-2013-2910: Use-after-free in Web Audio\n + CVE-2013-2911: Use-after-free in XSLT\n + CVE-2013-2912: Use-after-free in PPAPI\n + CVE-2013-2913: Use-after-free in XML document parsing\n + CVE-2013-2914: Use after free in the Windows color\n chooser dialog\n + CVE-2013-2915: Address bar spoofing via a malformed\n scheme\n + CVE-2013-2916: ...\n\n Description truncated, for more information please check the Reference URL\";\n\n tag_affected = \"chromium on openSUSE 13.1\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2013:1861_1\");\n script_summary(\"Check for the Version of chromium\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~31.0.1650.57~8.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-31T18:40:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-12-17T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2013:1861-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2922", "CVE-2013-2915", "CVE-2013-2920", "CVE-2013-2931", "CVE-2013-2926", "CVE-2013-2907", "CVE-2013-2919", "CVE-2013-2921", "CVE-2013-2908", "CVE-2013-2913", "CVE-2013-6631", "CVE-2013-2914", "CVE-2013-2912", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-2917", "CVE-2013-2910", "CVE-2013-2916", "CVE-2013-2925", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-2924", "CVE-2013-2927", "CVE-2013-2906", "CVE-2013-2923", "CVE-2013-6632", "CVE-2013-2911", "CVE-2013-2909", "CVE-2013-6622", "CVE-2013-2918", "CVE-2013-6623", "CVE-2013-6629", "CVE-2013-2928"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850558", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850558", "sourceData": "# Copyright (C) 2013 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850558\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-12-17 12:01:59 +0530 (Tue, 17 Dec 2013)\");\n script_cve_id(\"CVE-2013-2906\", \"CVE-2013-2907\", \"CVE-2013-2908\", \"CVE-2013-2909\",\n \"CVE-2013-2910\", \"CVE-2013-2911\", \"CVE-2013-2912\", \"CVE-2013-2913\",\n \"CVE-2013-2914\", \"CVE-2013-2915\", \"CVE-2013-2916\", \"CVE-2013-2917\",\n \"CVE-2013-2918\", \"CVE-2013-2919\", \"CVE-2013-2920\", \"CVE-2013-2921\",\n \"CVE-2013-2922\", \"CVE-2013-2923\", \"CVE-2013-2924\", \"CVE-2013-2925\",\n \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\", \"CVE-2013-2931\",\n \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\",\n \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\",\n \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\", \"CVE-2013-6632\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2013:1861-1)\");\n\n script_tag(name:\"affected\", value:\"chromium on openSUSE 13.1\");\n\n script_tag(name:\"insight\", value:\"Chromium was updated to 31.0.1650.57: Stable channel update:\n\n - Security Fixes:\n\n * CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 Stable Channel update:\n\n - Security fixes:\n\n * CVE-2013-6621: Use after free related to speech input\n elements..\n\n * CVE-2013-6622: Use after free related to media\n elements.\n\n * CVE-2013-6623: Out of bounds read in SVG.\n\n * CVE-2013-6624: Use after free related to id\n attribute strings.\n\n * CVE-2013-6625: Use after free in DOM ranges.\n\n * CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n\n * CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n * CVE-2013-6628: Issue with certificates not being\n checked during TLS renegotiation.\n\n * CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n * CVE-2013-6629: Read of uninitialized memory in\n libjpeg and libjpeg-turbo.\n\n * CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n\n * CVE-2013-6631: Use after free in libjingle.\n\n - Added patch chromium-fix-chromedriver-build.diff to fix\n the chromedriver build\n\n - Enable ARM build for Chromium.\n\n * Added patches chromium-arm-webrtc-fix.patch,\n chromium-fix-arm-icu.patch and\n chromium-fix-arm-sysroot.patch to resolve ARM specific\n build issues\n\n - Update to Chromium 30.0.1599.114 Stable Channel update:\n fix build for 32bit systems\n\n - Drop patch chromium-fix-chromedriver-build.diff. This is\n now fixed upstream\n\n - For openSUSE versions lower than 13.1, build against the\n in-tree libicu\n\n - Update to Chromium 30.0.1599.101\n\n - Security Fixes:\n + CVE-2013-2925: Use after free in XHR\n + CVE-2013-2926: Use after free in editing\n + CVE-2013-2927: Use after free in forms.\n + CVE-2013-2928: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - Update to Chromium 30.0.1599.66\n\n - Easier searching by image\n\n - A number of new apps/extension APIs\n\n - Lots of under the hood changes for stability and\n performance\n\n - Security fixes:\n + CVE-2013-2906: Races in Web Audio\n + CVE-2013-2907: Out of bounds read in Window.prototype\n object\n + CVE-2013-2908: Address bar spoofing related to the\n 204 No Content status code\n + CVE-2013-2909: Use after free in inline-block rendering\n + CVE-2013-2910: Use-after-free in Web Audio\n + CVE-2013-2911: Use-after-free in XSLT\n + CVE-2013-2912: Use-after-free in PPAPI\n + CVE-2013-2913: Use-after-free in XML document parsing\n + CVE-2013-2914: Use after free in the Windows color\n chooser dialog\n + CVE-2013-2915: Address bar spoofing via a malformed\n scheme\n + CVE-2013-2916: ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2013:1861-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~31.0.1650.57~8.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:13", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2906\nAtte Kettunen of OUSPG discovered race conditions in Web Audio.\n\nCVE-2013-2907\nBoris Zbarsky discovered an out-of-bounds read in window.prototype.\n\nCVE-2013-2908\nChamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-2909\nAtte Kuttenen of OUSPG discovered a use-after-free issue in\ninline-block.\n\nCVE-2013-2910\nByoungyoung Lee of the Georgia Tech Information Security Center\ndiscovered a use-after-free issue in Web Audio.\n\nCVE-2013-2911\nAtte Kettunen of OUSPG discovered a use-after-free in Blink", "cvss3": {}, "published": "2013-10-26T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2785-1 (chromium-browser - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2922", "CVE-2013-2915", "CVE-2013-2920", "CVE-2013-2926", "CVE-2013-2907", "CVE-2013-2919", "CVE-2013-2921", "CVE-2013-2908", "CVE-2013-2913", "CVE-2013-2912", "CVE-2013-2917", "CVE-2013-2910", "CVE-2013-2916", "CVE-2013-2925", "CVE-2013-2924", "CVE-2013-2927", "CVE-2013-2906", "CVE-2013-2923", "CVE-2013-2911", "CVE-2013-2909", "CVE-2013-2918", "CVE-2013-2928"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892794", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892794", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2785.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2785-1 using nvtgen 1.0\n# Script version: 1.1\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892794\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-2906\", \"CVE-2013-2927\", \"CVE-2013-2913\", \"CVE-2013-2915\", \"CVE-2013-2912\", \"CVE-2013-2928\", \"CVE-2013-2920\", \"CVE-2013-2919\", \"CVE-2013-2917\", \"CVE-2013-2910\", \"CVE-2013-2908\", \"CVE-2013-2925\", \"CVE-2013-2922\", \"CVE-2013-2923\", \"CVE-2013-2918\", \"CVE-2013-2924\", \"CVE-2013-2926\", \"CVE-2013-2921\", \"CVE-2013-2907\", \"CVE-2013-2916\", \"CVE-2013-2909\", \"CVE-2013-2911\");\n script_name(\"Debian Security Advisory DSA 2785-1 (chromium-browser - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-26 00:00:00 +0200 (Sat, 26 Oct 2013)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2785.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 30.0.1599.101-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 30.0.1599.101-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2906\nAtte Kettunen of OUSPG discovered race conditions in Web Audio.\n\nCVE-2013-2907\nBoris Zbarsky discovered an out-of-bounds read in window.prototype.\n\nCVE-2013-2908\nChamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-2909\nAtte Kuttenen of OUSPG discovered a use-after-free issue in\ninline-block.\n\nCVE-2013-2910\nByoungyoung Lee of the Georgia Tech Information Security Center\ndiscovered a use-after-free issue in Web Audio.\n\nCVE-2013-2911\nAtte Kettunen of OUSPG discovered a use-after-free in Blink's XSLT\nhandling.\n\nCVE-2013-2912\nChamal de Silva and 41.w4r10r(at)garage4hackers.com discovered a\nuse-after-free issue in the Pepper Plug-in API.\n\nCVE-2013-2913\ncloudfuzzer discovered a use-after-free issue in Blink's XML\ndocument parsing.\n\nCVE-2013-2915\nWander Groeneveld discovered an address bar spoofing issue.\n\nCVE-2013-2916\nMasato Kinugawa discovered an address bar spoofing issue.\n\nCVE-2013-2917\nByoungyoung Lee and Tielei Wang discovered an out-of-bounds read\nissue in Web Audio.\n\nCVE-2013-2918\nByoungyoung Lee discoverd an out-of-bounds read in Blink's DOM\nimplementation.\n\nCVE-2013-2919\nAdam Haile of Concrete Data discovered a memory corruption issue\nin the V8 javascript library.\n\nCVE-2013-2920\nAtte Kuttunen of OUSPG discovered an out-of-bounds read in URL\nhost resolving.\n\nCVE-2013-2921\nByoungyoung Lee and Tielei Wang discovered a use-after-free issue\nin resource loading.\n\nCVE-2013-2922\nJon Butler discovered a use-after-free issue in Blink's HTML\ntemplate element implementation.\n\nCVE-2013-2924\nA use-after-free issue was discovered in the International\nComponents for Unicode (ICU) library.\n\nCVE-2013-2925\nAtte Kettunen of OUSPG discover a use-after-free issue in Blink's\nXML HTTP request implementation.\n\nCVE-2013-2926\ncloudfuzzer discovered a use-after-free issue in the list indenting\nimplementation.\n\nCVE-2013-2927\ncloudfuzzer discovered a use-after-free issue in the HTML form\nsubmission implementation.\n\nCVE-2013-2923 and CVE-2013-2928\nThe chrome 30 development team found various issues from internal\nfuzzing, audits, and other studies.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:51:36", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2906 \nAtte Kettunen of OUSPG discovered race conditions in Web Audio.\n\nCVE-2013-2907 \nBoris Zbarsky discovered an out-of-bounds read in window.prototype.\n\nCVE-2013-2908 \nChamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-2909 \nAtte Kuttenen of OUSPG discovered a use-after-free issue in\ninline-block.\n\nCVE-2013-2910 \nByoungyoung Lee of the Georgia Tech Information Security Center\ndiscovered a use-after-free issue in Web Audio.\n\nCVE-2013-2911 \nAtte Kettunen of OUSPG discovered a use-after-free in Blink's XSLT\nhandling.\n\nCVE-2013-2912 \nChamal de Silva and 41.w4r10r(at)garage4hackers.com discovered a\nuse-after-free issue in the Pepper Plug-in API.\n\nCVE-2013-2913 \ncloudfuzzer discovered a use-after-free issue in Blink's XML\ndocument parsing.\n\nCVE-2013-2915 \nWander Groeneveld discovered an address bar spoofing issue.\n\nCVE-2013-2916 \nMasato Kinugawa discovered an address bar spoofing issue.\n\nCVE-2013-2917 \nByoungyoung Lee and Tielei Wang discovered an out-of-bounds read\nissue in Web Audio.\n\nCVE-2013-2918 \nByoungyoung Lee discoverd an out-of-bounds read in Blink's DOM\nimplementation.\n\nCVE-2013-2919 \nAdam Haile of Concrete Data discovered a memory corruption issue\nin the V8 javascript library.\n\nCVE-2013-2920 \nAtte Kuttunen of OUSPG discovered an out-of-bounds read in URL\nhost resolving.\n\nCVE-2013-2921 \nByoungyoung Lee and Tielei Wang discovered a use-after-free issue\nin resource loading.\n\nCVE-2013-2922 \nJon Butler discovered a use-after-free issue in Blink's HTML\ntemplate element implementation.\n\nCVE-2013-2924 \nA use-after-free issue was discovered in the International\nComponents for Unicode (ICU) library. \n\nCVE-2013-2925 \nAtte Kettunen of OUSPG discover a use-after-free issue in Blink's\nXML HTTP request implementation.\n\nCVE-2013-2926 \ncloudfuzzer discovered a use-after-free issue in the list indenting\nimplementation.\n\nCVE-2013-2927 \ncloudfuzzer discovered a use-after-free issue in the HTML form\nsubmission implementation. \n\nCVE-2013-2923 and CVE-2013-2928 \nThe chrome 30 development team found various issues from internal\nfuzzing, audits, and other studies.", "cvss3": {}, "published": "2013-10-26T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2785-1 (chromium-browser - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2922", "CVE-2013-2915", "CVE-2013-2920", "CVE-2013-2926", "CVE-2013-2907", "CVE-2013-2919", "CVE-2013-2921", "CVE-2013-2908", "CVE-2013-2913", "CVE-2013-2912", "CVE-2013-2917", "CVE-2013-2910", "CVE-2013-2916", "CVE-2013-2925", "CVE-2013-2924", "CVE-2013-2927", "CVE-2013-2906", "CVE-2013-2923", "CVE-2013-2911", "CVE-2013-2909", "CVE-2013-2918", "CVE-2013-2928"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892794", "href": "http://plugins.openvas.org/nasl.php?oid=892794", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2785.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2785-1 using nvtgen 1.0\n# Script version: 1.1\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"chromium-browser on Debian Linux\";\ntag_insight = \"Chromium is an open-source browser project that aims to build a safer, faster,\nand more stable way for all Internet users to experience the web.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 30.0.1599.101-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 30.0.1599.101-1.\n\nWe recommend that you upgrade your chromium-browser packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2906 \nAtte Kettunen of OUSPG discovered race conditions in Web Audio.\n\nCVE-2013-2907 \nBoris Zbarsky discovered an out-of-bounds read in window.prototype.\n\nCVE-2013-2908 \nChamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-2909 \nAtte Kuttenen of OUSPG discovered a use-after-free issue in\ninline-block.\n\nCVE-2013-2910 \nByoungyoung Lee of the Georgia Tech Information Security Center\ndiscovered a use-after-free issue in Web Audio.\n\nCVE-2013-2911 \nAtte Kettunen of OUSPG discovered a use-after-free in Blink's XSLT\nhandling.\n\nCVE-2013-2912 \nChamal de Silva and 41.w4r10r(at)garage4hackers.com discovered a\nuse-after-free issue in the Pepper Plug-in API.\n\nCVE-2013-2913 \ncloudfuzzer discovered a use-after-free issue in Blink's XML\ndocument parsing.\n\nCVE-2013-2915 \nWander Groeneveld discovered an address bar spoofing issue.\n\nCVE-2013-2916 \nMasato Kinugawa discovered an address bar spoofing issue.\n\nCVE-2013-2917 \nByoungyoung Lee and Tielei Wang discovered an out-of-bounds read\nissue in Web Audio.\n\nCVE-2013-2918 \nByoungyoung Lee discoverd an out-of-bounds read in Blink's DOM\nimplementation.\n\nCVE-2013-2919 \nAdam Haile of Concrete Data discovered a memory corruption issue\nin the V8 javascript library.\n\nCVE-2013-2920 \nAtte Kuttunen of OUSPG discovered an out-of-bounds read in URL\nhost resolving.\n\nCVE-2013-2921 \nByoungyoung Lee and Tielei Wang discovered a use-after-free issue\nin resource loading.\n\nCVE-2013-2922 \nJon Butler discovered a use-after-free issue in Blink's HTML\ntemplate element implementation.\n\nCVE-2013-2924 \nA use-after-free issue was discovered in the International\nComponents for Unicode (ICU) library. \n\nCVE-2013-2925 \nAtte Kettunen of OUSPG discover a use-after-free issue in Blink's\nXML HTTP request implementation.\n\nCVE-2013-2926 \ncloudfuzzer discovered a use-after-free issue in the list indenting\nimplementation.\n\nCVE-2013-2927 \ncloudfuzzer discovered a use-after-free issue in the HTML form\nsubmission implementation. \n\nCVE-2013-2923 and CVE-2013-2928 \nThe chrome 30 development team found various issues from internal\nfuzzing, audits, and other studies.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892794);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-2906\", \"CVE-2013-2927\", \"CVE-2013-2913\", \"CVE-2013-2915\", \"CVE-2013-2912\", \"CVE-2013-2928\", \"CVE-2013-2920\", \"CVE-2013-2919\", \"CVE-2013-2917\", \"CVE-2013-2910\", \"CVE-2013-2908\", \"CVE-2013-2925\", \"CVE-2013-2922\", \"CVE-2013-2923\", \"CVE-2013-2918\", \"CVE-2013-2924\", \"CVE-2013-2926\", \"CVE-2013-2921\", \"CVE-2013-2907\", \"CVE-2013-2916\", \"CVE-2013-2909\", \"CVE-2013-2911\");\n script_name(\"Debian Security Advisory DSA 2785-1 (chromium-browser - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-10-26 00:00:00 +0200 (Sat, 26 Oct 2013)\");\n script_tag(name: \"cvss_base\", value:\"7.5\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2785.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"30.0.1599.101-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-12T11:10:25", "description": "Check for the Version of chromium", "cvss3": {}, "published": "2014-04-10T00:00:00", "type": "openvas", "title": "SuSE Update for chromium openSUSE-SU-2014:0501-1 (chromium)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1703", "CVE-2014-1705", "CVE-2014-1714", "CVE-2014-1713", "CVE-2014-1701", "CVE-2014-1704", "CVE-2014-1715", "CVE-2014-1702", "CVE-2014-1700"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850581", "href": "http://plugins.openvas.org/nasl.php?oid=850581", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2014_0501_1.nasl 8044 2017-12-08 08:32:49Z santu $\n#\n# SuSE Update for chromium openSUSE-SU-2014:0501-1 (chromium)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(850581);\n script_version(\"$Revision: 8044 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 09:32:49 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:35:21 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\",\n \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\",\n \"CVE-2014-1715\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for chromium openSUSE-SU-2014:0501-1 (chromium)\");\n\n tag_insight = \"\n Chromium was updated to the 33.0.1750.152 stable channel\n uodate:\n - Security fixes:\n * CVE-2014-1713: Use-after-free in Blink bindings\n * CVE-2014-1714: Windows clipboard vulnerability\n * CVE-2014-1705: Memory corruption in V8\n * CVE-2014-1715: Directory traversal issue\n\n Previous stable channel update 33.0.1750.149:\n - Security fixes:\n * CVE-2014-1700: Use-after-free in speech\n * CVE-2014-1701: UXSS in events\n * CVE-2014-1702: Use-after-free in web database\n * CVE-2014-1703: Potential sandbox escape due to a\n use-after-free in web sockets\n * CVE-2014-1704: Multiple vulnerabilities in V8 fixed in\n version 3.23.17.18\";\n\n tag_affected = \"chromium on openSUSE 13.1, openSUSE 12.3\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2014:0501_1\");\n script_summary(\"Check for the Version of chromium\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~33.0.1750.152~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-31T18:39:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-04-10T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2014:0501-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1703", "CVE-2014-1705", "CVE-2014-1714", "CVE-2014-1713", "CVE-2014-1701", "CVE-2014-1704", "CVE-2014-1715", "CVE-2014-1702", "CVE-2014-1700"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850581", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850581", "sourceData": "# Copyright (C) 2014 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850581\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:35:21 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\",\n \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\",\n \"CVE-2014-1715\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2014:0501-1)\");\n\n script_tag(name:\"affected\", value:\"chromium on openSUSE 13.1, openSUSE 12.3\");\n\n script_tag(name:\"insight\", value:\"Chromium was updated to the 33.0.1750.152 stable channel\n uodate:\n\n - Security fixes:\n\n * CVE-2014-1713: Use-after-free in Blink bindings\n\n * CVE-2014-1714: Windows clipboard vulnerability\n\n * CVE-2014-1705: Memory corruption in V8\n\n * CVE-2014-1715: Directory traversal issue\n\n Previous stable channel update 33.0.1750.149:\n\n - Security fixes:\n\n * CVE-2014-1700: Use-after-free in speech\n\n * CVE-2014-1701: UXSS in events\n\n * CVE-2014-1702: Use-after-free in web database\n\n * CVE-2014-1703: Potential sandbox escape due to a\n use-after-free in web sockets\n\n * CVE-2014-1704: Multiple vulnerabilities in V8 fixed in\n version 3.23.17.18\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2014:0501-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE12\\.3|openSUSE13\\.1)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE12.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~33.0.1750.152~1.33.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~33.0.1750.152~25.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-23T19:05:28", "description": "This host is installed with Google Chrome and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2013-11-19T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities Nov2013 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2020-04-21T00:00:00", "id": "OPENVAS:1361412562310803963", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803963", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities Nov2013 (Windows)\n#\n# Authors:\n# Shashi Kiran N <nskiran@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803963\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\",\n \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\",\n \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\", \"CVE-2013-2931\");\n script_bugtraq_id(63667, 63669, 63671, 63670, 63672, 63674, 63675, 63678,\n 63676, 63679, 63673, 63677);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-11-19 16:33:37 +0530 (Tue, 19 Nov 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities Nov2013 (Windows)\");\n\n\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version 31.0.1650.48 or later.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Use after free related to speech input elements\n\n - Use after free related to media elements\n\n - Out of bounds read in SVG\n\n - Use after free related to 'id' attribute strings\n\n - Use after free in DOM ranges\n\n - Address bar spoofing related to interstitial warnings\n\n - Out of bounds read in HTTP parsing\n\n - Issue with certificates not being checked during TLS renegotiation\n\n - Read of uninitialized memory in libjpeg and libjpeg-turbo\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 31.0.1650.48 on Windows\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause a denial of\nservice condition, information disclosure or possibly have other impact via\nunknown vectors.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/11/stable-channel-update.html\");\n script_xref(name:\"URL\", value:\"http://seclists.org/bugtraq/2013/Nov/76\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!my_app_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:my_app_ver, test_version:\"31.0.1650.48\"))\n{\n report = report_fixed_ver(installed_version:my_app_ver, fixed_version:\"31.0.1650.48\");\n security_message(port: 0, data: report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-23T19:05:41", "description": "This host is installed with Google Chrome and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2013-11-19T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities Nov2013 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2020-04-21T00:00:00", "id": "OPENVAS:1361412562310803965", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803965", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities Nov2013 (Mac OS X)\n#\n# Authors:\n# Shashi Kiran N <nskiran@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803965\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\",\n \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\",\n \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\", \"CVE-2013-2931\");\n script_bugtraq_id(63667, 63669, 63671, 63670, 63672, 63674, 63675, 63678,\n 63676, 63679, 63673, 63677);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-11-19 16:43:17 +0530 (Tue, 19 Nov 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities Nov2013 (Mac OS X)\");\n\n\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version 31.0.1650.48 or later.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Use after free related to speech input elements\n\n - Use after free related to media elements\n\n - Out of bounds read in SVG\n\n - Use after free related to 'id' attribute strings\n\n - Use after free in DOM ranges\n\n - Address bar spoofing related to interstitial warnings\n\n - Out of bounds read in HTTP parsing\n\n - Issue with certificates not being checked during TLS renegotiation\n\n - Read of uninitialized memory in libjpeg and libjpeg-turbo\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 31.0.1650.48 on Mac OS X\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause a denial of\nservice condition, information disclosure or possibly have other impact via\nunknown vectors.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/11/stable-channel-update.html\");\n script_xref(name:\"URL\", value:\"http://seclists.org/bugtraq/2013/Nov/76\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!my_app_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:my_app_ver, test_version:\"31.0.1650.48\"))\n{\n report = report_fixed_ver(installed_version:my_app_ver, fixed_version:\"31.0.1650.48\");\n security_message(port: 0, data: report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-23T19:05:38", "description": "This host is installed with Google Chrome and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2013-11-19T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities Nov2013 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2020-04-21T00:00:00", "id": "OPENVAS:1361412562310803964", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803964", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities Nov2013 (Linux)\n#\n# Authors:\n# Shashi Kiran N <nskiran@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803964\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\",\n \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\",\n \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\", \"CVE-2013-2931\");\n script_bugtraq_id(63667, 63669, 63671, 63670, 63672, 63674, 63675, 63678,\n 63676, 63679, 63673, 63677);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-11-19 16:23:37 +0530 (Tue, 19 Nov 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities Nov2013 (Linux)\");\n\n\n script_tag(name:\"summary\", value:\"This host is installed with Google Chrome and is prone to multiple vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version 31.0.1650.48 or later.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Use after free related to speech input elements\n\n - Use after free related to media elements\n\n - Out of bounds read in SVG\n\n - Use after free related to 'id' attribute strings\n\n - Use after free in DOM ranges\n\n - Address bar spoofing related to interstitial warnings\n\n - Out of bounds read in HTTP parsing\n\n - Issue with certificates not being checked during TLS renegotiation\n\n - Read of uninitialized memory in libjpeg and libjpeg-turbo\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 31.0.1650.48 on Linux\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause a denial of\nservice condition, information disclosure or possibly have other impact via\nunknown vectors.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/11/stable-channel-update.html\");\n script_xref(name:\"URL\", value:\"http://seclists.org/bugtraq/2013/Nov/76\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!my_app_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:my_app_ver, test_version:\"31.0.1650.48\"))\n{\n report = report_fixed_ver(installed_version:my_app_ver, fixed_version:\"31.0.1650.48\");\n security_message(port: 0, data: report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:47", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2931 \nThe chrome 31 development team found various issues from internal\nfuzzing, audits, and other studies.\n\nCVE-2013-6621 \nKhalil Zhani discovered a use-after-free issue in speech input\nhandling.\n\nCVE-2013-6622cloudfuzzer \ndiscovered a use-after-free issue in\nHTMLMediaElement.\n\nCVE-2013-6623miaubiz \ndiscovered an out-of-bounds read in the Blink/Webkit SVG\nimplementation.\n\nCVE-2013-6624 \nJon Butler discovered a use-after-free issue in id attribute\nstrings.\n\nCVE-2013-6625cloudfuzzer \ndiscovered a use-after-free issue in the Blink/Webkit\nDOM implementation.\n\nCVE-2013-6626 \nChamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-6627skylined \ndiscovered an out-of-bounds read in the HTTP stream\nparser.\n\nCVE-2013-6628 \nAntoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris\ndiscovered that a different (unverified) certificate could be used\nafter successful TLS renegotiation with a valid certificate.\n\nCVE-2013-6629 \nMichal Zalewski discovered an uninitialized memory read in the\nlibjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6630 \nMichal Zalewski discovered another uninitialized memory read in\nthe libjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6631 \nPatrik H\u00f6glund discovered a use-free issue in the libjingle\nlibrary.\n\nCVE-2013-6632 \nPinkie Pie discovered multiple memory corruption issues.", "cvss3": {}, "published": "2013-11-16T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2799-1 (chromium-browser - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6632", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892799", "href": "http://plugins.openvas.org/nasl.php?oid=892799", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2799.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2799-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"chromium-browser on Debian Linux\";\ntag_insight = \"Chromium is an open-source browser project that aims to build a safer, faster,\nand more stable way for all Internet users to experience the web.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 31.0.1650.57-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.0.1650.57-1.\n\nWe recommend that you upgrade your chromium-browser packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2931 \nThe chrome 31 development team found various issues from internal\nfuzzing, audits, and other studies.\n\nCVE-2013-6621 \nKhalil Zhani discovered a use-after-free issue in speech input\nhandling.\n\nCVE-2013-6622cloudfuzzer \ndiscovered a use-after-free issue in\nHTMLMediaElement.\n\nCVE-2013-6623miaubiz \ndiscovered an out-of-bounds read in the Blink/Webkit SVG\nimplementation.\n\nCVE-2013-6624 \nJon Butler discovered a use-after-free issue in id attribute\nstrings.\n\nCVE-2013-6625cloudfuzzer \ndiscovered a use-after-free issue in the Blink/Webkit\nDOM implementation.\n\nCVE-2013-6626 \nChamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-6627skylined \ndiscovered an out-of-bounds read in the HTTP stream\nparser.\n\nCVE-2013-6628 \nAntoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris\ndiscovered that a different (unverified) certificate could be used\nafter successful TLS renegotiation with a valid certificate.\n\nCVE-2013-6629 \nMichal Zalewski discovered an uninitialized memory read in the\nlibjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6630 \nMichal Zalewski discovered another uninitialized memory read in\nthe libjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6631 \nPatrik H\u00f6glund discovered a use-free issue in the libjingle\nlibrary.\n\nCVE-2013-6632 \nPinkie Pie discovered multiple memory corruption issues.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892799);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-6626\", \"CVE-2013-6623\", \"CVE-2013-6631\", \"CVE-2013-6625\", \"CVE-2013-6624\", \"CVE-2013-6630\", \"CVE-2013-6632\", \"CVE-2013-6629\", \"CVE-2013-6628\", \"CVE-2013-2931\", \"CVE-2013-6627\", \"CVE-2013-6621\", \"CVE-2013-6622\");\n script_name(\"Debian Security Advisory DSA 2799-1 (chromium-browser - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-11-16 00:00:00 +0100 (Sat, 16 Nov 2013)\");\n script_tag(name: \"cvss_base\", value:\"10.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2799.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-31T18:40:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-12-03T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2013:1777-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6632", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850555", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850555", "sourceData": "# Copyright (C) 2013 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850555\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-12-03 14:46:38 +0530 (Tue, 03 Dec 2013)\");\n script_cve_id(\"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\",\n \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\",\n \"CVE-2013-6628\", \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\",\n \"CVE-2013-6632\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2013:1777-1)\");\n\n script_tag(name:\"affected\", value:\"chromium on openSUSE 12.2\");\n\n script_tag(name:\"insight\", value:\"Chromium was updated to 31.0.1650.57: Stable channel update:\n\n - Security Fixes:\n\n * CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 (bnc#850430) Stable\n Channel update:\n\n - Security fixes:\n\n * CVE-2013-6621: Use after free related to speech input\n elements..\n\n * CVE-2013-6622: Use after free related to media\n elements.\n\n * CVE-2013-6623: Out of bounds read in SVG.\n\n * CVE-2013-6624: Use after free related to id\n attribute strings.\n\n * CVE-2013-6625: Use after free in DOM ranges.\n\n * CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n\n * CVE-2013-6627: Out of bounds read in HTTP parsing.\n\n * CVE-2013-6628: Issue with certificates not being\n checked during TLS renegotiation.\n\n * CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n * CVE-2013-6629: Read of uninitialized memory in\n libjpeg and libjpeg-turbo.\n\n * CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n\n * CVE-2013-6631: Use after free in libjingle.\n\n - Added patch chromium-fix-chromedriver-build.diff to fix\n the chromedriver build\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2013:1777-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE12\\.2\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE12.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-19T15:09:04", "description": "Check for the Version of chromium", "cvss3": {}, "published": "2013-12-03T00:00:00", "type": "openvas", "title": "SuSE Update for chromium openSUSE-SU-2013:1777-1 (chromium)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6632", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:850555", "href": "http://plugins.openvas.org/nasl.php?oid=850555", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_1777_1.nasl 8466 2018-01-19 06:58:30Z teissa $\n#\n# SuSE Update for chromium openSUSE-SU-2013:1777-1 (chromium)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(850555);\n script_version(\"$Revision: 8466 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 07:58:30 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-03 14:46:38 +0530 (Tue, 03 Dec 2013)\");\n script_cve_id(\"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\",\n \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\",\n \"CVE-2013-6628\", \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6631\",\n \"CVE-2013-6632\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for chromium openSUSE-SU-2013:1777-1 (chromium)\");\n\n tag_insight = \"\n Chromium was updated to 31.0.1650.57: Stable channel update:\n - Security Fixes:\n * CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 (bnc#850430) Stable\n Channel update:\n - Security fixes:\n * CVE-2013-6621: Use after free related to speech input\n elements..\n * CVE-2013-6622: Use after free related to media\n elements.\n * CVE-2013-6623: Out of bounds read in SVG.\n * CVE-2013-6624: Use after free related to id\n attribute strings.\n * CVE-2013-6625: Use after free in DOM ranges.\n * CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n * CVE-2013-6627: Out of bounds read in HTTP parsing.\n * CVE-2013-6628: Issue with certificates not being\n checked during TLS renegotiation.\n * CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n * CVE-2013-6629: Read of uninitialized memory in\n libjpeg and libjpeg-turbo.\n * CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n * CVE-2013-6631: Use after free in libjingle.\n - Added patch chromium-fix-chromedriver-build.diff to fix\n the chromedriver build\";\n\n tag_affected = \"chromium on openSUSE 12.2\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2013:1777_1\");\n script_tag(name: \"summary\" , value: \"Check for the Version of chromium\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper\", rpm:\"chromium-suid-helper~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-suid-helper-debuginfo\", rpm:\"chromium-suid-helper-debuginfo~31.0.1650.57~1.54.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:22", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2931\nThe chrome 31 development team found various issues from internal\nfuzzing, audits, and other studies.\n\nCVE-2013-6621\nKhalil Zhani discovered a use-after-free issue in speech input\nhandling.\n\nCVE-2013-6622cloudfuzzer\ndiscovered a use-after-free issue in\nHTMLMediaElement.\n\nCVE-2013-6623miaubiz\ndiscovered an out-of-bounds read in the Blink/Webkit SVG\nimplementation.\n\nCVE-2013-6624\nJon Butler discovered a use-after-free issue in id attribute\nstrings.\n\nCVE-2013-6625cloudfuzzer\ndiscovered a use-after-free issue in the Blink/Webkit\nDOM implementation.\n\nCVE-2013-6626\nChamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-6627skylined\ndiscovered an out-of-bounds read in the HTTP stream\nparser.\n\nCVE-2013-6628\nAntoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris\ndiscovered that a different (unverified) certificate could be used\nafter successful TLS renegotiation with a valid certificate.\n\nCVE-2013-6629\nMichal Zalewski discovered an uninitialized memory read in the\nlibjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6630\nMichal Zalewski discovered another uninitialized memory read in\nthe libjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6631\nPatrik H\u00f6glund discovered a use-free issue in the libjingle\nlibrary.\n\nCVE-2013-6632\nPinkie Pie discovered multiple memory corruption issues.", "cvss3": {}, "published": "2013-11-16T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2799-1 (chromium-browser - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6632", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892799", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892799", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2799.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2799-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892799\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-6626\", \"CVE-2013-6623\", \"CVE-2013-6631\", \"CVE-2013-6625\", \"CVE-2013-6624\", \"CVE-2013-6630\", \"CVE-2013-6632\", \"CVE-2013-6629\", \"CVE-2013-6628\", \"CVE-2013-2931\", \"CVE-2013-6627\", \"CVE-2013-6621\", \"CVE-2013-6622\");\n script_name(\"Debian Security Advisory DSA 2799-1 (chromium-browser - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-11-16 00:00:00 +0100 (Sat, 16 Nov 2013)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2799.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 31.0.1650.57-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.0.1650.57-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2931\nThe chrome 31 development team found various issues from internal\nfuzzing, audits, and other studies.\n\nCVE-2013-6621\nKhalil Zhani discovered a use-after-free issue in speech input\nhandling.\n\nCVE-2013-6622cloudfuzzer\ndiscovered a use-after-free issue in\nHTMLMediaElement.\n\nCVE-2013-6623miaubiz\ndiscovered an out-of-bounds read in the Blink/Webkit SVG\nimplementation.\n\nCVE-2013-6624\nJon Butler discovered a use-after-free issue in id attribute\nstrings.\n\nCVE-2013-6625cloudfuzzer\ndiscovered a use-after-free issue in the Blink/Webkit\nDOM implementation.\n\nCVE-2013-6626\nChamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-6627skylined\ndiscovered an out-of-bounds read in the HTTP stream\nparser.\n\nCVE-2013-6628\nAntoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris\ndiscovered that a different (unverified) certificate could be used\nafter successful TLS renegotiation with a valid certificate.\n\nCVE-2013-6629\nMichal Zalewski discovered an uninitialized memory read in the\nlibjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6630\nMichal Zalewski discovered another uninitialized memory read in\nthe libjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6631\nPatrik H\u00f6glund discovered a use-free issue in the libjingle\nlibrary.\n\nCVE-2013-6632\nPinkie Pie discovered multiple memory corruption issues.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"31.0.1650.57-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:51", "description": "Several vulnerabilities have been discovered in the Chromium web browser.\n\nCVE-2013-2853\nThe HTTPS implementation does not ensure that headers are terminated\nby \\r\\n\\r\\n (carriage return, newline, carriage return, newline).\n\nCVE-2013-2867\nChrome does not properly prevent pop-under windows.\n\nCVE-2013-2868\ncommon/extensions/sync_helper.cc proceeds with sync operations for\nNPAPI extensions without checking for a certain plugin permission\nsetting.\n\nCVE-2013-2869\nDenial of service (out-of-bounds read) via a crafted JPEG2000\nimage.\n\nCVE-2013-2870\nUse-after-free vulnerability in network sockets.\n\nCVE-2013-2871\nUse-after-free vulnerability in input handling.\n\nCVE-2013-2873\nUse-after-free vulnerability in resource loading.\n\nCVE-2013-2875\nOut-of-bounds read in SVG file handling.\n\nCVE-2013-2876\nChromium does not properly enforce restrictions on the capture of\nscreenshots by extensions, which could lead to information\ndisclosure from previous page visits.\n\nCVE-2013-2877\nOut-of-bounds read in XML file handling.\n\nCVE-2013-2878\nOut-of-bounds read in text handling.\n\nCVE-2013-2879\nThe circumstances in which a renderer process can be considered a\ntrusted process for sign-in and subsequent sync operations were\nnot properly checked.\n\nCVE-2013-2880\nThe Chromium 28 development team found various issues from internal\nfuzzing, audits, and other studies.", "cvss3": {}, "published": "2013-07-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2724-1 (chromium-browser - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2880", "CVE-2013-2867", "CVE-2013-2878", "CVE-2013-2853", "CVE-2013-2876", "CVE-2013-2870", "CVE-2013-2877", "CVE-2013-2875", "CVE-2013-2869", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2868", "CVE-2013-2879"], "modified": "2019-05-24T00:00:00", "id": "OPENVAS:1361412562310892724", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892724", "sourceData": "# OpenVAS Vulnerability Test\n# Auto-generated from advisory DSA 2724-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892724\");\n script_version(\"2019-05-24T11:20:30+0000\");\n script_cve_id(\"CVE-2013-2877\", \"CVE-2013-2871\", \"CVE-2013-2853\", \"CVE-2013-2876\", \"CVE-2013-2867\", \"CVE-2013-2875\", \"CVE-2013-2870\", \"CVE-2013-2868\", \"CVE-2013-2879\", \"CVE-2013-2878\", \"CVE-2013-2880\", \"CVE-2013-2869\", \"CVE-2013-2873\");\n script_name(\"Debian Security Advisory DSA 2724-1 (chromium-browser - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"2019-05-24 11:20:30 +0000 (Fri, 24 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-07-17 00:00:00 +0200 (Wed, 17 Jul 2013)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2724.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 28.0.1500.71-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 28.0.1500.71-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Chromium web browser.\n\nCVE-2013-2853\nThe HTTPS implementation does not ensure that headers are terminated\nby \\r\\n\\r\\n (carriage return, newline, carriage return, newline).\n\nCVE-2013-2867\nChrome does not properly prevent pop-under windows.\n\nCVE-2013-2868\ncommon/extensions/sync_helper.cc proceeds with sync operations for\nNPAPI extensions without checking for a certain plugin permission\nsetting.\n\nCVE-2013-2869\nDenial of service (out-of-bounds read) via a crafted JPEG2000\nimage.\n\nCVE-2013-2870\nUse-after-free vulnerability in network sockets.\n\nCVE-2013-2871\nUse-after-free vulnerability in input handling.\n\nCVE-2013-2873\nUse-after-free vulnerability in resource loading.\n\nCVE-2013-2875\nOut-of-bounds read in SVG file handling.\n\nCVE-2013-2876\nChromium does not properly enforce restrictions on the capture of\nscreenshots by extensions, which could lead to information\ndisclosure from previous page visits.\n\nCVE-2013-2877\nOut-of-bounds read in XML file handling.\n\nCVE-2013-2878\nOut-of-bounds read in text handling.\n\nCVE-2013-2879\nThe circumstances in which a renderer process can be considered a\ntrusted process for sign-in and subsequent sync operations were\nnot properly checked.\n\nCVE-2013-2880\nThe Chromium 28 development team found various issues from internal\nfuzzing, audits, and other studies.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:30", "description": "Several vulnerabilities have been discovered in the Chromium web browser.\n\nCVE-2013-2853 \nThe HTTPS implementation does not ensure that headers are terminated\nby \\r\\n\\r\\n (carriage return, newline, carriage return, newline).\n\nCVE-2013-2867 \nChrome does not properly prevent pop-under windows.\n\nCVE-2013-2868 \ncommon/extensions/sync_helper.cc proceeds with sync operations for\nNPAPI extensions without checking for a certain plugin permission\nsetting.\n\nCVE-2013-2869 \nDenial of service (out-of-bounds read) via a crafted JPEG2000\nimage.\n\nCVE-2013-2870 \nUse-after-free vulnerability in network sockets.\n\nCVE-2013-2871 \nUse-after-free vulnerability in input handling.\n\nCVE-2013-2873 \nUse-after-free vulnerability in resource loading.\n\nCVE-2013-2875 \nOut-of-bounds read in SVG file handling.\n\nCVE-2013-2876 \nChromium does not properly enforce restrictions on the capture of\nscreenshots by extensions, which could lead to information\ndisclosure from previous page visits.\n\nCVE-2013-2877 \nOut-of-bounds read in XML file handling.\n\nCVE-2013-2878 \nOut-of-bounds read in text handling.\n\nCVE-2013-2879 \nThe circumstances in which a renderer process can be considered a\ntrusted process for sign-in and subsequent sync operations were\nnot propertly checked.\n\nCVE-2013-2880 \nThe Chromium 28 development team found various issues from internal\nfuzzing, audits, and other studies.", "cvss3": {}, "published": "2013-07-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2724-1 (chromium-browser - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2880", "CVE-2013-2867", "CVE-2013-2878", "CVE-2013-2853", "CVE-2013-2876", "CVE-2013-2870", "CVE-2013-2877", "CVE-2013-2875", "CVE-2013-2869", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2868", "CVE-2013-2879"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892724", "href": "http://plugins.openvas.org/nasl.php?oid=892724", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2724.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2724-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"chromium-browser on Debian Linux\";\ntag_insight = \"Chromium is an open-source browser project that aims to build a safer, faster,\nand more stable way for all Internet users to experience the web.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 28.0.1500.71-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 28.0.1500.71-1.\n\nWe recommend that you upgrade your chromium-browser packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in the Chromium web browser.\n\nCVE-2013-2853 \nThe HTTPS implementation does not ensure that headers are terminated\nby \\r\\n\\r\\n (carriage return, newline, carriage return, newline).\n\nCVE-2013-2867 \nChrome does not properly prevent pop-under windows.\n\nCVE-2013-2868 \ncommon/extensions/sync_helper.cc proceeds with sync operations for\nNPAPI extensions without checking for a certain plugin permission\nsetting.\n\nCVE-2013-2869 \nDenial of service (out-of-bounds read) via a crafted JPEG2000\nimage.\n\nCVE-2013-2870 \nUse-after-free vulnerability in network sockets.\n\nCVE-2013-2871 \nUse-after-free vulnerability in input handling.\n\nCVE-2013-2873 \nUse-after-free vulnerability in resource loading.\n\nCVE-2013-2875 \nOut-of-bounds read in SVG file handling.\n\nCVE-2013-2876 \nChromium does not properly enforce restrictions on the capture of\nscreenshots by extensions, which could lead to information\ndisclosure from previous page visits.\n\nCVE-2013-2877 \nOut-of-bounds read in XML file handling.\n\nCVE-2013-2878 \nOut-of-bounds read in text handling.\n\nCVE-2013-2879 \nThe circumstances in which a renderer process can be considered a\ntrusted process for sign-in and subsequent sync operations were\nnot propertly checked.\n\nCVE-2013-2880 \nThe Chromium 28 development team found various issues from internal\nfuzzing, audits, and other studies.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892724);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-2877\", \"CVE-2013-2871\", \"CVE-2013-2853\", \"CVE-2013-2876\", \"CVE-2013-2867\", \"CVE-2013-2875\", \"CVE-2013-2870\", \"CVE-2013-2868\", \"CVE-2013-2879\", \"CVE-2013-2878\", \"CVE-2013-2880\", \"CVE-2013-2869\", \"CVE-2013-2873\");\n script_name(\"Debian Security Advisory DSA 2724-1 (chromium-browser - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-07-17 00:00:00 +0200 (Wed, 17 Jul 2013)\");\n script_tag(name: \"cvss_base\", value:\"9.3\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2724.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"28.0.1500.71-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-04-23T19:05:34", "description": "The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2013-07-16T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-01 July13 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2880", "CVE-2013-2867", "CVE-2013-2878", "CVE-2013-2874", "CVE-2013-2853", "CVE-2013-2876", "CVE-2013-2870", "CVE-2013-2877", "CVE-2013-2875", "CVE-2013-2869", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2868", "CVE-2013-2879"], "modified": "2020-04-21T00:00:00", "id": "OPENVAS:1361412562310803902", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803902", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-01 July13 (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803902\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-2867\", \"CVE-2013-2879\", \"CVE-2013-2868\", \"CVE-2013-2869\", \"CVE-2013-2870\",\n \"CVE-2013-2853\", \"CVE-2013-2871\", \"CVE-2013-2873\", \"CVE-2013-2875\", \"CVE-2013-2876\",\n \"CVE-2013-2877\", \"CVE-2013-2878\", \"CVE-2013-2880\",\n \"CVE-2013-2874\"); # nb: Windows only\n script_bugtraq_id(61046, 61052, 61055, 61047, 61059, 61061, 61057, 61051, 61056,\n 61060, 61053, 61054, 61058, 61050, 61049);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-07-16 18:40:12 +0530 (Tue, 16 Jul 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-01 July13 (Windows)\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code,\n bypass security restrictions, disclose potentially sensitive data, or cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 28.0.1500.71 on Windows.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws due to,\n\n - Error exists when setting up sign-in and sync operations.\n\n - An out-of-bounds read error exists within text handling.\n\n - 'parser.c in libxml2' has out-of-bounds read error, related to the lack of\n checks for the XML_PARSER_EOF state.\n\n - 'browser/extensions/api/tabs/tabs_api.cc' does not enforce restrictions on\n the capture of screenshots by extensions.\n\n - An out-of-bounds read error exists in SVG handling.\n\n - Unspecified error related to GL textures, only when an Nvidia GPU is used.\n\n - Unspecified use-after-free vulnerabilities.\n\n - An out-of-bounds read error exists within JPEG2000 handling.\n\n - Unspecified error exists within sync of NPAPI extension component.\n\n - Does not properly prevent pop.\n\n - HTTPS implementation does not ensure how headers are terminated.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 28.0.1500.71 or later.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/54017\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/07/stable-channel-update.html\");\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"28.0.1500.71\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"28.0.1500.71\");\n security_message(port: 0, data: report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:11:10", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2013-07-16T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-01 July13 (MAC OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2872", "CVE-2013-2880", "CVE-2013-2867", "CVE-2013-2878", "CVE-2013-2853", "CVE-2013-2876", "CVE-2013-2870", "CVE-2013-2877", "CVE-2013-2875", "CVE-2013-2869", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2868", "CVE-2013-2879"], "modified": "2017-05-11T00:00:00", "id": "OPENVAS:803903", "href": "http://plugins.openvas.org/nasl.php?oid=803903", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln01_jul13_macosx.nasl 6104 2017-05-11 09:03:48Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities-01 July13 (MAC OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"\n Impact Level: System/Application\";\n\nif(description)\n{\n script_id(803903);\n script_version(\"$Revision: 6104 $\");\n script_cve_id(\"CVE-2013-2880\", \"CVE-2013-2879\", \"CVE-2013-2878\", \"CVE-2013-2877\",\n \"CVE-2013-2876\", \"CVE-2013-2875\", \"CVE-2013-2873\", \"CVE-2013-2872\",\n \"CVE-2013-2871\", \"CVE-2013-2870\", \"CVE-2013-2869\", \"CVE-2013-2868\",\n \"CVE-2013-2868\", \"CVE-2013-2867\", \"CVE-2013-2853\");\n script_bugtraq_id(61046, 61052, 61055, 61047, 61059, 61061, 61057, 61051, 61056,\n 61060, 61053, 61054, 61058, 61050, 61049);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-11 11:03:48 +0200 (Thu, 11 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-16 19:10:22 +0530 (Tue, 16 Jul 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-01 July13 (MAC OS X)\");\n\n tag_summary =\n\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\";\n\n tag_insight =\n\"Multiple flaws due to,\n - Error exists when setting up sign-in and sync operations.\n - An out-of-bounds read error exists within text handling.\n - 'parser.c in libxml2' has out-of-bounds read error, related to the lack of\n checks for the XML_PARSER_EOF state.\n - 'browser/extensions/api/tabs/tabs_api.cc' does not enforce restrictions on\n the capture of screenshots by extensions.\n - An out-of-bounds read error exists in SVG handling.\n - Unspecified error related to GL textures, only when an Nvidia GPU is used.\n - Unspecified use-after-free vulnerabilities.\n - An out-of-bounds read error exists within JPEG2000 handling.\n - Unspecified error exists within sync of NPAPI extension component.\n - Does not properly prevent pop.\n - HTTPS implementation does not ensure how headers are terminated.\";\n\n tag_vuldetect =\n\"Get the installed version with the help of detect NVT and check the version\nis vulnerable or not.\";\n\n tag_impact =\n\"Successful exploitation will allow attackers to execute arbitrary code,\nbypass security restrictions, disclose potentially sensitive data, or cause\ndenial of service condition.\";\n\n tag_affected =\n\"Google Chrome version prior to 28.0.1500.71 on MAC OS X.\";\n\n tag_solution =\n\"Upgrade to the Google Chrome 28.0.1500.71 or later,\nFor updates refer to http://www.google.com/chrome \";\n\n\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54017\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2013/07/stable-channel-update.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 28.0.1500.71\nif(version_is_less(version:chromeVer, test_version:\"28.0.1500.71\"))\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-04-23T19:05:40", "description": "The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2013-07-16T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-01 July13 (MAC OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2872", "CVE-2013-2880", "CVE-2013-2867", "CVE-2013-2878", "CVE-2013-2853", "CVE-2013-2876", "CVE-2013-2870", "CVE-2013-2877", "CVE-2013-2875", "CVE-2013-2869", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2868", "CVE-2013-2879"], "modified": "2020-04-21T00:00:00", "id": "OPENVAS:1361412562310803903", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803903", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-01 July13 (MAC OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803903\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-2867\", \"CVE-2013-2879\", \"CVE-2013-2868\", \"CVE-2013-2869\", \"CVE-2013-2870\",\n \"CVE-2013-2853\", \"CVE-2013-2871\", \"CVE-2013-2873\", \"CVE-2013-2875\", \"CVE-2013-2876\",\n \"CVE-2013-2877\", \"CVE-2013-2878\", \"CVE-2013-2880\",\n \"CVE-2013-2872\"); # nb: Mac only\n script_bugtraq_id(61046, 61052, 61055, 61047, 61059, 61061, 61057, 61051, 61056,\n 61060, 61053, 61054, 61058, 61050, 61049);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-07-16 19:10:22 +0530 (Tue, 16 Jul 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-01 July13 (MAC OS X)\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code,\n bypass security restrictions, disclose potentially sensitive data, or cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 28.0.1500.71 on MAC OS X.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws due to,\n\n - Error exists when setting up sign-in and sync operations.\n\n - An out-of-bounds read error exists within text handling.\n\n - 'parser.c in libxml2' has out-of-bounds read error, related to the lack of\n checks for the XML_PARSER_EOF state.\n\n - 'browser/extensions/api/tabs/tabs_api.cc' does not enforce restrictions on\n the capture of screenshots by extensions.\n\n - An out-of-bounds read error exists in SVG handling.\n\n - Unspecified error related to GL textures, only when an Nvidia GPU is used.\n\n - Unspecified use-after-free vulnerabilities.\n\n - An out-of-bounds read error exists within JPEG2000 handling.\n\n - Unspecified error exists within sync of NPAPI extension component.\n\n - Does not properly prevent pop.\n\n - HTTPS implementation does not ensure how headers are terminated.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 28.0.1500.71 or later.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/54017\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2013/07/stable-channel-update.html\");\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"28.0.1500.71\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"28.0.1500.71\");\n security_message(port: 0, data: report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:11:04", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2013-07-16T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-01 July13 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2872", "CVE-2013-2880", "CVE-2013-2867", "CVE-2013-2878", "CVE-2013-2874", "CVE-2013-2853", "CVE-2013-2876", "CVE-2013-2870", "CVE-2013-2877", "CVE-2013-2875", "CVE-2013-2869", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2868", "CVE-2013-2879"], "modified": "2017-05-12T00:00:00", "id": "OPENVAS:803902", "href": "http://plugins.openvas.org/nasl.php?oid=803902", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln01_jul13_win.nasl 6115 2017-05-12 09:03:25Z teissa $\n#\n# Google Chrome Multiple Vulnerabilities-01 July13 (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"\n Impact Level: System/Application\";\n\nif(description)\n{\n script_id(803902);\n script_version(\"$Revision: 6115 $\");\n script_cve_id(\"CVE-2013-2880\", \"CVE-2013-2879\", \"CVE-2013-2878\", \"CVE-2013-2877\",\n \"CVE-2013-2876\", \"CVE-2013-2875\", \"CVE-2013-2874\", \"CVE-2013-2873\",\n \"CVE-2013-2872\", \"CVE-2013-2871\", \"CVE-2013-2870\", \"CVE-2013-2869\",\n \"CVE-2013-2868\", \"CVE-2013-2867\", \"CVE-2013-2853\");\n script_bugtraq_id(61046, 61052, 61055, 61047, 61059, 61061, 61057, 61051, 61056,\n 61060, 61053, 61054, 61058, 61050, 61049);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-16 18:40:12 +0530 (Tue, 16 Jul 2013)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-01 July13 (Windows)\");\n\n tag_summary =\n\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\";\n\n tag_insight =\n\"Multiple flaws due to,\n - Error exists when setting up sign-in and sync operations.\n - An out-of-bounds read error exists within text handling.\n - 'parser.c in libxml2' has out-of-bounds read error, related to the lack of\n checks for the XML_PARSER_EOF state.\n - 'browser/extensions/api/tabs/tabs_api.cc' does not enforce restrictions on\n the capture of screenshots by extensions.\n - An out-of-bounds read error exists in SVG handling.\n - Unspecified error related to GL textures, only when an Nvidia GPU is used.\n - Unspecified use-after-free vulnerabilities.\n - An out-of-bounds read error exists within JPEG2000 handling.\n - Unspecified error exists within sync of NPAPI extension component.\n - Does not properly prevent pop.\n - HTTPS implementation does not ensure how headers are terminated.\";\n\n tag_vuldetect =\n\"Get the installed version with the help of detect NVT and check the version\nis vulnerable or not.\";\n\n tag_impact =\n\"Successful exploitation will allow attackers to execute arbitrary code,\nbypass security restrictions, disclose potentially sensitive data, or cause\ndenial of service condition.\";\n\n tag_affected =\n\"Google Chrome version prior to 28.0.1500.71 on Windows.\";\n\n tag_solution =\n\"Upgrade to the Google Chrome 28.0.1500.71 or later,\nFor updates refer to http://www.google.com/chrome \";\n\n\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54017\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.in/2013/07/stable-channel-update.html\");\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nchromeVer = \"\";\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 28.0.1500.71\nif(version_is_less(version:chromeVer, test_version:\"28.0.1500.71\"))\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:58", "description": "Gentoo Linux Local Security Checks GLSA 201403-01", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201403-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6635", "CVE-2013-6649", "CVE-2013-2922", "CVE-2013-2915", "CVE-2013-6802", "CVE-2013-6667", "CVE-2013-6655", "CVE-2013-2920", "CVE-2013-6658", "CVE-2013-6661", "CVE-2013-2931", "CVE-2013-6660", "CVE-2013-6644", "CVE-2013-2926", "CVE-2013-2907", "CVE-2013-2919", "CVE-2013-2921", "CVE-2013-2908", "CVE-2013-6665", "CVE-2013-2913", "CVE-2013-6666", "CVE-2013-2912", "CVE-2013-6626", "CVE-2013-6636", "CVE-2013-6656", "CVE-2013-6654", "CVE-2013-6653", "CVE-2013-6663", "CVE-2013-6627", "CVE-2013-2917", "CVE-2013-2910", "CVE-2013-2916", "CVE-2013-2925", "CVE-2013-6625", "CVE-2013-6641", "CVE-2013-6659", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6634", "CVE-2013-6646", "CVE-2013-6638", "CVE-2013-6643", "CVE-2013-6639", "CVE-2013-6628", "CVE-2013-2927", "CVE-2013-2906", "CVE-2013-2923", "CVE-2013-6632", "CVE-2013-2911", "CVE-2013-2909", "CVE-2013-6637", "CVE-2013-6622", "CVE-2013-6652", "CVE-2013-6657", "CVE-2014-1681", "CVE-2013-2918", "CVE-2013-6645", "CVE-2013-6623", "CVE-2013-6668", "CVE-2013-6664", "CVE-2013-2928", "CVE-2013-6650", "CVE-2013-6640"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121161", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121161", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201403-01.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121161\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:58 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201403-01\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201403-01\");\n script_cve_id(\"CVE-2013-2906\", \"CVE-2013-2907\", \"CVE-2013-2908\", \"CVE-2013-2909\", \"CVE-2013-2910\", \"CVE-2013-2911\", \"CVE-2013-2912\", \"CVE-2013-2913\", \"CVE-2013-2915\", \"CVE-2013-2916\", \"CVE-2013-2917\", \"CVE-2013-2918\", \"CVE-2013-2919\", \"CVE-2013-2920\", \"CVE-2013-2921\", \"CVE-2013-2922\", \"CVE-2013-2923\", \"CVE-2013-2925\", \"CVE-2013-2926\", \"CVE-2013-2927\", \"CVE-2013-2928\", \"CVE-2013-2931\", \"CVE-2013-6621\", \"CVE-2013-6622\", \"CVE-2013-6623\", \"CVE-2013-6624\", \"CVE-2013-6625\", \"CVE-2013-6626\", \"CVE-2013-6627\", \"CVE-2013-6628\", \"CVE-2013-6632\", \"CVE-2013-6634\", \"CVE-2013-6635\", \"CVE-2013-6636\", \"CVE-2013-6637\", \"CVE-2013-6638\", \"CVE-2013-6639\", \"CVE-2013-6640\", \"CVE-2013-6641\", \"CVE-2013-6643\", \"CVE-2013-6644\", \"CVE-2013-6645\", \"CVE-2013-6646\", \"CVE-2013-6649\", \"CVE-2013-6650\", \"CVE-2013-6652\", \"CVE-2013-6653\", \"CVE-2013-6654\", \"CVE-2013-6655\", \"CVE-2013-6656\", \"CVE-2013-6657\", \"CVE-2013-6658\", \"CVE-2013-6659\", \"CVE-2013-6660\", \"CVE-2013-6661\", \"CVE-2013-6663\", \"CVE-2013-6664\", \"CVE-2013-6665\", \"CVE-2013-6666\", \"CVE-2013-6667\", \"CVE-2013-6668\", \"CVE-2013-6802\", \"CVE-2014-1681\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201403-01\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 33.0.1750.146\"), vulnerable: make_list(\"lt 33.0.1750.146\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/v8\", unaffected: make_list(), vulnerable: make_list(\"lt 3.20.17.13\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-09-04T14:12:48", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-6653 \nKhalil Zhani discovered a use-after-free issue in chromium's web\ncontents color chooser.\n\nCVE-2013-6654 \nTheShow3511 discovered an issue in SVG handling.\n\nCVE-2013-6655 \ncloudfuzzer discovered a use-after-free issue in dom event handling.\n\nCVE-2013-6656 \nNeexEmil discovered an information leak in the XSS auditor.\n\nCVE-2013-6657 \nNeexEmil discovered a way to bypass the Same Origin policy in the\nXSS auditor.\n\nCVE-2013-6658 \ncloudfuzzer discovered multiple use-after-free issues surrounding\nthe updateWidgetPositions function.\n\nCVE-2013-6659 \nAntoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that\nit was possible to trigger an unexpected certificate chain during\nTLS renegotiation.\n\nCVE-2013-6660 \nbishopjeffreys discovered an information leak in the drag and drop\nimplementation.\n\nCVE-2013-6661 \nThe Google Chrome team discovered and fixed multiple issues in\nversion 33.0.1750.117.\n\nCVE-2013-6663 \nAtte Kettunen discovered a use-after-free issue in SVG handling.\n\nCVE-2013-6664 \nKhalil Zhani discovered a use-after-free issue in the speech\nrecognition feature.\n\nCVE-2013-6665 \ncloudfuzzer discovered a buffer overflow issue in the software\nrenderer.\n\nCVE-2013-6666 \nnetfuzzer discovered a restriction bypass in the Pepper Flash\nplugin.\n\nCVE-2013-6667 \nThe Google Chrome team discovered and fixed multiple issues in\nversion 33.0.1750.146.\n\nCVE-2013-6668 \nMultiple vulnerabilities were fixed in version 3.24.35.10 of\nthe V8 javascript library.\n\nCVE-2014-1700 \nChamal de Silva discovered a use-after-free issue in speech\nsynthesis.\n\nCVE-2014-1701 \naidanhs discovered a cross-site scripting issue in event handling.\n\nCVE-2014-1702 \nColin Payne discovered a use-after-free issue in the web database\nimplementation.\n\nCVE-2014-1703 \nVUPEN discovered a use-after-free issue in web sockets that\ncould lead to a sandbox escape.\n\nCVE-2014-1704 \nMultiple vulnerabilities were fixed in version 3.23.17.18 of\nthe V8 javascript library.\n\nCVE-2014-1705 \nA memory corruption issue was discovered in the V8 javascript\nlibrary.\n\nCVE-2014-1713 \nA use-after-free issue was discovered in the AttributeSetter\nfunction.\n\nCVE-2014-1715 \nA directory traversal issue was found and fixed.", "cvss3": {}, "published": "2014-03-23T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2883-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6667", "CVE-2013-6655", "CVE-2013-6658", "CVE-2013-6661", "CVE-2013-6660", "CVE-2014-1703", "CVE-2013-6665", "CVE-2013-6666", "CVE-2013-6656", "CVE-2014-1705", "CVE-2013-6654", "CVE-2013-6653", "CVE-2013-6663", "CVE-2013-6659", "CVE-2014-1713", "CVE-2014-1701", "CVE-2014-1704", "CVE-2013-6657", "CVE-2014-1715", "CVE-2013-6668", "CVE-2014-1702", "CVE-2013-6664", "CVE-2014-1700"], "modified": "2017-08-23T00:00:00", "id": "OPENVAS:702883", "href": "http://plugins.openvas.org/nasl.php?oid=702883", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2883.nasl 6995 2017-08-23 11:52:03Z teissa $\n# Auto-generated from advisory DSA 2883-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"chromium-browser on Debian Linux\";\ntag_insight = \"Chromium is an open-source browser project that aims to build a safer, faster,\nand more stable way for all Internet users to experience the web.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 33.0.1750.152-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 33.0.1750.152-1.\n\nWe recommend that you upgrade your chromium-browser packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-6653 \nKhalil Zhani discovered a use-after-free issue in chromium's web\ncontents color chooser.\n\nCVE-2013-6654 \nTheShow3511 discovered an issue in SVG handling.\n\nCVE-2013-6655 \ncloudfuzzer discovered a use-after-free issue in dom event handling.\n\nCVE-2013-6656 \nNeexEmil discovered an information leak in the XSS auditor.\n\nCVE-2013-6657 \nNeexEmil discovered a way to bypass the Same Origin policy in the\nXSS auditor.\n\nCVE-2013-6658 \ncloudfuzzer discovered multiple use-after-free issues surrounding\nthe updateWidgetPositions function.\n\nCVE-2013-6659 \nAntoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that\nit was possible to trigger an unexpected certificate chain during\nTLS renegotiation.\n\nCVE-2013-6660 \nbishopjeffreys discovered an information leak in the drag and drop\nimplementation.\n\nCVE-2013-6661 \nThe Google Chrome team discovered and fixed multiple issues in\nversion 33.0.1750.117.\n\nCVE-2013-6663 \nAtte Kettunen discovered a use-after-free issue in SVG handling.\n\nCVE-2013-6664 \nKhalil Zhani discovered a use-after-free issue in the speech\nrecognition feature.\n\nCVE-2013-6665 \ncloudfuzzer discovered a buffer overflow issue in the software\nrenderer.\n\nCVE-2013-6666 \nnetfuzzer discovered a restriction bypass in the Pepper Flash\nplugin.\n\nCVE-2013-6667 \nThe Google Chrome team discovered and fixed multiple issues in\nversion 33.0.1750.146.\n\nCVE-2013-6668 \nMultiple vulnerabilities were fixed in version 3.24.35.10 of\nthe V8 javascript library.\n\nCVE-2014-1700 \nChamal de Silva discovered a use-after-free issue in speech\nsynthesis.\n\nCVE-2014-1701 \naidanhs discovered a cross-site scripting issue in event handling.\n\nCVE-2014-1702 \nColin Payne discovered a use-after-free issue in the web database\nimplementation.\n\nCVE-2014-1703 \nVUPEN discovered a use-after-free issue in web sockets that\ncould lead to a sandbox escape.\n\nCVE-2014-1704 \nMultiple vulnerabilities were fixed in version 3.23.17.18 of\nthe V8 javascript library.\n\nCVE-2014-1705 \nA memory corruption issue was discovered in the V8 javascript\nlibrary.\n\nCVE-2014-1713 \nA use-after-free issue was discovered in the AttributeSetter\nfunction.\n\nCVE-2014-1715 \nA directory traversal issue was found and fixed.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702883);\n script_version(\"$Revision: 6995 $\");\n script_cve_id(\"CVE-2013-6653\", \"CVE-2013-6654\", \"CVE-2013-6655\", \"CVE-2013-6656\", \"CVE-2013-6657\", \"CVE-2013-6658\", \"CVE-2013-6659\", \"CVE-2013-6660\", \"CVE-2013-6661\", \"CVE-2013-6663\", \"CVE-2013-6664\", \"CVE-2013-6665\", \"CVE-2013-6666\", \"CVE-2013-6667\", \"CVE-2013-6668\", \"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\", \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1715\");\n script_name(\"Debian Security Advisory DSA 2883-1 (chromium-browser - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-08-23 13:52:03 +0200 (Wed, 23 Aug 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-03-23 00:00:00 +0100 (Sun, 23 Mar 2014)\");\n script_tag(name: \"cvss_base\", value:\"10.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2883.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:10", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-6653\nKhalil Zhani discovered a use-after-free issue in chromium", "cvss3": {}, "published": "2014-03-23T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2883-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6667", "CVE-2013-6655", "CVE-2013-6658", "CVE-2013-6661", "CVE-2013-6660", "CVE-2014-1703", "CVE-2013-6665", "CVE-2013-6666", "CVE-2013-6656", "CVE-2014-1705", "CVE-2013-6654", "CVE-2013-6653", "CVE-2013-6663", "CVE-2013-6659", "CVE-2014-1713", "CVE-2014-1701", "CVE-2014-1704", "CVE-2013-6657", "CVE-2014-1715", "CVE-2013-6668", "CVE-2014-1702", "CVE-2013-6664", "CVE-2014-1700"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310702883", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702883", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2883.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 2883-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702883\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2013-6653\", \"CVE-2013-6654\", \"CVE-2013-6655\", \"CVE-2013-6656\", \"CVE-2013-6657\", \"CVE-2013-6658\", \"CVE-2013-6659\", \"CVE-2013-6660\", \"CVE-2013-6661\", \"CVE-2013-6663\", \"CVE-2013-6664\", \"CVE-2013-6665\", \"CVE-2013-6666\", \"CVE-2013-6667\", \"CVE-2013-6668\", \"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\", \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1715\");\n script_name(\"Debian Security Advisory DSA 2883-1 (chromium-browser - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-03-23 00:00:00 +0100 (Sun, 23 Mar 2014)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2883.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 33.0.1750.152-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 33.0.1750.152-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-6653\nKhalil Zhani discovered a use-after-free issue in chromium's web\ncontents color chooser.\n\nCVE-2013-6654\nTheShow3511 discovered an issue in SVG handling.\n\nCVE-2013-6655\ncloudfuzzer discovered a use-after-free issue in dom event handling.\n\nCVE-2013-6656\nNeexEmil discovered an information leak in the XSS auditor.\n\nCVE-2013-6657\nNeexEmil discovered a way to bypass the Same Origin policy in the\nXSS auditor.\n\nCVE-2013-6658\ncloudfuzzer discovered multiple use-after-free issues surrounding\nthe updateWidgetPositions function.\n\nCVE-2013-6659\nAntoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that\nit was possible to trigger an unexpected certificate chain during\nTLS renegotiation.\n\nCVE-2013-6660\nbishopjeffreys discovered an information leak in the drag and drop\nimplementation.\n\nCVE-2013-6661\nThe Google Chrome team discovered and fixed multiple issues in\nversion 33.0.1750.117.\n\nCVE-2013-6663\nAtte Kettunen discovered a use-after-free issue in SVG handling.\n\nCVE-2013-6664\nKhalil Zhani discovered a use-after-free issue in the speech\nrecognition feature.\n\nCVE-2013-6665\ncloudfuzzer discovered a buffer overflow issue in the software\nrenderer.\n\nCVE-2013-6666\nnetfuzzer discovered a restriction bypass in the Pepper Flash\nplugin.\n\nCVE-2013-6667\nThe Google Chrome team discovered and fixed multiple issues in\nversion 33.0.1750.146.\n\nCVE-2013-6668\nMultiple vulnerabilities were fixed in version 3.24.35.10 of\nthe V8 javascript library.\n\nCVE-2014-1700\nChamal de Silva discovered a use-after-free issue in speech\nsynthesis.\n\nCVE-2014-1701\naidanhs discovered a cross-site scripting issue in event handling.\n\nCVE-2014-1702\nColin Payne discovered a use-after-free issue in the web database\nimplementation.\n\nCVE-2014-1703\nVUPEN discovered a use-after-free issue in web sockets that\ncould lead to a sandbox escape.\n\nCVE-2014-1704\nMultiple vulnerabilities were fixed in version 3.23.17.18 of\nthe V8 javascript library.\n\nCVE-2014-1705\nA memory corruption issue was discovered in the V8 javascript\nlibrary.\n\nCVE-2014-1713\nA use-after-free issue was discovered in the AttributeSetter\nfunction.\n\nCVE-2014-1715\nA directory traversal issue was found and fixed.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"33.0.1750.152-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:31", "description": "Gentoo Linux Local Security Checks GLSA 201408-16", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201408-16", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3171", "CVE-2014-3155", "CVE-2014-1747", "CVE-2014-3168", "CVE-2014-3176", "CVE-2014-1724", "CVE-2014-3166", "CVE-2014-1735", "CVE-2014-1729", "CVE-2014-3165", "CVE-2014-1720", "CVE-2014-3154", "CVE-2014-1742", "CVE-2014-1728", "CVE-2014-1703", "CVE-2014-1719", "CVE-2014-3157", "CVE-2014-1726", "CVE-2014-1705", "CVE-2014-1734", "CVE-2014-1733", "CVE-2014-1732", "CVE-2014-1718", "CVE-2014-1744", "CVE-2014-0538", "CVE-2014-1716", "CVE-2014-1722", "CVE-2014-1743", "CVE-2014-1731", "CVE-2014-1740", "CVE-2014-3174", "CVE-2014-3175", "CVE-2014-3173", "CVE-2014-3167", "CVE-2014-1746", "CVE-2014-1714", "CVE-2014-1749", "CVE-2014-1713", "CVE-2014-3169", "CVE-2014-1745", "CVE-2014-3172", "CVE-2014-1701", "CVE-2014-1704", "CVE-2014-3162", "CVE-2014-3170", "CVE-2014-1730", "CVE-2014-1721", "CVE-2014-3160", "CVE-2014-1725", "CVE-2014-1715", "CVE-2014-1727", "CVE-2014-1702", "CVE-2014-1723", "CVE-2014-1748", "CVE-2014-1717", "CVE-2014-3177", "CVE-2014-1741", "CVE-2014-1700", "CVE-2014-3156"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121260", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121260", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201408-16.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121260\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:27:47 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201408-16\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201408-16\");\n script_cve_id(\"CVE-2014-1741\", \"CVE-2014-0538\", \"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\", \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\", \"CVE-2014-1715\", \"CVE-2014-1716\", \"CVE-2014-1717\", \"CVE-2014-1718\", \"CVE-2014-1719\", \"CVE-2014-1720\", \"CVE-2014-1721\", \"CVE-2014-1722\", \"CVE-2014-1723\", \"CVE-2014-1724\", \"CVE-2014-1725\", \"CVE-2014-1726\", \"CVE-2014-1727\", \"CVE-2014-1728\", \"CVE-2014-1729\", \"CVE-2014-1730\", \"CVE-2014-1731\", \"CVE-2014-1732\", \"CVE-2014-1733\", \"CVE-2014-1734\", \"CVE-2014-1735\", \"CVE-2014-1740\", \"CVE-2014-1742\", \"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\", \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\", \"CVE-2014-3160\", \"CVE-2014-3162\", \"CVE-2014-3165\", \"CVE-2014-3166\", \"CVE-2014-3167\", \"CVE-2014-3168\", \"CVE-2014-3169\", \"CVE-2014-3170\", \"CVE-2014-3171\", \"CVE-2014-3172\", \"CVE-2014-3173\", \"CVE-2014-3174\", \"CVE-2014-3175\", \"CVE-2014-3176\", \"CVE-2014-3177\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201408-16\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 37.0.2062.94\"), vulnerable: make_list(\"lt 37.0.2062.94\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T12:19:33", "description": "WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1293.", "cvss3": {}, "published": "2014-03-14T10:55:00", "type": "cve", "title": "CVE-2014-1294", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294"], "modified": "2019-03-08T16:06:00", "cpe": ["cpe:/o:apple:iphone_os:7.0.1", "cpe:/o:apple:iphone_os:7.0", "cpe:/o:apple:tvos:6.0.2", "cpe:/o:apple:iphone_os:7.0.4", "cpe:/o:apple:iphone_os:7.0.6", "cpe:/o:apple:iphone_os:7.0.5", "cpe:/o:apple:tvos:6.0.1", "cpe:/o:apple:tvos:6.0", "cpe:/o:apple:iphone_os:7.0.3", "cpe:/o:apple:iphone_os:7.0.2"], "id": "CVE-2014-1294", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1294", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:30", "description": "WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1293, and CVE-2014-1294.", "cvss3": {}, "published": "2014-03-14T10:55:00", "type": "cve", "title": "CVE-2014-1292", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294"], "modified": "2019-03-08T16:06:00", "cpe": ["cpe:/o:apple:iphone_os:7.0.1", "cpe:/o:apple:iphone_os:7.0", "cpe:/o:apple:tvos:6.0.2", "cpe:/o:apple:iphone_os:7.0.4", "cpe:/o:apple:iphone_os:7.0.6", "cpe:/o:apple:iphone_os:7.0.5", "cpe:/o:apple:tvos:6.0.1", "cpe:/o:apple:tvos:6.0", "cpe:/o:apple:iphone_os:7.0.3", "cpe:/o:apple:iphone_os:7.0.2"], "id": "CVE-2014-1292", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1292", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:28", "description": "WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294.", "cvss3": {}, "published": "2014-03-14T10:55:00", "type": "cve", "title": "CVE-2014-1289", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294"], "modified": "2019-03-08T16:06:00", "cpe": ["cpe:/o:apple:iphone_os:7.0.1", "cpe:/o:apple:iphone_os:7.0", "cpe:/o:apple:tvos:6.0.2", "cpe:/o:apple:iphone_os:7.0.4", "cpe:/o:apple:iphone_os:7.0.6", "cpe:/o:apple:iphone_os:7.0.5", "cpe:/o:apple:tvos:6.0.1", "cpe:/o:apple:tvos:6.0", "cpe:/o:apple:iphone_os:7.0.3", "cpe:/o:apple:iphone_os:7.0.2"], "id": "CVE-2014-1289", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1289", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:32", "description": "WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1294.", "cvss3": {}, "published": "2014-03-14T10:55:00", "type": "cve", "title": "CVE-2014-1293", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294"], "modified": "2019-03-08T16:06:00", "cpe": ["cpe:/o:apple:iphone_os:7.0.1", "cpe:/o:apple:iphone_os:7.0", "cpe:/o:apple:iphone_os:7.0.4", "cpe:/o:apple:iphone_os:7.0.6", "cpe:/o:apple:tvos:6.0", "cpe:/o:apple:iphone_os:7.0.5", "cpe:/o:apple:tvos:6.0.1", "cpe:/o:apple:tvos:6.0.2", "cpe:/o:apple:iphone_os:7.0.3", "cpe:/o:apple:iphone_os:7.0.2"], "id": "CVE-2014-1293", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1293", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:28", "description": "WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294.", "cvss3": {}, "published": "2014-03-14T10:55:00", "type": "cve", "title": "CVE-2014-1290", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294"], "modified": "2019-03-08T16:06:00", "cpe": ["cpe:/o:apple:iphone_os:7.0.1", "cpe:/o:apple:iphone_os:7.0", "cpe:/o:apple:iphone_os:7.0.4", "cpe:/o:apple:iphone_os:7.0.6", "cpe:/o:apple:tvos:6.0", "cpe:/o:apple:iphone_os:7.0.5", "cpe:/o:apple:tvos:6.0.1", "cpe:/o:apple:tvos:6.0.2", "cpe:/o:apple:iphone_os:7.0.3", "cpe:/o:apple:iphone_os:7.0.2"], "id": "CVE-2014-1290", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1290", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:30", "description": "WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294.", "cvss3": {}, "published": "2014-03-14T10:55:00", "type": "cve", "title": "CVE-2014-1291", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1289", "CVE-2014-1290", "CVE-2014-1291", "CVE-2014-1292", "CVE-2014-1293", "CVE-2014-1294"], "modified": "2019-03-08T16:06:00", "cpe": ["cpe:/o:apple:iphone_os:7.0.1", "cpe:/o:apple:iphone_os:7.0", "cpe:/o:apple:iphone_os:7.0.4", "cpe:/o:apple:iphone_os:7.0.6", "cpe:/o:apple:tvos:6.0", "cpe:/o:apple:iphone_os:7.0.5", "cpe:/o:apple:tvos:6.0.1", "cpe:/o:apple:tvos:6.0.2", "cpe:/o:apple:iphone_os:7.0.3", "cpe:/o:apple:iphone_os:7.0.2"], "id": "CVE-2014-1291", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1291", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:40:43", "description": "Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event.", "cvss3": {}, "published": "2013-11-13T15:55:00", "type": "cve", "title": "CVE-2013-6625", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6625"], "modified": "2017-09-19T01:36:00", "cpe": ["cpe:/a:google:chrome:31.0.1650.25", "cpe:/a:google:chrome:31.0.1650.7", "cpe:/a:google:chrome:31.0.1650.43", "cpe:/a:google:chrome:31.0.1650.17", "cpe:/a:google:chrome:31.0.1650.37", "cpe:/a:google:chrome:31.0.1650.12", "cpe:/a:google:chrome:31.0.1650.23", "cpe:/a:google:chrome:31.0.1650.15", "cpe:/a:google:chrome:31.0.1650.4", "cpe:/a:google:chrome:31.0.1650.46", "cpe:/a:google:chrome:31.0.1650.30", "cpe:/a:google:chrome:31.0.1650.35", "cpe:/a:google:chrome:31.0.1650.3", "cpe:/a:google:chrome:31.0.1650.2", "cpe:/a:google:chrome:31.0.1650.13", "cpe:/a:google:chrome:31.0.1650.47", "cpe:/a:google:chrome:31.0.1650.44", "cpe:/a:google:chrome:31.0.1650.45", "cpe:/a:google:chrome:31.0.1650.20", "cpe:/a:google:chrome:31.0.1650.26", "cpe:/a:google:chrome:31.0.1650.0", "cpe:/a:google:chrome:31.0.1650.8", "cpe:/a:google:chrome:31.0.1650.33", "cpe:/a:google:chrome:31.0.1650.6", "cpe:/a:google:chrome:31.0.1650.32", "cpe:/a:google:chrome:31.0.1650.42", "cpe:/a:google:chrome:31.0.1650.28", "cpe:/a:google:chrome:31.0.1650.14", "cpe:/a:google:chrome:31.0.1650.34", "cpe:/a:google:chrome:31.0.1650.39", "cpe:/a:google:chrome:31.0.1650.31", "cpe:/a:google:chrome:31.0.1650.41", "cpe:/a:google:chrome:31.0.1650.19", "cpe:/a:google:chrome:31.0.1650.9", "cpe:/a:google:chrome:31.0.1650.10", "cpe:/a:google:chrome:31.0.1650.22", "cpe:/a:google:chrome:31.0.1650.29", "cpe:/a:google:chrome:31.0.1650.11", "cpe:/a:google:chrome:31.0.1650.5", "cpe:/a:google:chrome:31.0.1650.16", "cpe:/a:google:chrome:31.0.1650.18", "cpe:/a:google:chrome:31.0.1650.36", "cpe:/a:google:chrome:31.0.1650.38", "cpe:/a:google:chrome:31.0.1650.27"], "id": "CVE-2013-6625", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6625", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:31.0.1650.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.44:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.27:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.47:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.17:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.23:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.30:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.43:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.7:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.34:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.37:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.33:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.26:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.46:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.36:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.32:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:31.0.1650.45:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:38", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1298", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1298"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1298", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1298", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:39", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1299", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1299"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1299", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1299", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:44:05", "description": "Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.", "cvss3": {}, "published": "2013-10-16T20:55:00", "type": "cve", "title": "CVE-2013-2928", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2928"], "modified": "2017-09-19T01:36:00", "cpe": ["cpe:/a:google:chrome:30.0.1599.39", "cpe:/a:google:chrome:30.0.1599.68", "cpe:/a:google:chrome:30.0.1599.42", "cpe:/a:google:chrome:30.0.1599.64", "cpe:/a:google:chrome:30.0.1599.31", "cpe:/a:google:chrome:30.0.1599.4", "cpe:/a:google:chrome:30.0.1599.100", "cpe:/a:google:chrome:30.0.1599.23", "cpe:/a:google:chrome:30.0.1599.17", "cpe:/a:google:chrome:30.0.1599.81", "cpe:/a:google:chrome:30.0.1599.8", "cpe:/a:google:chrome:30.0.1599.34", "cpe:/a:google:chrome:30.0.1599.40", "cpe:/a:google:chrome:30.0.1599.10", "cpe:/a:google:chrome:30.0.1599.85", "cpe:/a:google:chrome:30.0.1599.65", "cpe:/a:google:chrome:30.0.1599.26", "cpe:/a:google:chrome:30.0.1599.16", "cpe:/a:google:chrome:30.0.1599.11", "cpe:/a:google:chrome:30.0.1599.36", "cpe:/a:google:chrome:30.0.1599.29", "cpe:/a:google:chrome:30.0.1599.37", "cpe:/a:google:chrome:30.0.1599.66", "cpe:/a:google:chrome:30.0.1599.19", "cpe:/a:google:chrome:30.0.1599.14", "cpe:/a:google:chrome:30.0.1599.87", "cpe:/a:google:chrome:30.0.1599.80", "cpe:/a:google:chrome:30.0.1599.15", "cpe:/a:google:chrome:30.0.1599.9", "cpe:/a:google:chrome:30.0.1599.20", "cpe:/a:google:chrome:30.0.1599.82", "cpe:/a:google:chrome:30.0.1599.25", "cpe:/a:google:chrome:30.0.1599.52", "cpe:/a:google:chrome:30.0.1599.60", "cpe:/a:google:chrome:30.0.1599.79", "cpe:/a:google:chrome:30.0.1599.51", "cpe:/a:google:chrome:30.0.1599.21", "cpe:/a:google:chrome:30.0.1599.53", "cpe:/a:google:chrome:30.0.1599.18", "cpe:/a:google:chrome:30.0.1599.43", "cpe:/a:google:chrome:30.0.1599.30", "cpe:/a:google:chrome:30.0.1599.90", "cpe:/a:google:chrome:30.0.1599.1", "cpe:/a:google:chrome:30.0.1599.50", "cpe:/a:google:chrome:30.0.1599.32", "cpe:/a:google:chrome:30.0.1599.57", "cpe:/a:google:chrome:30.0.1599.49", "cpe:/a:google:chrome:30.0.1599.41", "cpe:/a:google:chrome:30.0.1599.13", "cpe:/a:google:chrome:30.0.1599.44", "cpe:/a:google:chrome:30.0.1599.48", "cpe:/a:google:chrome:30.0.1599.58", "cpe:/a:google:chrome:30.0.1599.6", "cpe:/a:google:chrome:30.0.1599.7", "cpe:/a:google:chrome:30.0.1599.59", "cpe:/a:google:chrome:30.0.1599.28", "cpe:/a:google:chrome:30.0.1599.33", "cpe:/a:google:chrome:30.0.1599.61", "cpe:/a:google:chrome:30.0.1599.5", "cpe:/a:google:chrome:30.0.1599.35", "cpe:/a:google:chrome:30.0.1599.0", "cpe:/a:google:chrome:30.0.1599.27", "cpe:/a:google:chrome:30.0.1599.12", "cpe:/a:google:chrome:30.0.1599.86", "cpe:/a:google:chrome:30.0.1599.84", "cpe:/a:google:chrome:30.0.1599.2", "cpe:/a:google:chrome:30.0.1599.69", "cpe:/a:google:chrome:30.0.1599.47", "cpe:/a:google:chrome:30.0.1599.88", "cpe:/a:google:chrome:30.0.1599.38", "cpe:/a:google:chrome:30.0.1599.22", "cpe:/a:google:chrome:30.0.1599.24", "cpe:/a:google:chrome:30.0.1599.56", "cpe:/a:google:chrome:30.0.1599.67"], "id": "CVE-2013-2928", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2928", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:30.0.1599.85:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.56:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.84:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.59:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.49:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.40:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.32:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.44:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.34:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.66:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.68:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.87:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.69:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.27:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.58:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.65:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.60:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.57:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.33:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.53:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.88:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.64:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.23:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.100:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.37:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.61:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.67:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.7:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.17:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.30:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.24:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.86:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.26:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.36:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.43:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.82:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.81:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.47:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.90:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.79:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.48:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.80:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.51:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:40", "description": "Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014.", "cvss3": {}, "published": "2014-03-26T14:55:00", "type": "cve", "title": "CVE-2014-1300", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1300"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:7.0.2"], "id": "CVE-2014-1300", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1300", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:55", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1313", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1313"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1313", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1313", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:51", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1310", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1310"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1310", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1310", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:44:04", "description": "Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to list elements.", "cvss3": {}, "published": "2013-10-16T20:55:00", "type": "cve", "title": "CVE-2013-2926", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2926"], "modified": "2017-09-19T01:36:00", "cpe": ["cpe:/a:google:chrome:30.0.1599.39", "cpe:/a:google:chrome:30.0.1599.68", "cpe:/a:google:chrome:30.0.1599.42", "cpe:/a:google:chrome:30.0.1599.31", "cpe:/a:google:chrome:30.0.1599.64", "cpe:/a:google:chrome:30.0.1599.4", "cpe:/a:google:chrome:30.0.1599.100", "cpe:/a:google:chrome:30.0.1599.23", "cpe:/a:google:chrome:30.0.1599.17", "cpe:/a:google:chrome:30.0.1599.81", "cpe:/a:google:chrome:30.0.1599.40", "cpe:/a:google:chrome:30.0.1599.34", "cpe:/a:google:chrome:30.0.1599.16", "cpe:/a:google:chrome:30.0.1599.10", "cpe:/a:google:chrome:30.0.1599.85", "cpe:/a:google:chrome:30.0.1599.65", "cpe:/a:google:chrome:30.0.1599.26", "cpe:/a:google:chrome:30.0.1599.8", "cpe:/a:google:chrome:30.0.1599.36", "cpe:/a:google:chrome:30.0.1599.11", "cpe:/a:google:chrome:30.0.1599.29", "cpe:/a:google:chrome:30.0.1599.37", "cpe:/a:google:chrome:30.0.1599.66", "cpe:/a:google:chrome:30.0.1599.19", "cpe:/a:google:chrome:30.0.1599.14", "cpe:/a:google:chrome:30.0.1599.87", "cpe:/a:google:chrome:30.0.1599.80", "cpe:/a:google:chrome:30.0.1599.15", "cpe:/a:google:chrome:30.0.1599.9", "cpe:/a:google:chrome:30.0.1599.20", "cpe:/a:google:chrome:30.0.1599.82", "cpe:/a:google:chrome:30.0.1599.25", "cpe:/a:google:chrome:30.0.1599.52", "cpe:/a:google:chrome:30.0.1599.60", "cpe:/a:google:chrome:30.0.1599.79", "cpe:/a:google:chrome:30.0.1599.51", "cpe:/a:google:chrome:30.0.1599.21", "cpe:/a:google:chrome:30.0.1599.53", "cpe:/a:google:chrome:30.0.1599.18", "cpe:/a:google:chrome:30.0.1599.43", "cpe:/a:google:chrome:30.0.1599.30", "cpe:/a:google:chrome:30.0.1599.90", "cpe:/a:google:chrome:30.0.1599.1", "cpe:/a:google:chrome:30.0.1599.50", "cpe:/a:google:chrome:30.0.1599.32", "cpe:/a:google:chrome:30.0.1599.57", "cpe:/a:google:chrome:30.0.1599.49", "cpe:/a:google:chrome:30.0.1599.41", "cpe:/a:google:chrome:30.0.1599.13", "cpe:/a:google:chrome:30.0.1599.44", "cpe:/a:google:chrome:30.0.1599.48", "cpe:/a:google:chrome:30.0.1599.58", "cpe:/a:google:chrome:30.0.1599.6", "cpe:/a:google:chrome:30.0.1599.7", "cpe:/a:google:chrome:30.0.1599.59", "cpe:/a:google:chrome:30.0.1599.28", "cpe:/a:google:chrome:30.0.1599.61", "cpe:/a:google:chrome:30.0.1599.33", "cpe:/a:google:chrome:30.0.1599.5", "cpe:/a:google:chrome:30.0.1599.35", "cpe:/a:google:chrome:30.0.1599.0", "cpe:/a:google:chrome:30.0.1599.27", "cpe:/a:google:chrome:30.0.1599.12", "cpe:/a:google:chrome:30.0.1599.86", "cpe:/a:google:chrome:30.0.1599.84", "cpe:/a:google:chrome:30.0.1599.2", "cpe:/a:google:chrome:30.0.1599.69", "cpe:/a:google:chrome:30.0.1599.47", "cpe:/a:google:chrome:30.0.1599.88", "cpe:/a:google:chrome:30.0.1599.38", "cpe:/a:google:chrome:30.0.1599.22", "cpe:/a:google:chrome:30.0.1599.24", "cpe:/a:google:chrome:30.0.1599.56", "cpe:/a:google:chrome:30.0.1599.67"], "id": "CVE-2013-2926", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2926", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:30.0.1599.85:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.84:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.56:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.59:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.49:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.40:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.32:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.44:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.34:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.66:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.68:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.87:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.69:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.27:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.58:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.65:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.60:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.57:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.33:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.53:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.88:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.64:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.23:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.100:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.37:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.61:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.67:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.7:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.17:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.30:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.24:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.86:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.26:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.36:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.43:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.82:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.81:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.47:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.90:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.79:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.48:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.80:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:30.0.1599.51:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:37", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read arbitrary files by leveraging WebProcess access.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1297", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1297"], "modified": "2014-04-02T17:07:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1297", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1297", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:41", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1301", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1301"], "modified": "2016-12-22T14:36:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:itunes:12.0", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1301", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1301", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:itunes:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:42:58", "description": "Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input.", "cvss3": {}, "published": "2013-07-10T10:55:00", "type": "cve", "title": "CVE-2013-2871", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2871"], "modified": "2017-09-19T01:36:00", "cpe": ["cpe:/a:google:chrome:28.0.1500.48", "cpe:/a:google:chrome:28.0.1500.68", "cpe:/a:google:chrome:28.0.1500.58", "cpe:/a:google:chrome:28.0.1500.49", "cpe:/a:google:chrome:28.0.1500.45", "cpe:/a:google:chrome:28.0.1500.36", "cpe:/a:google:chrome:28.0.1500.46", "cpe:/a:google:chrome:28.0.1500.35", "cpe:/a:google:chrome:28.0.1500.32", "cpe:/a:google:chrome:28.0.1500.64", "cpe:/a:google:chrome:28.0.1500.33", "cpe:/a:google:chrome:28.0.1500.28", "cpe:/a:google:chrome:28.0.1500.9", "cpe:/a:google:chrome:28.0.1500.47", "cpe:/a:google:chrome:28.0.1500.39", "cpe:/a:google:chrome:28.0.1500.59", "cpe:/a:google:chrome:28.0.1500.38", "cpe:/a:google:chrome:28.0.1500.0", "cpe:/a:google:chrome:28.0.1500.11", "cpe:/a:google:chrome:28.0.1500.21", "cpe:/a:google:chrome:28.0.1500.5", "cpe:/a:google:chrome:28.0.1500.8", "cpe:/a:google:chrome:28.0.1500.26", "cpe:/a:google:chrome:28.0.1500.15", "cpe:/a:google:chrome:28.0.1500.4", "cpe:/a:google:chrome:28.0.1500.56", "cpe:/a:google:chrome:28.0.1500.43", "cpe:/a:google:chrome:28.0.1500.24", "cpe:/a:google:chrome:28.0.1500.10", "cpe:/a:google:chrome:28.0.1500.66", "cpe:/a:google:chrome:28.0.1500.70", "cpe:/a:google:chrome:28.0.1500.25", "cpe:/a:google:chrome:28.0.1500.34", "cpe:/a:google:chrome:28.0.1500.22", "cpe:/a:google:chrome:28.0.1500.14", "cpe:/a:google:chrome:28.0.1500.17", "cpe:/a:google:chrome:28.0.1500.13", "cpe:/a:google:chrome:28.0.1500.12", "cpe:/a:google:chrome:28.0.1500.29", "cpe:/a:google:chrome:28.0.1500.54", "cpe:/a:google:chrome:28.0.1500.44", "cpe:/a:google:chrome:28.0.1500.52", "cpe:/a:google:chrome:28.0.1500.63", "cpe:/a:google:chrome:28.0.1500.51", "cpe:/a:google:chrome:28.0.1500.27", "cpe:/a:google:chrome:28.0.1500.6", "cpe:/a:google:chrome:28.0.1500.2", "cpe:/a:google:chrome:28.0.1500.62", "cpe:/a:google:chrome:28.0.1500.50", "cpe:/a:google:chrome:28.0.1500.3", "cpe:/a:google:chrome:28.0.1500.41", "cpe:/a:google:chrome:28.0.1500.20", "cpe:/a:google:chrome:28.0.1500.42", "cpe:/a:google:chrome:28.0.1500.16", "cpe:/a:google:chrome:28.0.1500.31", "cpe:/a:google:chrome:28.0.1500.23", "cpe:/a:google:chrome:28.0.1500.60", "cpe:/a:google:chrome:28.0.1500.37", "cpe:/a:google:chrome:28.0.1500.40", "cpe:/a:google:chrome:28.0.1500.53", "cpe:/a:google:chrome:28.0.1500.19", "cpe:/a:google:chrome:28.0.1500.61", "cpe:/a:google:chrome:28.0.1500.18"], "id": "CVE-2013-2871", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2871", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:28.0.1500.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.53:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.36:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.66:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.45:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.59:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.60:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.43:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.68:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.47:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.62:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.58:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.32:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.51:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.44:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.46:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.49:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.70:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.17:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.64:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.26:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.40:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.63:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.37:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.54:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.48:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.24:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.33:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.27:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.56:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.34:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.61:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.23:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:50", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1309", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1309"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1309", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1309", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:42", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1302", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1302"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1302", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1302", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:25:55", "description": "Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value.", "cvss3": {}, "published": "2014-03-16T14:06:00", "type": "cve", "title": "CVE-2014-1713", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1713"], "modified": "2017-01-07T02:59:00", "cpe": ["cpe:/a:google:chrome:33.0.1750.11", "cpe:/a:google:chrome:33.0.1750.28", "cpe:/a:google:chrome:33.0.1750.82", "cpe:/a:google:chrome:33.0.1750.64", "cpe:/a:google:chrome:33.0.1750.40", "cpe:/a:google:chrome:33.0.1750.41", "cpe:/a:google:chrome:33.0.1750.10", "cpe:/a:google:chrome:33.0.1750.67", "cpe:/a:google:chrome:33.0.1750.66", "cpe:/a:google:chrome:33.0.1750.18", "cpe:/a:google:chrome:33.0.1750.34", "cpe:/a:google:chrome:33.0.1750.36", "cpe:/a:google:chrome:33.0.1750.47", "cpe:/a:google:chrome:33.0.1750.3", "cpe:/a:google:chrome:33.0.1750.70", "cpe:/a:google:chrome:33.0.1750.51", "cpe:/a:google:chrome:33.0.1750.30", "cpe:/a:google:chrome:33.0.1750.92", "cpe:/a:google:chrome:33.0.1750.46", "cpe:/a:google:chrome:33.0.1750.39", "cpe:/a:google:chrome:33.0.1750.59", "cpe:/a:google:chrome:33.0.1750.0", "cpe:/a:google:chrome:33.0.1750.110", "cpe:/a:google:chrome:33.0.1750.115", "cpe:/a:google:chrome:33.0.1750.109", "cpe:/a:google:chrome:33.0.1750.88", "cpe:/a:google:chrome:33.0.1750.1", "cpe:/a:google:chrome:33.0.1750.91", "cpe:/a:google:chrome:33.0.1750.35", "cpe:/a:google:chrome:33.0.1750.79", "cpe:/a:google:chrome:33.0.1750.6", "cpe:/a:google:chrome:33.0.1750.60", "cpe:/a:google:chrome:33.0.1750.56", "cpe:/a:google:chrome:33.0.1750.151", "cpe:/a:google:chrome:33.0.1750.116", "cpe:/a:google:chrome:33.0.1750.107", "cpe:/a:google:chrome:33.0.1750.62", "cpe:/a:google:chrome:33.0.1750.113", "cpe:/a:google:chrome:33.0.1750.38", "cpe:/a:google:chrome:33.0.1750.9", "cpe:/a:google:chrome:33.0.1750.80", "cpe:/a:google:chrome:33.0.1750.71", "cpe:/a:google:chrome:33.0.1750.2", "cpe:/a:google:chrome:33.0.1750.69", "cpe:/a:google:chrome:33.0.1750.20", "cpe:/a:google:chrome:33.0.1750.52", "cpe:/a:google:chrome:33.0.1750.149", "cpe:/a:google:chrome:33.0.1750.44", "cpe:/a:google:chrome:33.0.1750.132", "cpe:/a:google:chrome:33.0.1750.29", "cpe:/a:google:chrome:33.0.1750.26", "cpe:/a:google:chrome:33.0.1750.42", "cpe:/a:google:chrome:33.0.1750.57", "cpe:/a:google:chrome:33.0.1750.74", "cpe:/a:google:chrome:33.0.1750.83", "cpe:/a:google:chrome:33.0.1750.21", "cpe:/a:google:chrome:33.0.1750.93", "cpe:/a:google:chrome:33.0.1750.12", "cpe:/a:google:chrome:33.0.1750.19", "cpe:/a:google:chrome:33.0.1750.81", "cpe:/a:google:chrome:33.0.1750.14", "cpe:/a:google:chrome:33.0.1750.48", "cpe:/a:google:chrome:33.0.1750.125", "cpe:/a:google:chrome:33.0.1750.104", "cpe:/a:google:chrome:33.0.1750.111", "cpe:/a:google:chrome:33.0.1750.68", "cpe:/a:google:chrome:33.0.1750.22", "cpe:/a:google:chrome:33.0.1750.43", "cpe:/a:google:chrome:33.0.1750.126", "cpe:/a:google:chrome:33.0.1750.90", "cpe:/a:google:chrome:33.0.1750.153", "cpe:/a:google:chrome:33.0.1750.8", "cpe:/a:google:chrome:33.0.1750.85", "cpe:/a:google:chrome:33.0.1750.27", "cpe:/a:google:chrome:33.0.1750.5", "cpe:/a:google:chrome:33.0.1750.73", "cpe:/a:google:chrome:33.0.1750.23", "cpe:/a:google:chrome:33.0.1750.124", "cpe:/a:google:chrome:33.0.1750.50", "cpe:/a:google:chrome:33.0.1750.106", "cpe:/a:google:chrome:33.0.1750.4", "cpe:/a:google:chrome:33.0.1750.112", "cpe:/a:google:chrome:33.0.1750.25", "cpe:/a:google:chrome:33.0.1750.75", "cpe:/a:google:chrome:33.0.1750.65", "cpe:/a:google:chrome:33.0.1750.144", "cpe:/a:google:chrome:33.0.1750.117", "cpe:/a:google:chrome:33.0.1750.61", "cpe:/a:google:chrome:33.0.1750.49", "cpe:/a:google:chrome:33.0.1750.13", "cpe:/a:google:chrome:33.0.1750.89", "cpe:/a:google:chrome:33.0.1750.108", "cpe:/a:google:chrome:33.0.1750.146", "cpe:/a:google:chrome:33.0.1750.58", "cpe:/a:google:chrome:33.0.1750.16", "cpe:/a:google:chrome:33.0.1750.76", "cpe:/a:google:chrome:33.0.1750.63", "cpe:/a:google:chrome:33.0.1750.54", "cpe:/a:google:chrome:33.0.1750.55", "cpe:/a:google:chrome:33.0.1750.77", "cpe:/a:google:chrome:33.0.1750.135", "cpe:/a:google:chrome:33.0.1750.152", "cpe:/a:google:chrome:33.0.1750.15", "cpe:/a:google:chrome:33.0.1750.24", "cpe:/a:google:chrome:33.0.1750.136", "cpe:/a:google:chrome:33.0.1750.133", "cpe:/a:google:chrome:33.0.1750.7", "cpe:/a:google:chrome:33.0.1750.45", "cpe:/a:google:chrome:33.0.1750.53", "cpe:/a:google:chrome:33.0.1750.31", "cpe:/a:google:chrome:33.0.1750.37"], "id": "CVE-2014-1713", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1713", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:33.0.1750.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.124:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.90:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.113:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.70:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.37:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.89:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.112:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.81:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.136:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.69:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.7:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.151:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.75:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.116:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.132:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.91:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.66:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.135:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.80:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.106:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.77:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.152:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.83:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.46:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.117:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.45:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.49:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.30:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.54:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.53:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.149:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.74:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.110:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.61:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.104:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.51:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.60:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.133:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.57:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.63:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.40:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.24:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.56:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.43:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.92:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.76:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.79:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.47:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.34:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.27:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.82:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.65:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.58:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.62:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.153:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.71:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.126:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.23:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.59:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.55:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.108:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.26:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.73:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.93:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.67:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.111:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.115:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.48:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.125:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.44:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.36:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.85:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.68:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.144:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.107:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.146:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.109:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.88:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:33.0.1750.64:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:48", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1307", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1307"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1307", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1307", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:53", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1312", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1312"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1312", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1312", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:49", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1308", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1308"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1308", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1308", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:53", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1311", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1311"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1311", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1311", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:46", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1305", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1305"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1305", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1305", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:44", "description": "Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.", "cvss3": {}, "published": "2014-03-26T14:55:00", "type": "cve", "title": "CVE-2014-1303", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1303"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:7.0.2"], "id": "CVE-2014-1303", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1303", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:44", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.", "cvss3": {}, "published": "2014-04-02T16:17:00", "type": "cve", "title": "CVE-2014-1304", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1304"], "modified": "2016-12-08T03:04:00", "cpe": ["cpe:/a:apple:safari:6.0.5", "cpe:/a:apple:safari:6.1", "cpe:/a:apple:safari:6.0.1", "cpe:/a:apple:safari:6.0.3", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:6.1.1", "cpe:/a:apple:safari:6.0", "cpe:/a:apple:safari:6.0.4", "cpe:/a:apple:safari:6.1.2", "cpe:/a:apple:safari:7.0.2", "cpe:/a:apple:safari:6.0.2"], "id": "CVE-2014-1304", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1304", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.1.2:*:*:*:*:*:*:*"]}], "thn": [{"lastseen": "2018-01-27T10:06:39", "description": "[](<https://3.bp.blogspot.com/-xKjkuI1Uco8/Uz0nPSWQA4I/AAAAAAAAbAc/dwCTTe_AV8Q/s1600/safari-browser-update-download.jpg>)\n\n_So, is your Safari Web Browser Updated?? _Make sure you have the latest web browser updated for your Apple Macintosh systems, as Apple [released](<https://support.apple.com/kb/HT6181>) _Safari 6.1.3_ and _Safari 7.0.3_ with new security updates.\n\n \n\n\nThese Security updates addresses multiple vulnerabilities in its Safari web browser, which has always been the standard browser for Mac users.\n\n \n\n\nThis times not five or ten, in fact about two dozen. Apple issued a security update to patch a total of 27 [vulnerabilities](<https://thehackernews.com/search/label/Vulnerability>) in Safari web browser, including the one which was highlighted at _Pwn2Own _2014 hacking competition.\n\n \n\n\nThe available updates replace the browser running OSX 10.7 and 10.8 with the latest versions of browser 6.1.3, and OSX 10.9 with 7.0.3.\n\n \n\n\nAmong the 27 vulnerabilities, the most remarkable vulnerability addressed in the update is **_CVE-2014-1303_**, a heap-based buffer overflow that can be remotely exploited and could lead to bypass a sandbox protection mechanism via unspecified vector.\n\n \n\n\nThis vulnerability is the one used by Liang Chen of \"_Keen Team,_\" a Shanghai-based group of security researchers who hacked Safari on the second day of [Pwn2Own](<https://thehackernews.com/search/label/Pwn2own>) hacking competition this year held in March 12-13 at the CanSecWest security conference in Vancouver, resulting in a $65,000 reward.\n\n \n\n\nThe vulnerabilities involved memory corruption errors in the **WebKit**, which if exploited by a malicious or specially crafted website, could allow a remote attacker to execute arbitrary code on the victim's machine or completely crashing of the software as a result of DoS condition. This could also be a great starting step for injecting malware onto the victims\u2019 computer.\n\n \n\n\nAnother notable vulnerability is **_CVE-2014-1713_**, reported by the French security firm _VUPEN_, known for selling zero-day exploits, typically to law enforcement and government intelligence agencies, and HP's Zero Day Initiative.\n\n \n\n\nVUPEN also exploited several targets in this year\u2019s Pwn2Own competition, including Chrome, Adobe Flash and Adobe Reader, and Microsoft's Internet Explorer, taking home $400,000 of the total contest payout for the IE 11 zero-day.\n\n \n\n\nMore than half of the bugs were fixed by the Google Chrome Security team in this latest Apple updates, as both Google's Chrome browser and Safari are powered by the WebKit framework.\n\n \n\n\nApple also specially mentioned a different flaw discovered by_ Ian Beer_ of Google's Project Zero, which could enable an attacker running arbitrary code in the WebProcess to read arbitrary files despite Safari's sandbox restrictions.\n\n \n\n\nLast month, Apple issued iOS 7.1 update for [iPhones](<https://thehackernews.com/search/label/iPhone>), iPads and iPod Touches to patch several vulnerabilities, including the one in the mobile Safari.\n\n \n\n\nApple has released software updates and instructions on obtaining the updates at the following links: Software Updates and Safari 6.1.3 and 7.0.3. so, apple users are advised to update their Safari browser as soon as possible.\n", "cvss3": {}, "published": "2014-04-02T22:43:00", "type": "thn", "title": "Update Your Safari Browser to Patch Two Dozen of Critical Vulnerabilities", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2014-1303", "CVE-2014-1713"], "modified": "2014-04-03T09:43:32", "id": "THN:3F01BC262915EB887CAFBB69ACCFC949", "href": "https://thehackernews.com/2014/04/update-your-safari-browser-to-patch-two.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated chromium-browser-stable packages fix security vulnerabilities: Atte Kettunen of OUSPG discover a use-after-free issue in Blink's XML HTTP request implementation (CVE-2013-2925). cloudfuzzer discovered a use-after-free issue in the list indenting implementation (CVE-2013-2926). cloudfuzzer discovered a use-after-free issue in the HTML form submission implementation (CVE-2013-2927). The chrome 30 development team found various issues from internal fuzzing, audits, and other studies (CVE-2013-2928). This updates to the newest version from the Linux stable channel, fixing these and several other issues. \n", "cvss3": {}, "published": "2013-11-09T18:58:53", "type": "mageia", "title": "Updated chromium-browser-stable packages fix multiple vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2013-11-09T18:58:53", "id": "MGASA-2013-0321", "href": "https://advisories.mageia.org/MGASA-2013-0321.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T11:19:34", "description": "Use-after-free in speech (CVE-2014-1700). UXSS in events (CVE-2014-1701). Use-after-free in web database (CVE-2014-1702). Potential sandbox escape due to a use-after-free in web sockets (CVE-2014-1703). Multiple vulnerabilities in V8 fixed in version 3.23.17.18 (CVE-2014-1704). Memory corruption in V8 (CVE-2014-1705). Use-after-free in Blink bindings (CVE-2014-1713). Directory traversal issue (CVE-2014-1715). \n", "cvss3": {}, "published": "2014-03-19T17:33:30", "type": "mageia", "title": "Updated chromium-browser-stable packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1700", "CVE-2014-1701", "CVE-2014-1702", "CVE-2014-1703", "CVE-2014-1704", "CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1715"], "modified": "2014-03-19T17:33:30", "id": "MGASA-2014-0134", "href": "https://advisories.mageia.org/MGASA-2014-0134.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-18T11:19:34", "description": "Updated chromium-browser-stable packages fix security vulnerabilities: Various fixes from internal audits, fuzzing and other initiatives (CVE-2013-2931). Use after free related to speech input elements (CVE-2013-6621). Use after free related to media elements (CVE-2013-6622). Out of bounds read in SVG (CVE-2013-6623). Use after free related to 'id' attribute strings (CVE-2013-6624). Use after free in DOM ranges (CVE-2013-6625). Address bar spoofing related to interstitial warnings (CVE-2013-6626). Out of bounds read in HTTP parsing (CVE-2013-6627). Issue with certificates not being checked during TLS renegotiation (CVE-2013-6628). libjpeg 6b and libjpeg-turbo will use uninitialized memory when decoding images with missing SOS data for the luminance component (Y) in presence of valid chroma data (Cr, Cb) (CVE-2013-6629). libjpeg-turbo will use uninitialized memory when handling Huffman tables (CVE-2013-6630). Use after free in libjingle (CVE-2013-6631). \n", "cvss3": {}, "published": "2013-11-13T19:09:45", "type": "mageia", "title": "Updated chromium-browser-stable packages fix multiple vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631"], "modified": "2013-11-13T19:09:45", "id": "MGASA-2013-0324", "href": "https://advisories.mageia.org/MGASA-2013-0324.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-18T11:19:34", "description": "Updated chromium-browser-stable packages fix security vulnerabilities: The HTTPS implementation does not ensure that headers are terminated by \\r\\n\\r\\n (carriage return, newline, carriage return, newline) (CVE-2013-2853). Chrome does not properly prevent pop-under windows (CVE-2013-2867). common/extensions/sync_helper.cc proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting (CVE-2013-2868). Denial of service (out-of-bounds read) via a crafted JPEG2000 image (CVE-2013-2869). Use-after-free vulnerability in network sockets (CVE-2013-2870). Use-after-free vulnerability in input handling (CVE-2013-2871). Use-after-free vulnerability in resource loading (CVE-2013-2873). Out-of-bounds read in SVG file handling (CVE-2013-2875). Chrome does not properly enforce restrictions on the capture of screenshots by extensions, which could lead to information disclosure from previous page visits (CVE-2013-2876). Out-of-bounds read in text handling (CVE-2013-2878). The circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations were not propertly checked (CVE-2013-2879). The chrome 28 development team found various issues from internal fuzzing, audits, and other studies (CVE-2013-2880). \n", "cvss3": {}, "published": "2013-07-26T11:52:03", "type": "mageia", "title": "Updated chromium-browser-stable packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2853", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2873", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2878", "CVE-2013-2879", "CVE-2013-2880"], "modified": "2013-07-26T11:52:03", "id": "MGASA-2013-0234", "href": "https://advisories.mageia.org/MGASA-2013-0234.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2016-09-26T17:24:27", "description": "\nGoogle Chrome Releases reports:\n\n5 security fixes in this release, including:\n\n[292422] High CVE-2013-2925: Use after free in XHR. Credit to\n\t Atte Kettunen of OUSPG.\n[294456] High CVE-2013-2926: Use after free in editing. Credit\n\t to cloudfuzzer.\n[297478] High CVE-2013-2927: Use after free in forms. Credit\n\t to cloudfuzzer.\n[305790] High CVE-2013-2928: Various fixes from internal\n\t audits, fuzzing and other initiatives.\n\n\n", "cvss3": {}, "published": "2013-10-15T00:00:00", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2926", "CVE-2013-2925", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2013-10-15T00:00:00", "id": "710CD5D5-35CB-11E3-85F9-00262D5ED8EE", "href": "https://vuxml.freebsd.org/freebsd/710cd5d5-35cb-11e3-85f9-00262d5ed8ee.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:24:25", "description": "\nGoogle Chrome Releases reports:\n\nNew vulnerabilities after the Pwn2Own competition:\n\n[352369] Code execution outside sandbox. Credit to VUPEN.\n\t \n[352374] High CVE-2014-1713: Use-after-free in Blink\n\t\t bindings\n[352395] High CVE-2014-1714: Windows clipboard\n\t\t vulnerability\n\n\n [352420] Code execution outside sandbox. Credit to Anonymous.\n\t \n[351787] High CVE-2014-1705: Memory corruption in V8\n[352429] High CVE-2014-1715: Directory traversal issue\n\n\n\n\n", "cvss3": {}, "published": "2014-03-14T00:00:00", "type": "freebsd", "title": "www/chromium -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1705", "CVE-2014-1714", "CVE-2014-1713", "CVE-2014-1715"], "modified": "2014-03-14T00:00:00", "id": "A70966A1-AC22-11E3-8D04-00262D5ED8EE", "href": "https://vuxml.freebsd.org/freebsd/a70966a1-ac22-11e3-8d04-00262d5ed8ee.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:24:27", "description": "\nGoogle Chrome Releases reports:\n\n25 security fixes in this release, including:\n\n[268565] Medium CVE-2013-6621: Use after free related to speech input elements.\n\t Credit to Khalil Zhani.\n[272786] High CVE-2013-6622: Use after free related to media elements. Credit\n\t to cloudfuzzer.\n[282925] High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.\n[290566] High CVE-2013-6624: Use after free related to \u00e2\u0080\u009cid\u00e2\u0080\u009d attribute strings.\n\t Credit to Jon Butler.\n[295010] High CVE-2013-6625: Use after free in DOM ranges. Credit to\n\t cloudfuzzer.\n[295695] Low CVE-2013-6626: Address bar spoofing related to interstitial\n\t warnings. Credit to Chamal de Silva.\n[299892] High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to\n\t skylined.\n[306959] Medium CVE-2013-6628: Issue with certificates not being checked\n\t during TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan\n\t Bhargavan from Prosecco of INRIA Paris.\n[315823] Medium-Critical CVE-2013-2931: Various fixes from internal audits,\n\t fuzzing and other initiatives.\n[258723] Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and\n\t libjpeg-turbo. Credit to Michal Zalewski of Google.\n[299835] Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.\n\t Credit to Michal Zalewski of Google.\n[296804] High CVE-2013-6631: Use after free in libjingle. Credit to Patrik\n\t H\u00c3\u00b6glund of the Chromium project.\n\n\n", "cvss3": {}, "published": "2013-11-12T00:00:00", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2013-11-12T00:00:00", "id": "3BFC7016-4BCC-11E3-B0CF-00262D5ED8EE", "href": "https://vuxml.freebsd.org/freebsd/3bfc7016-4bcc-11e3-b0cf-00262d5ed8ee.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:24:28", "description": "\nGoogle Chrome Releases reports:\n\nA special reward for Andrey Labunets for his combination of\n\t CVE-2013-2879 and CVE-2013-2868 along with some (since fixed)\n\t server-side bugs.\n[252216] Low CVE-2013-2867: Block pop-unders in various\n\t scenarios.\n[252062] High CVE-2013-2879: Confusion setting up sign-in and sync.\n\t Credit to Andrey Labunets.\n[252034] Medium CVE-2013-2868: Incorrect sync of NPAPI extension\n\t component. Credit to Andrey Labunets.\n[245153] Medium CVE-2013-2869: Out-of-bounds read in JPEG2000\n\t handling. Credit to Felix Groebert of Google Security Team.\n[244746] [242762] Critical CVE-2013-2870: Use-after-free with\n\t network sockets. Credit to Collin Payne.\n[244260] Medium CVE-2013-2853: Man-in-the-middle attack against\n\t HTTP in SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan\n\t Bhargavan from Prosecco at INRIA Paris.\n[243991] [243818] High CVE-2013-2871: Use-after-free in input\n\t handling. Credit to miaubiz.\n[Mac only] [242702] Low CVE-2013-2872: Possible lack of entropy in\n\t renderers. Credit to Eric Rescorla.\n[241139] High CVE-2013-2873: Use-after-free in resource loading.\n\t Credit to miaubiz.\n[233848] Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit\n\t to miaubiz.\n[229504] Medium CVE-2013-2876: Extensions permissions confusion\n\t with interstitials. Credit to Dev Akhawe.\n[229019] Low CVE-2013-2877: Out-of-bounds read in XML parsing.\n\t Credit to Aki Helin of OUSPG.\n[196636] None: Remove the \"viewsource\" attribute on iframes.\n\t Credit to Collin Jackson.\n[177197] Medium CVE-2013-2878: Out-of-bounds read in text\n\t handling. Credit to Atte Kettunen of OUSPG.\n\n", "cvss3": {}, "published": "2013-07-09T00:00:00", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2872", "CVE-2013-2867", "CVE-2013-2878", "CVE-2013-2853", "CVE-2013-2876", "CVE-2013-2870", "CVE-2013-2877", "CVE-2013-2875", "CVE-2013-2869", "CVE-2013-2873", "CVE-2013-2871", "CVE-2013-2868", "CVE-2013-2879"], "modified": "2013-07-09T00:00:00", "id": "3B80104F-E96C-11E2-8BAC-00262D5ED8EE", "href": "https://vuxml.freebsd.org/freebsd/3b80104f-e96c-11e2-8bac-00262d5ed8ee.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "chrome": [{"lastseen": "2021-12-30T22:35:07", "description": "Chrome has been updated to 30.0.1599.101 for Windows, Mac, Linux and Chrome Frame. \n\n\n\nSecurity Fixes and Rewards\n\n** \n**\n\nNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.\n\n** \n**\n\nThis update includes [5 security fixes](<https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+label%3Arelease-1-m30+-security_severity%3DNone>). Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the [Chromium security page](<http://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more information. \n\n** \n**\n\n[$1000][[292422](<https://code.google.com/p/chromium/issues/detail?id=292422>)] High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of OUSPG[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$2000][[294456](<https://code.google.com/p/chromium/issues/detail?id=294456>)] High CVE-2013-2926: Use after free in editing. Credit to cloudfuzzer[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$2000][[297478](<https://code.google.com/p/chromium/issues/detail?id=297478>)] High CVE-2013-2927: Use after free in forms. Credit to cloudfuzzer[.](<https://code.google.com/u/117154691211413633534/>)\n\n** \n**\n\nAs usual, our ongoing internal security work responsible for a wide range of fixes:\n\n * [[305790](<https://code.google.com/p/chromium/issues/detail?id=305790>)] CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.\n\n\n\n\nMany of the above bugs were detected using [AddressSanitizer](<http://code.google.com/p/address-sanitizer/wiki/AddressSanitizer>).\n\n\n\n\nA full list of changes is available in the [SVN log](<http://build.chromium.org/f/chromium/perf/dashboard/ui/changelog.html?url=/branches/1599/src&range=227552:225043&mode=html>). Interested in switching release channels? [Find out how](<http://dev.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<http://crbug.com/>).\n\n\n\n\nKaren Grunberg\n\nGoogle Chrome", "cvss3": {}, "published": "2013-10-15T00:00:00", "type": "chrome", "title": "Stable Channel Update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2013-10-15T00:00:00", "id": "GCSA-9087558573162189081", "href": "https://chromereleases.googleblog.com/2013/10/stable-channel-update_15.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-30T22:34:49", "description": "The Stable Channel has been updated to 33.0.1750.152 for Mac and Linux and 33.0.1750.154 for Windows. \n\n**Security Fixes and Rewards** \n\nCongratulations to [VUPEN](<http://www.vupen.com/>) and an Anonymous submission for winning the Pwn2Own competition. \n\n\n * [$100,000] [[352369](<https://code.google.com/p/chromium/issues/detail?id=352369>)] Code execution outside sandbox. Credit to VUPEN.\n * [[352374](<https://code.google.com/p/chromium/issues/detail?id=352374>)] **High **CVE-2014-1713: Use-after-free in Blink bindings\n * [[352395](<https://code.google.com/p/chromium/issues/detail?id=352395>)] **High** CVE-2014-1714: Windows clipboard vulnerability\n * [$60,000] [[352420](<https://code.google.com/p/chromium/issues/detail?id=352420>)] Code execution outside sandbox. Credit to Anonymous.\n * [[351787](<https://code.google.com/p/chromium/issues/detail?id=351787>)] **High** CVE-2014-1705: Memory corruption in V8\n * [[352429](<https://code.google.com/p/chromium/issues/detail?id=352429>)] **High** CVE-2014-1715: Directory traversal issue\n\n\n\n\nWe're delighted at the success of Pwn2Own and the ability to study full exploits. We anticipate landing additional changes and hardening measures for these vulnerabilities in the near future. We also believe that both submissions are works of art and deserve wider sharing and recognition. We plan to do technical reports on both Pwn2Own submissions in the future. \n\nInterested in hopping on the stable channel?[ Find out how](<http://dev.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by[ filing a bug](<http://new.crbug.com/>). \n\nAnthony Laforge \nGoogle Chrome", "cvss3": {}, "published": "2014-03-14T00:00:00", "type": "chrome", "title": "Stable Channel Update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1714", "CVE-2014-1715"], "modified": "2014-03-14T00:00:00", "id": "GCSA-2777914917235191645", "href": "https://chromereleases.googleblog.com/2014/03/stable-channel-update_14.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-30T22:34:49", "description": "The Stable channel has been updated to 33.0.1750.152 (Platform version: 5116.115.4/5116.115.5) for all devices. This build contains security fixes for Pwnium. Systems will be receiving the updates over the next few days. \n\n**Security Fixes and Rewards** \n\nCongratulations to [geohot](<http://geohot.com/>) for an epic Pwnium competition win. Pinkie Pie provided a fascinating set of vulnerabilities that will be rewarded through the Chrome VRP program. Moreover, one of the bugs exploited by VUPEN on Pwn2Own affected Chrome OS. \n\nWe're delighted at the success of Pwnium and the ability to study full exploits. We anticipate landing additional changes and hardening measures for these vulnerabilities in the near future. We also believe that both Pwnium submissions are works of art and deserve wider sharing and recognition. We plan to do technical reports on these submissions in the future. \n\n\n * [Like a c-c-c-c-hamp!!! $150,000] [[351788](<https://code.google.com/p/chromium/issues/detail?id=351788>)] **Persistent code execution on Chrome OS.** _Credit to geohot._\n * [[351787](<https://code.google.com/p/chromium/issues/detail?id=351787>)] **High** CVE-2014-1705: Memory corruption in V8\n * [[351796](<https://code.google.com/p/chromium/issues/detail?id=351796>)] **Low** CVE-2014-1706: Command Injection in Crosh\n * [[351811](<https://code.google.com/p/chromium/issues/detail?id=351811>)] **High** CVE-2014-1707: Path traversal issue in CrosDisks\n * [[344051](<https://code.google.com/p/chromium/issues/detail?id=344051>)] **Critical** CVE-2014-1708: Issue with file persistence at boot\n * [$TBD] [[352492](<https://code.google.com/p/chromium/issues/detail?id=352492>)] **Sandboxed code execution and kernel OOB write.** _Credit to Pinkie Pie._\n * [[351852](<https://code.google.com/p/chromium/issues/detail?id=351852>)] **High** CVE-2014-1710: Memory corruption in GPU command buffer\n * [[351855](<https://code.google.com/p/chromium/issues/detail?id=351855>)] **High** CVE-2014-1711: Kernel OOB write in GPU driver\n * [[352374](<https://code.google.com/p/chromium/issues/detail?id=352374>)] **High** CVE-2014-1713: Use-after-free in Blink bindings. _Credit to VUPEN._\n\nPlease see [the Chromium security page](<http://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix. \n\nIf you find new issues, please let us know by visiting our [forum](<http://chromebook.com/community>) or [filing a bug](<http://crbug.com/>). Interested in switching channels? Find out how. You can submit feedback using 'Report an issue...' in the Chrome menu (3 horizontal bars in the upper right corner of the browser). \n\nDharani Govindan \nGoogle Chrome", "cvss3": {}, "published": "2014-03-14T00:00:00", "type": "chrome", "title": "Stable Channel Update for Chrome OS", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1705", "CVE-2014-1706", "CVE-2014-1707", "CVE-2014-1708", "CVE-2014-1710", "CVE-2014-1711", "CVE-2014-1713"], "modified": "2014-03-14T00:00:00", "id": "GCSA-8807464022709606075", "href": "https://chromereleases.googleblog.com/2014/03/stable-channel-update-for-chrome-os_14.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-30T22:35:07", "description": "Chrome has been updated to 31.0.1650.48 for Windows, Mac, Linux and Chrome Frame. \n\nFlash Player has been [updated ](<http://helpx.adobe.com/en/flash-player/release-note/fp_119_air_39_release_notes.html>)to 11.9.900.152, which is included w/ this release.\n\n\n\n\nSecurity Fixes and Rewards\n\n** \n** \n\n\nNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.\n\n** \n** \n\n\nThis update includes [25 security fixes](<https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+label%3ARelease-0-M31>). Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the [Chromium security page](<http://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more information. \n\n** \n** \n\n\n[$500][[268565](<https://code.google.com/p/chromium/issues/detail?id=268565>)] Medium CVE-2013-6621: Use after free related to speech input elements. Credit to Khalil Zhani.\n\n[$2000][[272786](<https://code.google.com/p/chromium/issues/detail?id=272786>)] High CVE-2013-6622: Use after free related to media elements. Credit to cloudfuzzer[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$500][[282925](<https://code.google.com/p/chromium/issues/detail?id=282925>)] High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$1000][[290566](<https://code.google.com/p/chromium/issues/detail?id=290566>)] High CVE-2013-6624: Use after free related to "id" attribute strings. Credit to Jon Butler[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$2000][[295010](<https://code.google.com/p/chromium/issues/detail?id=295010>)] High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer[.](<https://code.google.com/u/117154691211413633534/>)\n\n[[295695](<https://code.google.com/p/chromium/issues/detail?id=295695>)] Low CVE-2013-6626: Address bar spoofing related to interstitial warnings. Credit to Chamal de Silva[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$4000][[299892](<https://code.google.com/p/chromium/issues/detail?id=299892>)] High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to skylined[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$1000][[306959](<https://code.google.com/p/chromium/issues/detail?id=306959>)] Medium CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco of INRIA Paris[.](<https://code.google.com/u/117154691211413633534/>)\n\n** \n** \n\n\nWe would also like to thank miaubiz and Atte Kettunen of OUSPG for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $2000 in additional rewards were issued.\n\n** \n** \n\n\nAs usual, our ongoing internal security work responsible for a wide range of fixes:\n\n * [[315823](<https://code.google.com/p/chromium/issues/detail?id=315823>)] Medium-Critical CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.\n\n * [[258723](<https://code.google.com/p/chromium/issues/detail?id=258723>)] Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo. Credit to Michal Zalewski of Google.\n\n * [[299835](<https://code.google.com/p/chromium/issues/detail?id=299835>)] Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo. Credit to Michal Zalewski of Google.\n\n * [[296804](<https://code.google.com/p/chromium/issues/detail?id=296804>)] High CVE-2013-6631: Use after free in libjingle. Credit to Patrik H\u00f6glund of the Chromium project.\n\n\nMany of the above bugs were detected using [AddressSanitizer](<http://code.google.com/p/address-sanitizer/wiki/AddressSanitizer>). \n\nA full list of changes is available in the [SVN log](<http://build.chromium.org/f/chromium/perf/dashboard/ui/changelog.html?url=/trunk/src&range=224845:217147&mode=html>). Interested in switching release channels? [Find out how](<http://dev.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<http://crbug.com/>). \n\nAnthony Laforge \nGoogle Chrome", "cvss3": {}, "published": "2013-11-12T00:00:00", "type": "chrome", "title": "Stable Channel Update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631"], "modified": "2013-11-12T00:00:00", "id": "GCSA-8158427747359227402", "href": "https://chromereleases.googleblog.com/2013/11/stable-channel-update.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-30T22:36:17", "description": "**Update: **We are separately updating users to Flash Player 11.8.800.97 via our component updater. \n\nThe Stable channel has been updated to 28.0.1500.71 for Windows, Macintosh and Chrome Frame platforms. \n\n\n\nSecurity fixes and rewards:\n\n** \n** \n\n\nPlease see [the Chromium security page](<http://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more information. (Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.)\n\n** \n** \n\n\nThis automatic update includes security fixes. We'd like to highlight the following fixes for various reasons (crediting external researchers, issuing rewards, or highlighting particularly interesting issues):\n\n** \n** \n\n\n * [$21,500] A special reward for Andrey Labunets for his combination of CVE-2013-2879 and CVE-2013-2868 along with some (since fixed) server-side bugs.\n\n * [[252216](<https://code.google.com/p/chromium/issues/detail?id=252216>)] Low CVE-2013-2867: Block pop-unders in various scenarios.\n\n * [[252062](<https://code.google.com/p/chromium/issues/detail?id=252062>)] High CVE-2013-2879: Confusion setting up sign-in and sync. Credit to Andrey Labunets.\n\n * [[252034](<https://code.google.com/p/chromium/issues/detail?id=252034>)] Medium CVE-2013-2868: Incorrect sync of NPAPI extension component. Credit to Andrey Labunets.\n\n * [[245153](<https://code.google.com/p/chromium/issues/detail?id=245153>)] Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling. Credit to Felix Groebert of Google Security Team.\n\n * [$6267.4] [[244746](<https://code.google.com/p/chromium/issues/detail?id=244746>)] [[242762](<https://code.google.com/p/chromium/issues/detail?id=242762>)] Critical CVE-2013-2870: Use-after-free with network sockets. Credit to Collin Payne.\n\n * [$3133.7] [[244260](<https://code.google.com/p/chromium/issues/detail?id=244260>)] Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco at INRIA Paris.\n\n * [$2000] [[243991](<https://code.google.com/p/chromium/issues/detail?id=243991>)] [[243818](<https://code.google.com/p/chromium/issues/detail?id=243818>)] High CVE-2013-2871: Use-after-free in input handling. Credit to miaubiz.\n\n * [Mac only] [[242702](<https://code.google.com/p/chromium/issues/detail?id=242702>)] Low CVE-2013-2872: Possible lack of entropy in renderers. Credit to Eric Rescorla.\n\n * [$1000] [[241139](<https://code.google.com/p/chromium/issues/detail?id=241139>)] High CVE-2013-2873: Use-after-free in resource loading. Credit to miaubiz.\n\n * [Windows + NVIDIA only] [$500] [[237611](<https://code.google.com/p/chromium/issues/detail?id=237611>)] Medium CVE-2013-2874: Screen data leak with GL textures. Credit to "danguafer".\n\n * [$500] [[233848](<https://code.google.com/p/chromium/issues/detail?id=233848>)] Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to miaubiz.\n\n * [[229504](<https://code.google.com/p/chromium/issues/detail?id=229504>)] Medium CVE-2013-2876: Extensions permissions confusion with interstitials. Credit to Dev Akhawe.\n\n * [[229019](<https://code.google.com/p/chromium/issues/detail?id=229019>)] Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki Helin of OUSPG.\n\n * [[196636](<https://code.google.com/p/chromium/issues/detail?id=196636>)] None: Remove the "viewsource" attribute on iframes. Credit to Collin Jackson.\n\n * [[177197](<https://code.google.com/p/chromium/issues/detail?id=177197>)] Medium CVE-2013-2878: Out-of-bounds read in text handling. Credit to Atte Kettunen of OUSPG.\n\n** \n** \n\n\nIn addition, our ongoing internal security work was as usual responsible for a wide range of fixes:\n\n * [[256985](<https://code.google.com/p/chromium/issues/detail?id=256985>)] High CVE-2013-2880: Various fixes from internal audits, fuzzing and other initiatives (Chrome 28).\n\n\n\n\n\nFull details about what changes are in this build are available in the [SVN revision log](<http://build.chromium.org/f/chromium/perf/dashboard/ui/changelog.html?url=/trunk/src&range=190564:198577&mode=html>) and the [Chrome Chrome Blog](<http://chrome.blogspot.com/2013/07/richer-notifications-now-available-to.html>). Interested in switching release channels? [Find out how](<http://dev.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<http://new.crbug.com/>).\n\n\nAnthony Laforge \nGoogle Chrome", "cvss3": {}, "published": "2013-07-09T00:00:00", "type": "chrome", "title": "Stable Channel Update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2853", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2872", "CVE-2013-2873", "CVE-2013-2874", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2877", "CVE-2013-2878", "CVE-2013-2879", "CVE-2013-2880"], "modified": "2013-07-09T00:00:00", "id": "GCSA-3186712133715673291", "href": "https://chromereleases.googleblog.com/2013/07/stable-channel-update.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:52:46", "description": "Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as\nused in Google Chrome before 31.0.1650.48, allows remote attackers to cause\na denial of service or possibly have unspecified other impact by leveraging\nimproper handling of DOM range objects in circumstances that require child\nnode removal after a (1) mutation or (2) blur event.", "cvss3": {}, "published": "2013-11-13T00:00:00", "type": "ubuntucve", "title": "CVE-2013-6625", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6625"], "modified": "2013-11-13T00:00:00", "id": "UB:CVE-2013-6625", "href": "https://ubuntu.com/security/CVE-2013-6625", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1298", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1298"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1298", "href": "https://ubuntu.com/security/CVE-2014-1298", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1299", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1299"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1299", "href": "https://ubuntu.com/security/CVE-2014-1299", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:53", "description": "Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101\nallow attackers to cause a denial of service or possibly have other impact\nvia unknown vectors.", "cvss3": {}, "published": "2013-10-16T00:00:00", "type": "ubuntucve", "title": "CVE-2013-2928", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2928"], "modified": "2013-10-16T00:00:00", "id": "UB:CVE-2013-2928", "href": "https://ubuntu.com/security/CVE-2013-2928", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1313", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1313"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1313", "href": "https://ubuntu.com/security/CVE-2014-1313", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1310", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1310"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1310", "href": "https://ubuntu.com/security/CVE-2014-1310", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:53", "description": "Use-after-free vulnerability in the\nIndentOutdentCommand::tryIndentingAsListItem function in\ncore/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome\nbefore 30.0.1599.101, allows user-assisted remote attackers to cause a\ndenial of service or possibly have unspecified other impact via vectors\nrelated to list elements.", "cvss3": {}, "published": "2013-10-16T00:00:00", "type": "ubuntucve", "title": "CVE-2013-2926", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2926"], "modified": "2013-10-16T00:00:00", "id": "UB:CVE-2013-2926", "href": "https://ubuntu.com/security/CVE-2013-2926", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not\nproperly validate WebProcess IPC messages, which allows remote attackers to\nbypass a sandbox protection mechanism and read arbitrary files by\nleveraging WebProcess access.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1297", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1297"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1297", "href": "https://ubuntu.com/security/CVE-2014-1297", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-11-22T21:46:05", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1301", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1301"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1301", "href": "https://ubuntu.com/security/CVE-2014-1301", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:53:18", "description": "Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows\nremote attackers to cause a denial of service or possibly have unspecified\nother impact via vectors related to the handling of input.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1199644>\n", "cvss3": {}, "published": "2013-07-10T00:00:00", "type": "ubuntucve", "title": "CVE-2013-2871", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2871"], "modified": "2013-07-10T00:00:00", "id": "UB:CVE-2013-2871", "href": "https://ubuntu.com/security/CVE-2013-2871", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:01", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1309", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1309"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1309", "href": "https://ubuntu.com/security/CVE-2014-1309", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1302", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1302"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1302", "href": "https://ubuntu.com/security/CVE-2014-1302", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:08", "description": "Use-after-free vulnerability in the AttributeSetter function in\nbindings/templates/attributes.cpp in the bindings in Blink, as used in\nGoogle Chrome before 33.0.1750.152 on OS X and Linux and before\n33.0.1750.154 on Windows, allows remote attackers to cause a denial of\nservice or possibly have unspecified other impact via vectors involving the\ndocument.location value.", "cvss3": {}, "published": "2014-03-16T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1713", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1713"], "modified": "2014-03-16T00:00:00", "id": "UB:CVE-2014-1713", "href": "https://ubuntu.com/security/CVE-2014-1713", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1307", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1307"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1307", "href": "https://ubuntu.com/security/CVE-2014-1307", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1312", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1312"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1312", "href": "https://ubuntu.com/security/CVE-2014-1312", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1308", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1308"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1308", "href": "https://ubuntu.com/security/CVE-2014-1308", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1311", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1311"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1311", "href": "https://ubuntu.com/security/CVE-2014-1311", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1305", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1305"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1305", "href": "https://ubuntu.com/security/CVE-2014-1305", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:52:02", "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and application crash) via a crafted web site, a\ndifferent vulnerability than other WebKit CVEs listed in\nAPPLE-SA-2014-04-01-1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {}, "published": "2014-04-02T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1304", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1304"], "modified": "2014-04-02T00:00:00", "id": "UB:CVE-2014-1304", "href": "https://ubuntu.com/security/CVE-2014-1304", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2021-12-14T17:47:13", "description": "Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event.", "cvss3": {}, "published": "2013-11-13T15:55:00", "type": "debiancve", "title": "CVE-2013-6625", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6625"], "modified": "2013-11-13T15:55:00", "id": "DEBIANCVE:CVE-2013-6625", "href": "https://security-tracker.debian.org/tracker/CVE-2013-6625", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:13", "description": "Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.", "cvss3": {}, "published": "2013-10-16T20:55:00", "type": "debiancve", "title": "CVE-2013-2928", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2928"], "modified": "2013-10-16T20:55:00", "id": "DEBIANCVE:CVE-2013-2928", "href": "https://security-tracker.debian.org/tracker/CVE-2013-2928", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:13", "description": "Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to list elements.", "cvss3": {}, "published": "2013-10-16T20:55:00", "type": "debiancve", "title": "CVE-2013-2926", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2926"], "modified": "2013-10-16T20:55:00", "id": "DEBIANCVE:CVE-2013-2926", "href": "https://security-tracker.debian.org/tracker/CVE-2013-2926", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:13", "description": "Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input.", "cvss3": {}, "published": "2013-07-10T10:55:00", "type": "debiancve", "title": "CVE-2013-2871", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2871"], "modified": "2013-07-10T10:55:00", "id": "DEBIANCVE:CVE-2013-2871", "href": "https://security-tracker.debian.org/tracker/CVE-2013-2871", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:13", "description": "Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value.", "cvss3": {}, "published": "2014-03-16T14:06:00", "type": "debiancve", "title": "CVE-2014-1713", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1713"], "modified": "2014-03-16T14:06:00", "id": "DEBIANCVE:CVE-2014-1713", "href": "https://security-tracker.debian.org/tracker/CVE-2014-1713", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T17:28:15", "description": "Bugtraq ID:66576\r\nCVE ID:CVE-2014-1298\r\n\r\nWebKit\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u6d4f\u89c8\u5668\u5f15\u64ce\uff0c\u4e5f\u662f\u82f9\u679cMac OS X \u7cfb\u7edf\u5f15\u64ce\u6846\u67b6\u7248\u672c\u7684\u540d\u79f0\u3002\r\n\r\nApple Safari 6.1.3\u4e4b\u524d\u7248\u672c\u30017.0.3\u4e4b\u524d\u7248\u672c\u5185\u4f7f\u7528\u7684WebKit\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684\u7f51\u7ad9\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\r\n0\r\nApple Safari 7.x\r\nApple Safari 6.x\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.apple.com/support/downloads/", "cvss3": {}, "published": "2014-04-04T00:00:00", "title": "WebKit\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2014-1298)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1298"], "modified": "2014-04-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62067", "id": "SSV:62067", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:28:52", "description": "Bugtraq ID:66581\r\nCVE ID:CVE-2014-1299\r\n\r\nWebKit\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u6d4f\u89c8\u5668\u5f15\u64ce\uff0c\u4e5f\u662f\u82f9\u679cMac OS X \u7cfb\u7edf\u5f15\u64ce\u6846\u67b6\u7248\u672c\u7684\u540d\u79f0\u3002\r\n\r\nApple Safari 6.1.3\u4e4b\u524d\u7248\u672c\u30017.0.3\u4e4b\u524d\u7248\u672c\u5185\u4f7f\u7528\u7684WebKit\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684\u7f51\u7ad9\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\r\n0\r\nApple Safari 7.x\r\nApple Safari 6.x\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.apple.com/support/downloads/", "cvss3": {}, "published": "2014-04-04T00:00:00", "title": "WebKit\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2014-1299)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1299"], "modified": "2014-04-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62072", "id": "SSV:62072", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:33:55", "description": "CVE ID:CVE-2014-1300\r\n\r\nSafari\u662f\u82f9\u679c\u8ba1\u7b97\u673a\u7684\u6700\u65b0\u4f5c\u4e1a\u7cfb\u7edfMac OS X\u4e2d\u7684\u6d4f\u89c8\u5668\uff0c\u4f7f\u7528\u4e86KDE\u7684KHTML\u4f5c\u4e3a\u6d4f\u89c8\u5668\u7684\u8fd0\u7b97\u6838\u5fc3\u3002\r\n\r\nOS X\u5e73\u53f0\u4e0aApple Safari 7.0.2\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8fd9\u53ef\u4f7f\u8fdc\u7a0b\u653b\u51fb\u8005\u4ee5root\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n0\r\nApple Safari 7.0.2\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://www.apple.com/support/downloads/", "cvss3": {}, "published": "2014-03-27T00:00:00", "type": "seebug", "title": "Apple Safari\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1300"], "modified": "2014-03-27T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61968", "id": "SSV:61968", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T17:28:19", "description": "Bugtraq ID:66579\r\nCVE ID:CVE-2014-1313\r\n\r\nWebKit\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u6d4f\u89c8\u5668\u5f15\u64ce\uff0c\u4e5f\u662f\u82f9\u679cMac OS X \u7cfb\u7edf\u5f15\u64ce\u6846\u67b6\u7248\u672c\u7684\u540d\u79f0\u3002\r\n\r\nApple Safari 6.1.3\u4e4b\u524d\u7248\u672c\u30017.0.3\u4e4b\u524d\u7248\u672c\u5185\u4f7f\u7528\u7684WebKit\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684\u7f51\u7ad9\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\r\n0\r\nApple Safari 7.x\r\nApple Safari 6.x\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.apple.com/support/downloads/", "cvss3": {}, "published": "2014-04-04T00:00:00", "title": "WebKit\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2014-1313)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1313"], "modified": "2014-04-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62068", "id": "SSV:62068", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:28:17", "description": "Bugtraq ID:66574\r\nCVE ID:CVE-2014-1309\r\n\r\nWebKit\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u6d4f\u89c8\u5668\u5f15\u64ce\uff0c\u4e5f\u662f\u82f9\u679cMac OS X \u7cfb\u7edf\u5f15\u64ce\u6846\u67b6\u7248\u672c\u7684\u540d\u79f0\u3002\r\n\r\nApple Safari 6.1.3\u4e4b\u524d\u7248\u672c\u30017.0.3\u4e4b\u524d\u7248\u672c\u5185\u4f7f\u7528\u7684WebKit\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684\u7f51\u7ad9\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\r\n0\r\nApple Safari 7.x\r\nApple Safari 6.x\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.apple.com/support/downloads/", "cvss3": {}, "published": "2014-04-04T00:00:00", "title": "WebKit\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2014-1309)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1309"], "modified": "2014-04-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62071", "id": "SSV:62071", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:30:25", "description": "Bugtraq ID\uff1a66243\r\nCVE ID\uff1aCVE-2014-1713\r\n\r\nGoogle Chrome\u662f\u4e00\u6b3e\u6d41\u884c\u7684WEB\u6d4f\u89c8\u5668\u3002\r\n\r\nGoogle Chrome\u5b58\u5728\u91ca\u653e\u540e\u4f7f\u7528\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u6784\u5efa\u6076\u610fWEB\u9875\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u53ef\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nGoogle Chrome\n\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a\r\nhttp://www.google.com/chrome", "cvss3": {}, "published": "2014-03-18T00:00:00", "title": "Google Chrome\u91ca\u653e\u540e\u4f7f\u7528\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1713"], "modified": "2014-03-18T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61824", "id": "SSV:61824", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:28:35", "description": "Bugtraq ID:66578\r\nCVE ID:CVE-2014-1312\r\n\r\nWebKit\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u6d4f\u89c8\u5668\u5f15\u64ce\uff0c\u4e5f\u662f\u82f9\u679cMac OS X \u7cfb\u7edf\u5f15\u64ce\u6846\u67b6\u7248\u672c\u7684\u540d\u79f0\u3002\r\n\r\nApple Safari 6.1.3\u4e4b\u524d\u7248\u672c\u30017.0.3\u4e4b\u524d\u7248\u672c\u5185\u4f7f\u7528\u7684WebKit\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684\u7f51\u7ad9\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\r\n0\r\nApple Safari 7.x\r\nApple Safari 6.x\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.apple.com/support/downloads/", "cvss3": {}, "published": "2014-04-04T00:00:00", "title": "WebKit\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2014-1312)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1312"], "modified": "2014-04-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62069", "id": "SSV:62069", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:28:17", "description": "Bugtraq ID:66573\r\nCVE ID:CVE-2014-1308\r\n\r\nWebKit\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u6d4f\u89c8\u5668\u5f15\u64ce\uff0c\u4e5f\u662f\u82f9\u679cMac OS X \u7cfb\u7edf\u5f15\u64ce\u6846\u67b6\u7248\u672c\u7684\u540d\u79f0\u3002\r\n\r\nApple Safari 6.1.3\u4e4b\u524d\u7248\u672c\u30017.0.3\u4e4b\u524d\u7248\u672c\u5185\u4f7f\u7528\u7684WebKit\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684\u7f51\u7ad9\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\r\n0\r\nApple Safari 7.x\r\nApple Safari 6.x\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.apple.com/support/downloads/", "cvss3": {}, "published": "2014-04-04T00:00:00", "title": "WebKit\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2014-1308)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1308"], "modified": "2014-04-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62066", "id": "SSV:62066", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:28:20", "description": "Bugtraq ID:66577\r\nCVE ID:CVE-2014-1311\r\n\r\nWebKit\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u6d4f\u89c8\u5668\u5f15\u64ce\uff0c\u4e5f\u662f\u82f9\u679cMac OS X \u7cfb\u7edf\u5f15\u64ce\u6846\u67b6\u7248\u672c\u7684\u540d\u79f0\u3002\r\n\r\nApple Safari 6.1.3\u4e4b\u524d\u7248\u672c\u30017.0.3\u4e4b\u524d\u7248\u672c\u5185\u4f7f\u7528\u7684WebKit\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684\u7f51\u7ad9\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\r\n0\r\nApple Safari 7.x\r\nApple Safari 6.x\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.apple.com/support/downloads/", "cvss3": {}, "published": "2014-04-04T00:00:00", "title": "WebKit\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2014-1311)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1311"], "modified": "2014-04-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62070", "id": "SSV:62070", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:30:22", "description": "CVE(CAN) ID: CVE-2014-1303\r\n\r\nSafari\u662f\u82f9\u679c\u8ba1\u7b97\u673a\u7684\u6700\u65b0\u4f5c\u4e1a\u7cfb\u7edfMac OS X\u4e2d\u7684\u6d4f\u89c8\u5668\uff0c\u4f7f\u7528\u4e86KDE\u7684KHTML\u4f5c\u4e3a\u6d4f\u89c8\u5668\u7684\u8fd0\u7b97\u6838\u5fc3\u3002\r\n\r\nApple Safari 7.0.2\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8fd9\u53ef\u4f7f\u8fdc\u7a0b\u653b\u51fb\u8005\u6267\u884c\u4efb\u610f\u4ee3\u7801\u5e76\u7ed5\u8fc7\u6c99\u76d2\u4fdd\u62a4\u3002\r\n0\r\nApple Safari 7.0.2\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://www.apple.com/support/downloads/", "cvss3": {}, "published": "2014-03-28T00:00:00", "title": "Apple Safari\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1303"], "modified": "2014-03-28T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61971", "id": "SSV:61971", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "zdi": [{"lastseen": "2022-01-31T21:07:51", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of isindex elements. The issue lies in setting attributes to invalid values. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.", "cvss3": {}, "published": "2014-04-03T00:00:00", "type": "zdi", "title": "Apple Mobile Safari isindex Use-After-Free Remote Code Execution Vulnerability ", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1290"], "modified": "2014-04-03T00:00:00", "id": "ZDI-14-057", "href": "https://www.zerodayinitiative.com/advisories/ZDI-14-057/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-31T21:07:30", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of string objects. The issue lies in the joining of strings in an array. An attacker can leverage this vulnerability to execute code under the context of the current process.", "cvss3": {}, "published": "2014-04-11T00:00:00", "type": "zdi", "title": "(Pwn2Own\\Pwn4Fun) Apple Webkit JSStringJoiner Memory Corruption Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1300"], "modified": "2014-04-11T00:00:00", "id": "ZDI-14-090", "href": "https://www.zerodayinitiative.com/advisories/ZDI-14-090/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-31T21:07:32", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Blink bindings. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.", "cvss3": {}, "published": "2014-04-11T00:00:00", "type": "zdi", "title": "(Pwn2Own) Google Chrome Blink Use-After-Free Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1713"], "modified": "2014-04-11T00:00:00", "id": "ZDI-14-086", "href": "https://www.zerodayinitiative.com/advisories/ZDI-14-086/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-31T21:07:30", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CSS rules. The issue lies in the improper handling of CSSSelector elements. An attacker can leverage this vulnerability to execute code under the context of the current process.", "cvss3": {}, "published": "2014-04-11T00:00:00", "type": "zdi", "title": "(Pwn2Own) Apple Safari Heap Buffer Overflow Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1303"], "modified": "2014-04-11T00:00:00", "id": "ZDI-14-091", "href": "https://www.zerodayinitiative.com/advisories/ZDI-14-091/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2018-10-06T22:59:06", "description": "Apple has updated its Safari browser, dropping a pile of security fixes that patch more than 25 vulnerabilities in the WebKit framework.\n\nMany of the [vulnerabilities Apple repaired in Safari](<http://support.apple.com/kb/HT6181?viewlocale=en_US&locale=en_US>) can lead to remote code execution, depending upon the attack vector. There are a number of use-after-free vulnerabilities fixed in WebKit, along with some buffer overflows and other memory corruption issues. One of the vulnerabilities, CVE-2014-1289, for example, allows remote code execution.\n\n\u201cWebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site,\u201d the vulnerability description says.\n\nThat flaw was fixed in iOS and other products earlier this year but Apple just released the fix for Safari on Monday. Along with the 25 memory corruption vulnerabilities the company fixed, it also pushed out a patch for a separate issue in Safari that could enable an attacker to read arbitrary files on a user\u2019s machine.\n\n\u201cAn attacker running arbitrary code in the WebProcess may be able to read arbitrary files despite sandbox restrictions. A logic issue existed in the handling of IPC messages from the WebProcess. This issue was addressed through additional validation of IPC messages,\u201d the Apple advisory says.\n\nMore than half of the WebKit flaws fixed in Safari 6.1.3 and 7.0.3 were discovered by the Google security team, which isn\u2019t unusual. Google Chrome uses the WebKit framework, too, and the company\u2019s security team is constantly looking for new vulnerabilities in it.\n", "cvss3": {}, "published": "2014-04-02T07:20:27", "type": "threatpost", "title": "Apple Fixes More Than 25 Flaws in Safari", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2014-1289"], "modified": "2014-04-02T18:01:13", "id": "THREATPOST:ABEA11AE947E374781FDDE1B4D657A2A", "href": "https://threatpost.com/apple-fixes-more-than-25-flaws-in-safari/105197/", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-06T22:59:58", "description": "There is a trio of high-risk security vulnerabilities in Google Chrome that have been patched in a new version of the browser released on Tuesday.\n\nThe vulnerabilities all are use-after-free bugs, and Google paid a total of $5,000 in rewards to researchers who discovered and reported them. Google also said that there were several security issues found by the company\u2019s internal security team, which it doesn\u2019t typically break out into individual flaws.\n\nThe new version of Chrome is sort of an atypical release for Google. The company updates the browser quite often, but many of the releases include a larger number of security fixes than version 30.0.1599.101 released today. The full list of vulnerabilities fixed in this version are:\n\n[$1000][[292422](<https://code.google.com/p/chromium/issues/detail?id=292422>)] High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of OUSPG[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$2000][[294456](<https://code.google.com/p/chromium/issues/detail?id=294456>)] High CVE-2013-2926: Use after free in editing. Credit to cloudfuzzer[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$2000][[297478](<https://code.google.com/p/chromium/issues/detail?id=297478>)] High CVE-2013-2927: Use after free in forms. Credit to cloudfuzzer[.](<https://code.google.com/u/117154691211413633534/>)\n\nUsers should update their browsers as soon as possible to avoid attacks against these vulnerabilities.\n", "cvss3": {}, "published": "2013-10-15T13:37:29", "type": "threatpost", "title": "Google Fixes Three High-Risk Flaws in Chrome", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927"], "modified": "2013-10-15T20:38:07", "id": "THREATPOST:27EDDBFADF1C970B7222BA96914FCAB1", "href": "https://threatpost.com/google-fixes-three-high-risk-flaws-in-chrome/102586/", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-06T22:59:13", "description": "Now that the dust has settled after the [Pwn2Own contest](<https://threatpost.com/vupen-cashes-in-four-times-at-pwn2own/104754>), the browser manufacturers are beginning to roll out patches for the vulnerabilities exploited by contestants. Google on Monday released fixes for a number of bugs in Chrome discovered and exploited during Pwn2Own, releasing new versions of the browser for Windows, Mac and Linux.\n\nThis year\u2019s Pwn2Own, which runs in conjunction with the CanSecWest conference in Vancouver, showcased vulnerabilities and exploits in most of the major browsers, including Internet Explorer and Firefox, along with Chrome. The team from VUPEN, the French security and exploit-sales firm, took home several hundred thousand dollars in prize money from the contest, a good portion of it for demonstrating new bugs in Google Chrome. In addition to the prize money from the contest, Google also is paying its own rewards to the researchers who used new flaws in Chrome.\n\nVUPEN earned a $100,000 reward from Google for its two Chrome vulnerabilities, and an anonymous researcher also earned $60,000 for two separate vulnerabilities. The flaws used in Pwn2Own that Google fixed in Chrome 33 are:\n\n * [$100,000] [[352369](<https://code.google.com/p/chromium/issues/detail?id=352369>)] Code execution outside sandbox. Credit to VUPEN. \n * [[352374](<https://code.google.com/p/chromium/issues/detail?id=352374>)] **High **CVE-2014-1713: Use-after-free in Blink bindings\n * [[352395](<https://code.google.com/p/chromium/issues/detail?id=352395>)] **High** CVE-2014-1714: Windows clipboard vulnerability\n * [$60,000] [[352420](<https://code.google.com/p/chromium/issues/detail?id=352420>)] Code execution outside sandbox. Credit to Anonymous. \n * [[351787](<https://code.google.com/p/chromium/issues/detail?id=351787>)] **High** CVE-2014-1705: Memory corruption in V8\n * [[352429](<https://code.google.com/p/chromium/issues/detail?id=352429>)] **High** CVE-2014-1715: Directory traversal issue\n\nPatches for Internet Explorer and Firefox likely will take a little longer, as they\u2019re on longer update cycles than Google, which typically pushes out new versions whenever significant security issues need to be fixed. Google security officials said that they plan to publish some details of the exploits used against Chrome in Pwn2Own in the coming weeks.\n\n\u201cWe\u2019re delighted at the success of Pwn2Own and the ability to study full exploits. We anticipate landing additional changes and hardening measures for these vulnerabilities in the near future. We also believe that both submissions are works of art and deserve wider sharing and recognition. We plan to do technical reports on both Pwn2Own submissions in the future,\u201d Anthony Laforge of Google said in a [blog post](<http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html>).\n", "cvss3": {}, "published": "2014-03-17T11:24:53", "type": "threatpost", "title": "Google Patches Four Pwn2Own Bugs in Chrome 33", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1714", "CVE-2014-1715"], "modified": "2014-03-19T20:41:49", "id": "THREATPOST:92620F5AFF6D439FD7555958C7778604", "href": "https://threatpost.com/google-patches-four-pwn2own-bugs-in-chrome-33/104828/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-06T22:59:49", "description": "Google has fixed 12 security vulnerabilities in [Chrome](<http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html>), including six high-risk bugs. The new version of the browser includes a number of fixes for bugs discovered by external researchers as well as by Google\u2019s own internal security team.\n\nTwo of the more serious vulnerabilities patched in Chrome include use-after-free bugs in various elements of the browser, and there also are two out of bounds reads in the browser. Those are listed as high-risk flaws, as well. But perhaps the most interesting bug fixed in the new version is a medium-risk vulnerability related to the TLS negotiation process. During that process, Chrome failed to do a check of some certificates it encountered.\n\nHere\u2019s the full list of bugs fixed Chrome 31:\n\n$500][[268565](<https://code.google.com/p/chromium/issues/detail?id=268565>)] Medium CVE-2013-6621: Use after free related to speech input elements. Credit to Khalil Zhani.\n\n[$2000][[272786](<https://code.google.com/p/chromium/issues/detail?id=272786>)] High CVE-2013-6622: Use after free related to media elements. Credit to cloudfuzzer[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$500][[282925](<https://code.google.com/p/chromium/issues/detail?id=282925>)] High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$1000][[290566](<https://code.google.com/p/chromium/issues/detail?id=290566>)] High CVE-2013-6624: Use after free related to \u201cid\u201d attribute strings. Credit to Jon Butler[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$2000][[295010](<https://code.google.com/p/chromium/issues/detail?id=295010>)] High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer[.](<https://code.google.com/u/117154691211413633534/>)\n\n[[295695](<https://code.google.com/p/chromium/issues/detail?id=295695>)] Low CVE-2013-6626: Address bar spoofing related to interstitial warnings. Credit to Chamal de Silva[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$4000][[299892](<https://code.google.com/p/chromium/issues/detail?id=299892>)] High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to skylined[.](<https://code.google.com/u/117154691211413633534/>)\n\n[$1000][[306959](<https://code.google.com/p/chromium/issues/detail?id=306959>)] Medium CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco of INRIA Paris[.](<https://code.google.com/u/117154691211413633534/>)\n\n * [[315823](<https://code.google.com/p/chromium/issues/detail?id=315823>)] Medium-Critical CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.\n\n * [[258723](<https://code.google.com/p/chromium/issues/detail?id=258723>)] Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo. Credit to Michal Zalewski of Google.\n\n * [[299835](<https://code.google.com/p/chromium/issues/detail?id=299835>)] Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo. Credit to Michal Zalewski of Google.\n\n * [[296804](<https://code.google.com/p/chromium/issues/detail?id=296804>)] High CVE-2013-6631: Use after free in libjingle. Credit to Patrik H\u00f6glund of the Chromium project.\n\nAs part of its bug reward program, Google paid out $11,000 in bounties to external researchers.\n", "cvss3": {}, "published": "2013-11-12T13:17:53", "type": "threatpost", "title": "12 Flaws Fixed in Google Chrome", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631"], "modified": "2013-11-18T14:39:55", "id": "THREATPOST:CA8A2340AE4B0CBCCC34EC71B4D95E8C", "href": "https://threatpost.com/12-flaws-fixed-in-google-chrome/102901/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T23:00:32", "description": "Google has fixed more than 15 vulnerabilities in Chrome and paid out nearly $35,000 in rewards to security researchers for reporting the bugs. One researcher earned an unusually large reward of $21,500 for a series of vulnerabilities he reported in Chrome.\n\nGoogle Chrome 28 includes fixes for three high-risk security flaws and just one critical bug. The lone critical vulnerability is a use-after-free flaw in network sockets reported by Collin Payne. The big winner in the Google bug bounty program for this release is Andrey Labunets, who reported a pair of vulnerabilities that earned him the special reward of $21,500.\n\nHere\u2019s the full list of vulnerabilities fixed in Chrome 28 for Windows, Mac and Chrome Frame:\n\n * [$21,500] A special reward for Andrey Labunets for his combination of CVE-2013-2879 and CVE-2013-2868 along with some (since fixed) server-side bugs.\n\n * [[252216](<https://code.google.com/p/chromium/issues/detail?id=252216>)] Low CVE-2013-2867: Block pop-unders in various scenarios.\n\n * [[252062](<https://code.google.com/p/chromium/issues/detail?id=252062>)] High CVE-2013-2879: Confusion setting up sign-in and sync. Credit to Andrey Labunets.\n\n * [[252034](<https://code.google.com/p/chromium/issues/detail?id=252034>)] Medium CVE-2013-2868: Incorrect sync of NPAPI extension component. Credit to Andrey Labunets.\n\n * [[245153](<https://code.google.com/p/chromium/issues/detail?id=245153>)] Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling. Credit to Felix Groebert of Google Security Team.\n\n * [$6267.4] [[244746](<https://code.google.com/p/chromium/issues/detail?id=244746>)] [[242762](<https://code.google.com/p/chromium/issues/detail?id=242762>)] Critical CVE-2013-2870: Use-after-free with network sockets. Credit to Collin Payne.\n\n * [$3133.7] [[244260](<https://code.google.com/p/chromium/issues/detail?id=244260>)] Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco at INRIA Paris.\n\n * [$2000] [[243991](<https://code.google.com/p/chromium/issues/detail?id=243991>)] [[243818](<https://code.google.com/p/chromium/issues/detail?id=243818>)] High CVE-2013-2871: Use-after-free in input handling. Credit to miaubiz.\n\n * [Mac only] [[242702](<https://code.google.com/p/chromium/issues/detail?id=242702>)] Low CVE-2013-2872: Possible lack of entropy in renderers. Credit to Eric Rescorla.\n\n * [$1000] [[241139](<https://code.google.com/p/chromium/issues/detail?id=241139>)] High CVE-2013-2873: Use-after-free in resource loading. Credit to miaubiz.\n\n * [Windows + NVIDIA only] [$500] [[237611](<https://code.google.com/p/chromium/issues/detail?id=237611>)] Medium CVE-2013-2874: Screen data leak with GL textures. Credit to \u201cdanguafer\u201d.\n\n * [$500] [[233848](<https://code.google.com/p/chromium/issues/detail?id=233848>)] Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to miaubiz.\n\n * [[229504](<https://code.google.com/p/chromium/issues/detail?id=229504>)] Medium CVE-2013-2876: Extensions permissions confusion with interstitials. Credit to Dev Akhawe.\n\n * [[229019](<https://code.google.com/p/chromium/issues/detail?id=229019>)] Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki Helin of OUSPG.\n\n * [[196636](<https://code.google.com/p/chromium/issues/detail?id=196636>)] None: Remove the \u201cviewsource\u201d attribute on iframes. Credit to Collin Jackson.\n\n * [[177197](<https://code.google.com/p/chromium/issues/detail?id=177197>)] Medium CVE-2013-2878: Out-of-bounds read in text handling. Credit to Atte Kettunen of OUSPG.\n", "cvss3": {}, "published": "2013-07-10T09:37:49", "type": "threatpost", "title": "Google Fixes 17 Flaws in Chrome 28", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-2853", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2872", "CVE-2013-2873", "CVE-2013-2874", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2877", "CVE-2013-2878", "CVE-2013-2879"], "modified": "2013-07-10T14:18:48", "id": "THREATPOST:9112314CCA7B09CAA90508BAE6F3D9D3", "href": "https://threatpost.com/google-fixes-17-flaws-in-chrome-28/101240/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:55:52", "description": "A use after free vulnerability exists in Google Chrome. A remote attacker could exploit this vulnerability by enticing a user to open a crafted web page. Successful exploitation could result in code execution in the context of the currently logged in user.", "cvss3": {}, "published": "2014-09-11T00:00:00", "type": "checkpoint_advisories", "title": "Google Chrome locationAttributeSetter Use After Free (CVE-2014-1713)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1713"], "modified": "2015-07-23T00:00:00", "id": "CPAI-2014-1805", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "exploitpack": [{"lastseen": "2020-04-01T19:04:55", "description": "\nWebKitGTK 2.1.2 (Ubuntu 14.04) - Heap based Buffer Overflow", "edition": 2, "cvss3": {}, "published": "2017-08-19T00:00:00", "title": "WebKitGTK 2.1.2 (Ubuntu 14.04) - Heap based Buffer Overflow", "type": "exploitpack", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1303"], "modified": "2017-08-19T00:00:00", "id": "EXPLOITPACK:9A1268F6DFD7962BE72054FD70F5DE95", "href": "", "sourceData": "# CVE-2014-1303 PoC for Linux\nCVE-2014-1303 (WebKit Heap based BOF) proof of concept for Linux. \nThis repository demonstrates the WebKit heap based buffer overflow vulnerability (CVE-2014-1303) on **Linux**. \n\n**NOTE:** Original exploit is written for Mac OS X and PS4 (PlayStation4). \n\nI've ported and tested work on Ubuntu 14.04, [WebKitGTK 2.1.2](https://webkitgtk.org/releases/) \n\n## Usage\nFirstly you need to run simple web server, \n```\n$ python server.py\n``` \nthen \n```\n$ cd /path/to/webkitgtk2.1.2/\n$ ./Programs/GtkLauncher http://localhost\n```\nYou can run several tests like, \n- Crash ROP (Jump to invalid address like 0xdeadbeefdeadbeef)\n- Get PID (Get current PID)\n- Code Execution (Load and execute payload from outer network) \n- File System Dump (Dump \"/dev\" entries) \n\n## Description\n**exploit.html** ..... trigger vulnerability and jump to ROP chain \n**scripts/roputil.js** ..... utilities for ROP building \n**scripts/syscall.js** ..... syscall ROP chains \n**scripts/code.js** ..... hard coded remote loader \n**loader/** ..... simple remote loader (written in C) \n**loader/bin2js** ..... convert binary to js variables (for loader) \n\n## Purpose\nI've created this WebKit PoC for education in my course. \nI couldn't, of course, use actual PS4 console in my lecture for legal reason :( \n\n## Reference\nCVE 2014-1303 Proof Of Concept for PS4 \n(https://github.com/Fire30/PS4-2014-1303-POC) \nLiang Chen, WEBKIT EVERYWHERE: SECURE OR NOT? [BHEU14] \n(https://www.blackhat.com/docs/eu-14/materials/eu-14-Chen-WebKit-Everywhere-Secure-Or-Not.PDF)\n\n\nDownload: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/44204.zip", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "zdt": [{"lastseen": "2018-03-28T09:28:11", "description": "Exploit for linux platform in category local exploits", "cvss3": {}, "published": "2018-03-01T00:00:00", "type": "zdt", "title": "WebKitGTK 2.1.2 (Ubuntu 14.04) - Heap based Buffer Overflow Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-1303"], "modified": "2018-03-01T00:00:00", "id": "1337DAY-ID-29912", "href": "https://0day.today/exploit/description/29912", "sourceData": "# CVE-2014-1303 PoC for Linux\r\nCVE-2014-1303 (WebKit Heap based BOF) proof of concept for Linux. \r\nThis repository demonstrates the WebKit heap based buffer overflow vulnerability (CVE-2014-1303) on **Linux**. \r\n \r\n**NOTE:** Original exploit is written for Mac OS X and PS4 (PlayStation4). \r\n \r\nI've ported and tested work on Ubuntu 14.04, [WebKitGTK 2.1.2](https://webkitgtk.org/releases/) \r\n \r\n## Usage\r\nFirstly you need to run simple web server, \r\n```\r\n$ python server.py\r\n``` \r\nthen \r\n```\r\n$ cd /path/to/webkitgtk2.1.2/\r\n$ ./Programs/GtkLauncher http://localhost\r\n```\r\nYou can run several tests like, \r\n- Crash ROP (Jump to invalid address like 0xdeadbeefdeadbeef)\r\n- Get PID (Get current PID)\r\n- Code Execution (Load and execute payload from outer network) \r\n- File System Dump (Dump \"/dev\" entries) \r\n \r\n## Description\r\n**exploit.html** ..... trigger vulnerability and jump to ROP chain \r\n**scripts/roputil.js** ..... utilities for ROP building \r\n**scripts/syscall.js** ..... syscall ROP chains \r\n**scripts/code.js** ..... hard coded remote loader \r\n**loader/** ..... simple remote loader (written in C) \r\n**loader/bin2js** ..... convert binary to js variables (for loader) \r\n \r\n## Purpose\r\nI've created this WebKit PoC for education in my course. \r\nI couldn't, of course, use actual PS4 console in my lecture for legal reason :( \r\n \r\n## Reference\r\nCVE 2014-1303 Proof Of Concept for PS4 \r\n(https://github.com/Fire30/PS4-2014-1303-POC) \r\nLiang Chen, WEBKIT EVERYWHERE: SECURE OR NOT? [BHEU14] \r\n(https://www.blackhat.com/docs/eu-14/materials/eu-14-Chen-WebKit-Everywhere-Secure-Or-Not.PDF)\r\n \r\n \r\nDownload: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/44204.zip\n\n# 0day.today [2018-03-28] #", "sourceHref": "https://0day.today/exploit/29912", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2022-05-04T17:35:25", "description": "", "cvss3": {}, "published": "2017-08-19T00:00:00", "type": "exploitdb", "title": "WebKitGTK 2.1.2 (Ubuntu 14.04) - Heap based Buffer Overflow", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["2014-1303", "CVE-2014-1303"], "modified": "2017-08-19T00:00:00", "id": "EDB-ID:44204", "href": "https://www.exploit-db.com/exploits/44204", "sourceData": "# CVE-2014-1303 PoC for Linux\r\nCVE-2014-1303 (WebKit Heap based BOF) proof of concept for Linux. \r\nThis repository demonstrates the WebKit heap based buffer overflow vulnerability (CVE-2014-1303) on **Linux**. \r\n\r\n**NOTE:** Original exploit is written for Mac OS X and PS4 (PlayStation4). \r\n\r\nI've ported and tested work on Ubuntu 14.04, [WebKitGTK 2.1.2](https://webkitgtk.org/releases/) \r\n\r\n## Usage\r\nFirstly you need to run simple web server, \r\n```\r\n$ python server.py\r\n``` \r\nthen \r\n```\r\n$ cd /path/to/webkitgtk2.1.2/\r\n$ ./Programs/GtkLauncher http://localhost\r\n```\r\nYou can run several tests like, \r\n- Crash ROP (Jump to invalid address like 0xdeadbeefdeadbeef)\r\n- Get PID (Get current PID)\r\n- Code Execution (Load and execute payload from outer network) \r\n- File System Dump (Dump \"/dev\" entries) \r\n\r\n## Description\r\n**exploit.html** ..... trigger vulnerability and jump to ROP chain \r\n**scripts/roputil.js** ..... utilities for ROP building \r\n**scripts/syscall.js** ..... syscall ROP chains \r\n**scripts/code.js** ..... hard coded remote loader \r\n**loader/** ..... simple remote loader (written in C) \r\n**loader/bin2js** ..... convert binary to js variables (for loader) \r\n\r\n## Purpose\r\nI've created this WebKit PoC for education in my course. \r\nI couldn't, of course, use actual PS4 console in my lecture for legal reason :( \r\n\r\n## Reference\r\nCVE 2014-1303 Proof Of Concept for PS4 \r\n(https://github.com/Fire30/PS4-2014-1303-POC) \r\nLiang Chen, WEBKIT EVERYWHERE: SECURE OR NOT? [BHEU14] \r\n(https://www.blackhat.com/docs/eu-14/materials/eu-14-Chen-WebKit-Everywhere-Secure-Or-Not.PDF)\r\n\r\n\r\nDownload: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/44204.zip\r\n", "sourceHref": "https://www.exploit-db.com/download/44204", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:50:51", "description": "Security and bugfix update to Chromium 31.0.1650.57\n\n - Update to Chromium 31.0.1650.57:\n - Security Fixes:\n * CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 Stable Channel update:\n - Security fixes:\n * CVE-2013-6621: Use after free related to speech input\n elements..\n * CVE-2013-6622: Use after free related to media\n elements.\n * CVE-2013-6623: Out of bounds read in SVG.\n * CVE-2013-6624: Use after free related to \u00c3\u00a2\u00c2\u0080\u00c2\u009cid\u00c3\u00a2\u00c2\u0080\u00c2\u009d\n attribute strings.\n * CVE-2013-6625: Use after free in DOM ranges.\n * CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n * CVE-2013-6627: Out of bounds read in HTTP parsing.\n * CVE-2013-6628: Issue with certificates not being\n checked during TLS renegotiation.\n * CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n * CVE-2013-6629: Read of uninitialized memory in\n libjpeg and libjpeg-turbo.\n * CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n * CVE-2013-6631: Use after free in libjingle.\n\n - Stable Channel update: fix build for 32bit systems\n\n - Update to Chromium 30.0.1599.101\n - Security Fixes:\n + CVE-2013-2925: Use after free in XHR\n + CVE-2013-2926: Use after free in editing\n + CVE-2013-2927: Use after free in forms.\n + CVE-2013-2928: Various fixes from internal audits,\n fuzzing and other initiatives.\n - Enable ARM build for Chromium.\n\n", "cvss3": {}, "published": "2013-11-27T20:04:13", "type": "suse", "title": "chromium: 31.0.1650.57 version update (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-2926", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-2925", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-2927", "CVE-2013-6632", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629", "CVE-2013-2928"], "modified": "2013-11-27T20:04:13", "id": "OPENSUSE-SU-2013:1776-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:37:36", "description": "Chromium was updated to 31.0.1650.57: Stable channel update:\n - Security Fixes:\n * CVE-2013-6632: Multiple memory corruption issues.\n - Update to Chromium 31.0.1650.48 Stable Channel update:\n - Security fixes:\n * CVE-2013-6621: Use after free related to speech input\n elements..\n * CVE-2013-6622: Use after free related to media\n elements.\n * CVE-2013-6623: Out of bounds read in SVG.\n * CVE-2013-6624: Use after free related to \u00c3\u00a2\u00c2\u0080\u00c2\u009cid\u00c3\u00a2\u00c2\u0080\u00c2\u009d\n attribute strings.\n * CVE-2013-6625: Use after free in DOM ranges.\n * CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n * CVE-2013-6627: Out of bounds read in HTTP parsing.\n * CVE-2013-6628: Issue with certificates not being\n checked during TLS renegotiation.\n * CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n * CVE-2013-6629: Read of uninitialized memory in\n libjpeg and libjpeg-turbo.\n * CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n * CVE-2013-6631: Use after free in libjingle.\n - Added patch chromium-fix-chromedriver-build.diff to fix\n the chromedriver build\n\n - Enable ARM build for Chromium.\n * Added patches chromium-arm-webrtc-fix.patch,\n chromium-fix-arm-icu.patch and\n chromium-fix-arm-sysroot.patch to resolve ARM specific\n build issues\n\n - Update to Chromium 30.0.1599.114 Stable Channel update:\n fix build for 32bit systems\n - Drop patch chromium-fix-chromedriver-build.diff. This is\n now fixed upstream\n - For openSUSE versions lower than 13.1, build against the\n in-tree libicu\n\n - Update to Chromium 30.0.1599.101\n - Security Fixes:\n + CVE-2013-2925: Use after free in XHR\n + CVE-2013-2926: Use after free in editing\n + CVE-2013-2927: Use after free in forms.\n + CVE-2013-2928: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - Update to Chromium 30.0.1599.66\n - Easier searching by image\n - A number of new apps/extension APIs\n - Lots of under the hood changes for stability and\n performance\n - Security fixes:\n + CVE-2013-2906: Races in Web Audio\n + CVE-2013-2907: Out of bounds read in Window.prototype\n object\n + CVE-2013-2908: Address bar spoofing related to the\n \u00c3\u00a2\u00c2\u0080\u00c2\u009c204 No Content\u00c3\u00a2\u00c2\u0080\u00c2\u009d status code\n + CVE-2013-2909: Use after free in inline-block rendering\n + CVE-2013-2910: Use-after-free in Web Audio\n + CVE-2013-2911: Use-after-free in XSLT\n + CVE-2013-2912: Use-after-free in PPAPI\n + CVE-2013-2913: Use-after-free in XML document parsing\n + CVE-2013-2914: Use after free in the Windows color\n chooser dialog\n + CVE-2013-2915: Address bar spoofing via a malformed\n scheme\n + CVE-2013-2916: Address bar spoofing related to the \u00c3\u00a2\u00c2\u0080\u00c2\u009c204\n No Content\u00c3\u00a2\u00c2\u0080\u00c2\u009d status code\n + CVE-2013-2917: Out of bounds read in Web Audio\n + CVE-2013-2918: Use-after-free in DOM\n + CVE-2013-2919: Memory corruption in V8\n + CVE-2013-2920: Out of bounds read in URL parsing\n + CVE-2013-2921: Use-after-free in resource loader\n + CVE-2013-2922: Use-after-free in template element\n + CVE-2013-2923: Various fixes from internal audits,\n fuzzing and other initiatives\n + CVE-2013-2924: Use-after-free in ICU. Upstream bug\n\n", "cvss3": {}, "published": "2013-12-12T18:05:02", "type": "suse", "title": "chromium: update to 31.0.1650.57 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2013-2922", "CVE-2013-2915", "CVE-2013-2920", "CVE-2013-2931", "CVE-2013-2926", "CVE-2013-2907", "CVE-2013-2919", "CVE-2013-2921", "CVE-2013-2908", "CVE-2013-2913", "CVE-2013-6631", "CVE-2013-2914", "CVE-2013-2912", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-2917", "CVE-2013-2910", "CVE-2013-2916", "CVE-2013-2925", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-2924", "CVE-2013-2927", "CVE-2013-2906", "CVE-2013-2923", "CVE-2013-6632", "CVE-2013-2911", "CVE-2013-2909", "CVE-2013-6622", "CVE-2013-2918", "CVE-2013-6623", "CVE-2013-6629", "CVE-2013-2928"], "modified": "2013-12-12T18:05:02", "id": "OPENSUSE-SU-2013:1861-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:03:49", "description": "Chromium was updated to the 33.0.1750.152 stable channel\n uodate:\n - Security fixes:\n * CVE-2014-1713: Use-after-free in Blink bindings\n * CVE-2014-1714: Windows clipboard vulnerability\n * CVE-2014-1705: Memory corruption in V8\n * CVE-2014-1715: Directory traversal issue\n\n Previous stable channel update 33.0.1750.149:\n - Security fixes:\n * CVE-2014-1700: Use-after-free in speech\n * CVE-2014-1701: UXSS in events\n * CVE-2014-1702: Use-after-free in web database\n * CVE-2014-1703: Potential sandbox escape due to a\n use-after-free in web sockets\n * CVE-2014-1704: Multiple vulnerabilities in V8 fixed in\n version 3.23.17.18\n\n", "cvss3": {}, "published": "2014-04-09T19:04:26", "type": "suse", "title": "chromium to 33.0.1750.152 stable release (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-1703", "CVE-2014-1705", "CVE-2014-1714", "CVE-2014-1713", "CVE-2014-1701", "CVE-2014-1704", "CVE-2014-1715", "CVE-2014-1702", "CVE-2014-1700"], "modified": "2014-04-09T19:04:26", "id": "OPENSUSE-SU-2014:0501-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:45:45", "description": "Chromium was updated to 31.0.1650.57: Stable channel update:\n - Security Fixes:\n * CVE-2013-6632: Multiple memory corruption issues.\n\n - Update to Chromium 31.0.1650.48 (bnc#850430) Stable\n Channel update:\n - Security fixes:\n * CVE-2013-6621: Use after free related to speech input\n elements..\n * CVE-2013-6622: Use after free related to media\n elements.\n * CVE-2013-6623: Out of bounds read in SVG.\n * CVE-2013-6624: Use after free related to \u00c3\u00a2\u00c2\u0080\u00c2\u009cid\u00c3\u00a2\u00c2\u0080\u00c2\u009d\n attribute strings.\n * CVE-2013-6625: Use after free in DOM ranges.\n * CVE-2013-6626: Address bar spoofing related to\n interstitial warnings.\n * CVE-2013-6627: Out of bounds read in HTTP parsing.\n * CVE-2013-6628: Issue with certificates not being\n checked during TLS renegotiation.\n * CVE-2013-2931: Various fixes from internal audits,\n fuzzing and other initiatives.\n * CVE-2013-6629: Read of uninitialized memory in\n libjpeg and libjpeg-turbo.\n * CVE-2013-6630: Read of uninitialized memory in\n libjpeg-turbo.\n * CVE-2013-6631: Use after free in libjingle.\n - Added patch chromium-fix-chromedriver-build.diff to fix\n the chromedriver build\n\n", "cvss3": {}, "published": "2013-11-27T20:04:35", "type": "suse", "title": "chromium: update to 31.0.1650.57 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2013-2931", "CVE-2013-6631", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6625", "CVE-2013-6621", "CVE-2013-6624", "CVE-2013-6628", "CVE-2013-6630", "CVE-2013-6632", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6629"], "modified": "2013-11-27T20:04:35", "id": "OPENSUSE-SU-2013:1777-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2021-12-01T12:11:51", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2785-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nOctober 26, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-2906 CVE-2013-2907 CVE-2013-2908 CVE-2013-2909 \n CVE-2013-2910 CVE-2013-2911 CVE-2013-2912 CVE-2013-2913\n CVE-2013-2915 CVE-2013-2916 CVE-2013-2917 CVE-2013-2918\n CVE-2013-2919 CVE-2013-2920 CVE-2013-2921 CVE-2013-2922\n CVE-2013-2923 CVE-2013-2924 CVE-2013-2925 CVE-2013-2926\n CVE-2013-2927 CVE-2013-2928\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2906\n\n Atte Kettunen of OUSPG discovered race conditions in Web Audio.\n\nCVE-2013-2907\n\n Boris Zbarsky discovered an out-of-bounds read in window.prototype.\n\nCVE-2013-2908\n\n Chamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-2909\n\n Atte Kuttenen of OUSPG discovered a use-after-free issue in\n inline-block.\n\nCVE-2013-2910\n\n Byoungyoung Lee of the Georgia Tech Information Security Center\n discovered a use-after-free issue in Web Audio.\n\nCVE-2013-2911\n\n Atte Kettunen of OUSPG discovered a use-after-free in Blink's XSLT\n handling.\n\nCVE-2013-2912\n\n Chamal de Silva and 41.w4r10r(at)garage4hackers.com discovered a\n use-after-free issue in the Pepper Plug-in API.\n\nCVE-2013-2913\n\n cloudfuzzer discovered a use-after-free issue in Blink's XML\n document parsing.\n\nCVE-2013-2915\n\n Wander Groeneveld discovered an address bar spoofing issue.\n\nCVE-2013-2916\n\n Masato Kinugawa discovered an address bar spoofing issue.\n\nCVE-2013-2917\n\n Byoungyoung Lee and Tielei Wang discovered an out-of-bounds read\n issue in Web Audio.\n\nCVE-2013-2918\n\n Byoungyoung Lee discoverd an out-of-bounds read in Blink's DOM\n implementation.\n\nCVE-2013-2919\n\n Adam Haile of Concrete Data discovered a memory corruption issue\n in the V8 javascript library.\n\nCVE-2013-2920\n\n Atte Kuttunen of OUSPG discovered an out-of-bounds read in URL\n host resolving.\n\nCVE-2013-2921\n\n Byoungyoung Lee and Tielei Wang discovered a use-after-free issue\n in resource loading.\n\nCVE-2013-2922\n\n Jon Butler discovered a use-after-free issue in Blink's HTML\n template element implementation.\n\nCVE-2013-2924\n\n A use-after-free issue was discovered in the International\n Components for Unicode (ICU) library. \n\nCVE-2013-2925\n\n Atte Kettunen of OUSPG discover a use-after-free issue in Blink's\n XML HTTP request implementation.\n\nCVE-2013-2926\n\n cloudfuzzer discovered a use-after-free issue in the list indenting\n implementation.\n\nCVE-2013-2927\n\n cloudfuzzer discovered a use-after-free issue in the HTML form\n submission implementation. \n\nCVE-2013-2923 and CVE-2013-2928\n\n The chrome 30 development team found various issues from internal\n fuzzing, audits, and other studies. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 30.0.1599.101-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 30.0.1599.101-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-10-26T19:03:01", "type": "debian", "title": "[SECURITY] [DSA 2785-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2906", "CVE-2013-2907", "CVE-2013-2908", "CVE-2013-2909", "CVE-2013-2910", "CVE-2013-2911", "CVE-2013-2912", "CVE-2013-2913", "CVE-2013-2915", "CVE-2013-2916", "CVE-2013-2917", "CVE-2013-2918", "CVE-2013-2919", "CVE-2013-2920", "CVE-2013-2921", "CVE-2013-2922", "CVE-2013-2923", "CVE-2013-2924", "CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2013-10-26T19:03:01", "id": "DEBIAN:DSA-2785-1:AD67D", "href": "https://lists.debian.org/debian-security-announce/2013/msg00197.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T23:26:35", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2785-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nOctober 26, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-2906 CVE-2013-2907 CVE-2013-2908 CVE-2013-2909 \n CVE-2013-2910 CVE-2013-2911 CVE-2013-2912 CVE-2013-2913\n CVE-2013-2915 CVE-2013-2916 CVE-2013-2917 CVE-2013-2918\n CVE-2013-2919 CVE-2013-2920 CVE-2013-2921 CVE-2013-2922\n CVE-2013-2923 CVE-2013-2924 CVE-2013-2925 CVE-2013-2926\n CVE-2013-2927 CVE-2013-2928\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2906\n\n Atte Kettunen of OUSPG discovered race conditions in Web Audio.\n\nCVE-2013-2907\n\n Boris Zbarsky discovered an out-of-bounds read in window.prototype.\n\nCVE-2013-2908\n\n Chamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-2909\n\n Atte Kuttenen of OUSPG discovered a use-after-free issue in\n inline-block.\n\nCVE-2013-2910\n\n Byoungyoung Lee of the Georgia Tech Information Security Center\n discovered a use-after-free issue in Web Audio.\n\nCVE-2013-2911\n\n Atte Kettunen of OUSPG discovered a use-after-free in Blink's XSLT\n handling.\n\nCVE-2013-2912\n\n Chamal de Silva and 41.w4r10r(at)garage4hackers.com discovered a\n use-after-free issue in the Pepper Plug-in API.\n\nCVE-2013-2913\n\n cloudfuzzer discovered a use-after-free issue in Blink's XML\n document parsing.\n\nCVE-2013-2915\n\n Wander Groeneveld discovered an address bar spoofing issue.\n\nCVE-2013-2916\n\n Masato Kinugawa discovered an address bar spoofing issue.\n\nCVE-2013-2917\n\n Byoungyoung Lee and Tielei Wang discovered an out-of-bounds read\n issue in Web Audio.\n\nCVE-2013-2918\n\n Byoungyoung Lee discoverd an out-of-bounds read in Blink's DOM\n implementation.\n\nCVE-2013-2919\n\n Adam Haile of Concrete Data discovered a memory corruption issue\n in the V8 javascript library.\n\nCVE-2013-2920\n\n Atte Kuttunen of OUSPG discovered an out-of-bounds read in URL\n host resolving.\n\nCVE-2013-2921\n\n Byoungyoung Lee and Tielei Wang discovered a use-after-free issue\n in resource loading.\n\nCVE-2013-2922\n\n Jon Butler discovered a use-after-free issue in Blink's HTML\n template element implementation.\n\nCVE-2013-2924\n\n A use-after-free issue was discovered in the International\n Components for Unicode (ICU) library. \n\nCVE-2013-2925\n\n Atte Kettunen of OUSPG discover a use-after-free issue in Blink's\n XML HTTP request implementation.\n\nCVE-2013-2926\n\n cloudfuzzer discovered a use-after-free issue in the list indenting\n implementation.\n\nCVE-2013-2927\n\n cloudfuzzer discovered a use-after-free issue in the HTML form\n submission implementation. \n\nCVE-2013-2923 and CVE-2013-2928\n\n The chrome 30 development team found various issues from internal\n fuzzing, audits, and other studies. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 30.0.1599.101-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 30.0.1599.101-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-10-26T19:03:01", "type": "debian", "title": "[SECURITY] [DSA 2785-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2906", "CVE-2013-2907", "CVE-2013-2908", "CVE-2013-2909", "CVE-2013-2910", "CVE-2013-2911", "CVE-2013-2912", "CVE-2013-2913", "CVE-2013-2915", "CVE-2013-2916", "CVE-2013-2917", "CVE-2013-2918", "CVE-2013-2919", "CVE-2013-2920", "CVE-2013-2921", "CVE-2013-2922", "CVE-2013-2923", "CVE-2013-2924", "CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928"], "modified": "2013-10-26T19:03:01", "id": "DEBIAN:DSA-2785-1:CB557", "href": "https://lists.debian.org/debian-security-announce/2013/msg00197.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T23:25:50", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2797-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nNovember 16, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-2931 CVE-2013-6621 CVE-2013-6622 CVE-2013-6623 \n CVE-2013-6624 CVE-2013-6625 CVE-2013-6626 CVE-2013-6627\n CVE-2013-6628 CVE-2013-6629 CVE-2013-6630 CVE-2013-6631\n CVE-2013-6632\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2931\n\n The chrome 31 development team found various issues from internal\n fuzzing, audits, and other studies.\n\nCVE-2013-6621\n\n Khalil Zhani discovered a use-after-free issue in speech input\n handling.\n\nCVE-2013-6622\n\n cloudfuzzer discovered a use-after-free issue in HTMLMediaElement.\n\nCVE-2013-6623\n\n miaubiz discovered an out-of-bounds read in the Blink/Webkit SVG\n implementation.\n\nCVE-2013-6624\n\n Jon Butler discovered a use-after-free issue in id attribute strings.\n\nCVE-2013-6625\n\n cloudfuzzer discovered a use-after-free issue in the Blink/Webkit\n DOM implementation.\n\nCVE-2013-6626\n\n Chamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-6627\n\n skylined discovered an out-of-bounds read in the HTTP stream parser.\n\nCVE-2013-6628\n\n Antoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris\n discovered that a different (unverified) certificate could be used\n after successful TLS renegotiation with a valid certificate.\n\nCVE-2013-6629\n\n Michal Zalewski discovered an uninitialized memory read in the\n libjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6630\n\n Michal Zalewski discovered another uninitialized memory read in\n the libjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6631\n\n Patrik H\u00c3\u00b6glund discovered a use-free issue in the libjingle library.\n\nCVE-2013-6632\n\n Pinkie Pie discovered multiple memory corruption issues.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 31.0.1650.57-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.0.1650.57-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-11-17T15:42:38", "type": "debian", "title": "[SECURITY] [DSA 2797-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631", "CVE-2013-6632"], "modified": "2013-11-17T15:42:38", "id": "DEBIAN:DSA-2797-1:8262C", "href": "https://lists.debian.org/debian-security-announce/2013/msg00211.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-08T00:35:36", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2797-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nNovember 16, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-2931 CVE-2013-6621 CVE-2013-6622 CVE-2013-6623 \n CVE-2013-6624 CVE-2013-6625 CVE-2013-6626 CVE-2013-6627\n CVE-2013-6628 CVE-2013-6629 CVE-2013-6630 CVE-2013-6631\n CVE-2013-6632\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-2931\n\n The chrome 31 development team found various issues from internal\n fuzzing, audits, and other studies.\n\nCVE-2013-6621\n\n Khalil Zhani discovered a use-after-free issue in speech input\n handling.\n\nCVE-2013-6622\n\n cloudfuzzer discovered a use-after-free issue in HTMLMediaElement.\n\nCVE-2013-6623\n\n miaubiz discovered an out-of-bounds read in the Blink/Webkit SVG\n implementation.\n\nCVE-2013-6624\n\n Jon Butler discovered a use-after-free issue in id attribute strings.\n\nCVE-2013-6625\n\n cloudfuzzer discovered a use-after-free issue in the Blink/Webkit\n DOM implementation.\n\nCVE-2013-6626\n\n Chamal de Silva discovered an address bar spoofing issue.\n\nCVE-2013-6627\n\n skylined discovered an out-of-bounds read in the HTTP stream parser.\n\nCVE-2013-6628\n\n Antoine Delignat-Lavaud and Karthikeyan Bhargavan of INRIA Paris\n discovered that a different (unverified) certificate could be used\n after successful TLS renegotiation with a valid certificate.\n\nCVE-2013-6629\n\n Michal Zalewski discovered an uninitialized memory read in the\n libjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6630\n\n Michal Zalewski discovered another uninitialized memory read in\n the libjpeg and libjpeg-turbo libraries.\n\nCVE-2013-6631\n\n Patrik H\u00c3\u00b6glund discovered a use-free issue in the libjingle library.\n\nCVE-2013-6632\n\n Pinkie Pie discovered multiple memory corruption issues.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 31.0.1650.57-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.0.1650.57-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-11-17T15:42:38", "type": "debian", "title": "[SECURITY] [DSA 2797-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6629", "CVE-2013-6630", "CVE-2013-6631", "CVE-2013-6632"], "modified": "2013-11-17T15:42:38", "id": "DEBIAN:DSA-2797-1:35E2D", "href": "https://lists.debian.org/debian-security-announce/2013/msg00211.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T23:41:22", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2724-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nJuly 17, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-2853 CVE-2013-2867 CVE-2013-2868 CVE-2013-2869\n CVE-2013-2870 CVE-2013-2871 CVE-2013-2873 CVE-2013-2875\n CVE-2013-2876 CVE-2013-2877 CVE-2013-2878 CVE-2013-2879\n CVE-2013-2880\n\nSeveral vulnerabilities have been discovered in the Chromium web browser.\n\nCVE-2013-2853\n\n The HTTPS implementation does not ensure that headers are terminated\n by \\r\\n\\r\\n (carriage return, newline, carriage return, newline).\n\nCVE-2013-2867\n\n Chrome does not properly prevent pop-under windows.\n\nCVE-2013-2868\n\n common/extensions/sync_helper.cc proceeds with sync operations for\n NPAPI extensions without checking for a certain plugin permission\n setting.\n\nCVE-2013-2869\n\n Denial of service (out-of-bounds read) via a crafted JPEG2000\n image.\n\nCVE-2013-2870\n\n Use-after-free vulnerability in network sockets.\n\nCVE-2013-2871\n\n Use-after-free vulnerability in input handling.\n\nCVE-2013-2873\n\n Use-after-free vulnerability in resource loading.\n\nCVE-2013-2875\n\n Out-of-bounds read in SVG file handling.\n\nCVE-2013-2876\n\n Chrome does not properly enforce restrictions on the capture of\n screenshots by extensions, which could lead to information\n disclosure from previous page visits.\n\nCVE-2013-2877\n\n Out-of-bounds read in XML file handling.\n\nCVE-2013-2878\n\n Out-of-bounds read in text handling.\n\nCVE-2013-2879\n\n The circumstances in which a renderer process can be considered a\n trusted process for sign-in and subsequent sync operations were\n not propertly checked.\n\nCVE-2013-2880\n\n The chrome 28 development team found various issues from internal\n fuzzing, audits, and other studies.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 28.0.1500.71-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 28.0.1500.71-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-07-18T21:59:40", "type": "debian", "title": "[SECURITY] [DSA 2724-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2853", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2873", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2877", "CVE-2013-2878", "CVE-2013-2879", "CVE-2013-2880"], "modified": "2013-07-18T21:59:40", "id": "DEBIAN:DSA-2724-1:449B6", "href": "https://lists.debian.org/debian-security-announce/2013/msg00135.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-04T01:03:33", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2724-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nJuly 17, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-2853 CVE-2013-2867 CVE-2013-2868 CVE-2013-2869\n CVE-2013-2870 CVE-2013-2871 CVE-2013-2873 CVE-2013-2875\n CVE-2013-2876 CVE-2013-2877 CVE-2013-2878 CVE-2013-2879\n CVE-2013-2880\n\nSeveral vulnerabilities have been discovered in the Chromium web browser.\n\nCVE-2013-2853\n\n The HTTPS implementation does not ensure that headers are terminated\n by \\r\\n\\r\\n (carriage return, newline, carriage return, newline).\n\nCVE-2013-2867\n\n Chrome does not properly prevent pop-under windows.\n\nCVE-2013-2868\n\n common/extensions/sync_helper.cc proceeds with sync operations for\n NPAPI extensions without checking for a certain plugin permission\n setting.\n\nCVE-2013-2869\n\n Denial of service (out-of-bounds read) via a crafted JPEG2000\n image.\n\nCVE-2013-2870\n\n Use-after-free vulnerability in network sockets.\n\nCVE-2013-2871\n\n Use-after-free vulnerability in input handling.\n\nCVE-2013-2873\n\n Use-after-free vulnerability in resource loading.\n\nCVE-2013-2875\n\n Out-of-bounds read in SVG file handling.\n\nCVE-2013-2876\n\n Chrome does not properly enforce restrictions on the capture of\n screenshots by extensions, which could lead to information\n disclosure from previous page visits.\n\nCVE-2013-2877\n\n Out-of-bounds read in XML file handling.\n\nCVE-2013-2878\n\n Out-of-bounds read in text handling.\n\nCVE-2013-2879\n\n The circumstances in which a renderer process can be considered a\n trusted process for sign-in and subsequent sync operations were\n not propertly checked.\n\nCVE-2013-2880\n\n The chrome 28 development team found various issues from internal\n fuzzing, audits, and other studies.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 28.0.1500.71-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 28.0.1500.71-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-07-18T21:59:40", "type": "debian", "title": "[SECURITY] [DSA 2724-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2853", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2873", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2877", "CVE-2013-2878", "CVE-2013-2879", "CVE-2013-2880"], "modified": "2013-07-18T21:59:40", "id": "DEBIAN:DSA-2724-1:B3090", "href": "https://lists.debian.org/debian-security-announce/2013/msg00135.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T23:17:40", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2883-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nMarch 23, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2013-6653 CVE-2013-6654 CVE-2013-6655 CVE-2013-6656 \n CVE-2013-6657 CVE-2013-6658 CVE-2013-6659 CVE-2013-6660\n CVE-2013-6661 CVE-2013-6663 CVE-2013-6664 CVE-2013-6665\n CVE-2013-6666 CVE-2013-6667 CVE-2013-6668 CVE-2014-1700\n CVE-2014-1701 CVE-2014-1702 CVE-2014-1703 CVE-2014-1704\n CVE-2014-1705 CVE-2014-1713 CVE-2014-1715\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-6653\n\n Khalil Zhani discovered a use-after-free issue in chromium's web\n contents color chooser.\n\nCVE-2013-6654\n\n TheShow3511 discovered an issue in SVG handling.\n\nCVE-2013-6655\n\n cloudfuzzer discovered a use-after-free issue in dom event handling.\n\nCVE-2013-6656\n\n NeexEmil discovered an information leak in the XSS auditor.\n\nCVE-2013-6657\n\n NeexEmil discovered a way to bypass the Same Origin policy in the\n XSS auditor.\n\nCVE-2013-6658\n\n cloudfuzzer discovered multiple use-after-free issues surrounding\n the updateWidgetPositions function.\n\nCVE-2013-6659\n\n Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that\n it was possible to trigger an unexpected certificate chain during\n TLS renegotiation.\n\nCVE-2013-6660\n\n bishopjeffreys discovered an information leak in the drag and drop\n implementation.\n\nCVE-2013-6661\n\n The Google Chrome team discovered and fixed multiple issues in\n version 33.0.1750.117.\n\nCVE-2013-6663\n\n Atte Kettunen discovered a use-after-free issue in SVG handling.\n\nCVE-2013-6664\n\n Khalil Zhani discovered a use-after-free issue in the speech\n recognition feature.\n\nCVE-2013-6665\n\n cloudfuzzer discovered a buffer overflow issue in the software\n renderer.\n\nCVE-2013-6666\n\n netfuzzer discovered a restriction bypass in the Pepper Flash\n plugin.\n\nCVE-2013-6667\n\n The Google Chrome team discovered and fixed multiple issues in\n version 33.0.1750.146.\n\nCVE-2013-6668\n\n Multiple vulnerabilities were fixed in version 3.24.35.10 of\n the V8 javascript library.\n\nCVE-2014-1700\n\n Chamal de Silva discovered a use-after-free issue in speech\n synthesis.\n\nCVE-2014-1701\n\n aidanhs discovered a cross-site scripting issue in event handling.\n\nCVE-2014-1702\n\n Colin Payne discovered a use-after-free issue in the web database\n implementation.\n\nCVE-2014-1703\n\n VUPEN discovered a use-after-free issue in web sockets that\n could lead to a sandbox escape.\n\nCVE-2014-1704\n\n Multiple vulnerabilities were fixed in version 3.23.17.18 of\n the V8 javascript library.\n\nCVE-2014-1705\n\n A memory corruption issue was discovered in the V8 javascript\n library.\n\nCVE-2014-1713\n\n A use-after-free issue was discovered in the AttributeSetter\n function. \n\nCVE-2014-1715\n\n A directory traversal issue was found and fixed.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 33.0.1750.152-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 33.0.1750.152-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-03-24T01:02:13", "type": "debian", "title": "[SECURITY] [DSA 2883-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6653", "CVE-2013-6654", "CVE-2013-6655", "CVE-2013-6656", "CVE-2013-6657", "CVE-2013-6658", "CVE-2013-6659", "CVE-2013-6660", "CVE-2013-6661", "CVE-2013-6663", "CVE-2013-6664", "CVE-2013-6665", "CVE-2013-6666", "CVE-2013-6667", "CVE-2013-6668", "CVE-2014-1700", "CVE-2014-1701", "CVE-2014-1702", "CVE-2014-1703", "CVE-2014-1704", "CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1715"], "modified": "2014-03-24T01:02:13", "id": "DEBIAN:DSA-2883-1:B52C6", "href": "https://lists.debian.org/debian-security-announce/2014/msg00055.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-01T00:05:10", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2883-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nMarch 23, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2013-6653 CVE-2013-6654 CVE-2013-6655 CVE-2013-6656 \n CVE-2013-6657 CVE-2013-6658 CVE-2013-6659 CVE-2013-6660\n CVE-2013-6661 CVE-2013-6663 CVE-2013-6664 CVE-2013-6665\n CVE-2013-6666 CVE-2013-6667 CVE-2013-6668 CVE-2014-1700\n CVE-2014-1701 CVE-2014-1702 CVE-2014-1703 CVE-2014-1704\n CVE-2014-1705 CVE-2014-1713 CVE-2014-1715\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2013-6653\n\n Khalil Zhani discovered a use-after-free issue in chromium's web\n contents color chooser.\n\nCVE-2013-6654\n\n TheShow3511 discovered an issue in SVG handling.\n\nCVE-2013-6655\n\n cloudfuzzer discovered a use-after-free issue in dom event handling.\n\nCVE-2013-6656\n\n NeexEmil discovered an information leak in the XSS auditor.\n\nCVE-2013-6657\n\n NeexEmil discovered a way to bypass the Same Origin policy in the\n XSS auditor.\n\nCVE-2013-6658\n\n cloudfuzzer discovered multiple use-after-free issues surrounding\n the updateWidgetPositions function.\n\nCVE-2013-6659\n\n Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that\n it was possible to trigger an unexpected certificate chain during\n TLS renegotiation.\n\nCVE-2013-6660\n\n bishopjeffreys discovered an information leak in the drag and drop\n implementation.\n\nCVE-2013-6661\n\n The Google Chrome team discovered and fixed multiple issues in\n version 33.0.1750.117.\n\nCVE-2013-6663\n\n Atte Kettunen discovered a use-after-free issue in SVG handling.\n\nCVE-2013-6664\n\n Khalil Zhani discovered a use-after-free issue in the speech\n recognition feature.\n\nCVE-2013-6665\n\n cloudfuzzer discovered a buffer overflow issue in the software\n renderer.\n\nCVE-2013-6666\n\n netfuzzer discovered a restriction bypass in the Pepper Flash\n plugin.\n\nCVE-2013-6667\n\n The Google Chrome team discovered and fixed multiple issues in\n version 33.0.1750.146.\n\nCVE-2013-6668\n\n Multiple vulnerabilities were fixed in version 3.24.35.10 of\n the V8 javascript library.\n\nCVE-2014-1700\n\n Chamal de Silva discovered a use-after-free issue in speech\n synthesis.\n\nCVE-2014-1701\n\n aidanhs discovered a cross-site scripting issue in event handling.\n\nCVE-2014-1702\n\n Colin Payne discovered a use-after-free issue in the web database\n implementation.\n\nCVE-2014-1703\n\n VUPEN discovered a use-after-free issue in web sockets that\n could lead to a sandbox escape.\n\nCVE-2014-1704\n\n Multiple vulnerabilities were fixed in version 3.23.17.18 of\n the V8 javascript library.\n\nCVE-2014-1705\n\n A memory corruption issue was discovered in the V8 javascript\n library.\n\nCVE-2014-1713\n\n A use-after-free issue was discovered in the AttributeSetter\n function. \n\nCVE-2014-1715\n\n A directory traversal issue was found and fixed.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 33.0.1750.152-1~deb7u1.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 33.0.1750.152-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-03-24T01:02:13", "type": "debian", "title": "[SECURITY] [DSA 2883-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6653", "CVE-2013-6654", "CVE-2013-6655", "CVE-2013-6656", "CVE-2013-6657", "CVE-2013-6658", "CVE-2013-6659", "CVE-2013-6660", "CVE-2013-6661", "CVE-2013-6663", "CVE-2013-6664", "CVE-2013-6665", "CVE-2013-6666", "CVE-2013-6667", "CVE-2013-6668", "CVE-2014-1700", "CVE-2014-1701", "CVE-2014-1702", "CVE-2014-1703", "CVE-2014-1704", "CVE-2014-1705", "CVE-2014-1713", "CVE-2014-1715"], "modified": "2014-03-24T01:02:13", "id": "DEBIAN:DSA-2883-1:8DB61", "href": "https://lists.debian.org/debian-security-announce/2014/msg00055.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:09:06", "description": "### Background\n\nChromium is an open-source web browser project. V8 is Google\u2019s open source JavaScript engine. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. \n\n### Impact\n\nA context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass security restrictions or have other unspecified impact. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-33.0.1750.146\"\n \n\nGentoo has discontinued support for separate V8 package. We recommend that users unmerge V8: \n \n \n # emerge --unmerge \"dev-lang/v8\"", "cvss3": {}, "published": "2014-03-05T00:00:00", "type": "gentoo", "title": "Chromium, V8: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2906", "CVE-2013-2907", "CVE-2013-2908", "CVE-2013-2909", "CVE-2013-2910", "CVE-2013-2911", "CVE-2013-2912", "CVE-2013-2913", "CVE-2013-2915", "CVE-2013-2916", "CVE-2013-2917", "CVE-2013-2918", "CVE-2013-2919", "CVE-2013-2920", "CVE-2013-2921", "CVE-2013-2922", "CVE-2013-2923", "CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928", "CVE-2013-2931", "CVE-2013-6621", "CVE-2013-6622", "CVE-2013-6623", "CVE-2013-6624", "CVE-2013-6625", "CVE-2013-6626", "CVE-2013-6627", "CVE-2013-6628", "CVE-2013-6632", "CVE-2013-6634", "CVE-2013-6635", "CVE-2013-6636", "CVE-2013-6637", "CVE-2013-6638", "CVE-2013-6639", "CVE-2013-6640", "CVE-2013-6641", "CVE-2013-6643", "CVE-2013-6644", "CVE-2013-6645", "CVE-2013-6646", "CVE-2013-6649", "CVE-2013-6650", "CVE-2013-6652", "CVE-2013-6653", "CVE-2013-6654", "CVE-2013-6655", "CVE-2013-6656", "CVE-2013-6657", "CVE-2013-6658", "CVE-2013-6659", "CVE-2013-6660", "CVE-2013-6661", "CVE-2013-6663", "CVE-2013-6664", "CVE-2013-6665", "CVE-2013-6666", "CVE-2013-6667", "CVE-2013-6668", "CVE-2013-6802", "CVE-2014-1681"], "modified": "2014-03-05T00:00:00", "id": "GLSA-201403-01", "href": "https://security.gentoo.org/glsa/201403-01", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-17T19:08:04", "description": "### Background\n\nChromium is an open-source web browser project.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could conduct a number of attacks which include: cross site scripting attacks, bypassing of sandbox protection, potential execution of arbitrary code with the privileges of the process, or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-37.0.2062.94\"", "cvss3": {}, "published": "2014-08-30T00:00:00", "type": "gentoo", "title": "Chromium: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE
