Search...

Apple Safari缓存对象历史枚举漏洞

2011-12-21T00:00:00

ID SSV:26090
Type seebug
Reporter Root
Modified 2011-12-21T00:00:00

Description

CVE ID: CVE-2011-4692

Safari是苹果计算机的最新作业系统Mac OS X中的浏览器，使用了KDE的KHTML作为浏览器的运算核心。

Apple Safari在处理缓存对象时存在错误，可被恶意用户利用枚举已浏览的站点，泄露敏感信息。 0 Apple Safari 5.x 厂商补丁：

Apple

目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：

http://support.apple.com/

JSON Vulners Source

Initial Source

{"sourceData": "", "status": "details", "description": "CVE ID: CVE-2011-4692\r\n\r\nSafari\u662f\u82f9\u679c\u8ba1\u7b97\u673a\u7684\u6700\u65b0\u4f5c\u4e1a\u7cfb\u7edfMac OS X\u4e2d\u7684\u6d4f\u89c8\u5668\uff0c\u4f7f\u7528\u4e86KDE\u7684KHTML\u4f5c\u4e3a\u6d4f\u89c8\u5668\u7684\u8fd0\u7b97\u6838\u5fc3\u3002\r\n\r\nApple Safari\u5728\u5904\u7406\u7f13\u5b58\u5bf9\u8c61\u65f6\u5b58\u5728\u9519\u8bef\uff0c\u53ef\u88ab\u6076\u610f\u7528\u6237\u5229\u7528\u679a\u4e3e\u5df2\u6d4f\u89c8\u7684\u7ad9\u70b9\uff0c\u6cc4\u9732\u654f\u611f\u4fe1\u606f\u3002\n0\nApple Safari 5.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApple\r\n-----\r\n\u76ee\u524d\u5382\u5546\u8fd8\u6ca1\u6709\u63d0\u4f9b\u8865\u4e01\u6216\u8005\u5347\u7ea7\u7a0b\u5e8f\uff0c\u6211\u4eec\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u7684\u4e3b\u9875\u4ee5\u83b7\u53d6\u6700\u65b0\u7248\u672c\uff1a\r\n\r\nhttp://support.apple.com/", "sourceHref": "", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-26090", "type": "seebug", "viewCount": 1, "references": [], "lastseen": "2017-11-19T17:56:29", "published": "2011-12-21T00:00:00", "cvelist": ["CVE-2011-4692"], "id": "SSV:26090", "enchantments_done": [], "modified": "2011-12-21T00:00:00", "title": "Apple Safari\u7f13\u5b58\u5bf9\u8c61\u5386\u53f2\u679a\u4e3e\u6f0f\u6d1e", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": 5.9, "vector": "NONE", "modified": "2017-11-19T17:56:29", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4692"]}, {"type": "openvas", "idList": ["OPENVAS:802358", "OPENVAS:1361412562310802283", "OPENVAS:802359", "OPENVAS:802360", "OPENVAS:1361412562310802282", "OPENVAS:1361412562310802360", "OPENVAS:802282", "OPENVAS:1361412562310802359", "OPENVAS:1361412562310802358", "OPENVAS:802283"]}], "modified": "2017-11-19T17:56:29", "rev": 2}, "vulnersScore": 5.9}, "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T05:51:08", "description": "WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi.", "edition": 6, "cvss3": {}, "published": "2011-12-07T19:55:00", "title": "CVE-2011-4692", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4692"], "modified": "2017-09-19T01:34:00", "cpe": ["cpe:/a:apple:webkit:*", "cpe:/a:google:chrome:15", "cpe:/a:apple:safari:5.1.1"], "id": "CVE-2011-4692", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4692", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:google:chrome:15:*:*:*:*:*:*:*", "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:5.1.1:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-09-04T14:20:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4692"], "description": "The host is installed with Apple Safari web browser and is prone\nto information disclosure vulnerability.", "modified": "2017-08-30T00:00:00", "published": "2011-12-09T00:00:00", "id": "OPENVAS:802283", "href": "http://plugins.openvas.org/nasl.php?oid=802283", "type": "openvas", "title": "Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_safari_webkit_info_disc_vuln_macosx.nasl 7024 2017-08-30 11:51:43Z teissa $\n#\n# Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to gain access to\nsensitive information and launch other attacks.\n\nImpact Level: Application\";\n\ntag_affected = \"Apple Safari versions 5.1.1 and prior.\";\n\ntag_insight = \"The flaw is due to WebKit does not prevent capture of data about\nthe time required for image loading, which makes it easier for remote attackers\nto determine whether an image exists in the browser cache via crafted\nJavaScript code.\";\n\ntag_solution = \"No solution or patch was made available for at least one year\nsince disclosure of this vulnerability. Likely none will be provided anymore.\nGeneral solution options are to upgrade to a newer release, disable respective\nfeatures, remove the product or replace the product by another one.\";\n\ntag_summary = \"The host is installed with Apple Safari web browser and is prone\nto information disclosure vulnerability.\";\n\nif(description)\n{\n script_id(802283);\n script_version(\"$Revision: 7024 $\");\n script_cve_id(\"CVE-2011-4692\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-30 13:51:43 +0200 (Wed, 30 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-09 11:11:11 +0530 (Fri, 09 Dec 2011)\");\n script_name(\"Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://oxplot.github.com/visipisi/visipisi.html\");\n script_xref(name : \"URL\" , value : \"http://lcamtuf.coredump.cx/cachetime/firefox.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_require_keys(\"AppleSafari/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsafVer = get_kb_item(\"AppleSafari/MacOSX/Version\");\nif(!safVer){\n exit(0);\n}\n\n## Grep for Apple Safari Versions 5.1.1 and prior.\nif(version_is_less_equal(version:safVer, test_version:\"5.1.1\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2020-03-04T19:00:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4692"], "description": "The host is installed with Apple Safari web browser and is prone\n to information disclosure vulnerability.", "modified": "2020-03-02T00:00:00", "published": "2011-12-09T00:00:00", "id": "OPENVAS:1361412562310802283", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802283", "type": "openvas", "title": "Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802283\");\n script_version(\"2020-03-02T13:53:38+0000\");\n script_cve_id(\"CVE-2011-4692\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-02 13:53:38 +0000 (Mon, 02 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-12-09 11:11:11 +0530 (Fri, 09 Dec 2011)\");\n script_name(\"Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://oxplot.github.com/visipisi/visipisi.html\");\n script_xref(name:\"URL\", value:\"http://lcamtuf.coredump.cx/cachetime/firefox.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to gain access to\n sensitive information and launch other attacks.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions 5.1.1 and prior.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to WebKit does not prevent capture of data about\n the time required for image loading, which makes it easier for remote attackers\n to determine whether an image exists in the browser cache via crafted JavaScript code.\");\n\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year since the disclosure\n of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer\n release, disable respective features, remove the product or replace the product by another one.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Apple Safari web browser and is prone\n to information disclosure vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less_equal(version:vers, test_version:\"5.1.1\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"None\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-03T21:00:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4692"], "description": "The host is installed with Apple Safari web browser and is prone\n to information disclosure vulnerability.", "modified": "2020-02-28T00:00:00", "published": "2011-12-09T00:00:00", "id": "OPENVAS:1361412562310802282", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802282", "type": "openvas", "title": "Apple Safari WebKit Information Disclosure Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari WebKit Information Disclosure Vulnerability (Windows)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802282\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2011-4692\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-12-09 11:11:11 +0530 (Fri, 09 Dec 2011)\");\n script_name(\"Apple Safari WebKit Information Disclosure Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://oxplot.github.com/visipisi/visipisi.html\");\n script_xref(name:\"URL\", value:\"http://lcamtuf.coredump.cx/cachetime/firefox.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_safari_detect_win_900003.nasl\");\n script_mandatory_keys(\"AppleSafari/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to gain access to\n sensitive information and launch other attacks.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions 5.1.1 and prior.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to WebKit does not prevent capture of data about\n the time required for image loading, which makes it easier for remote attackers\n to determine whether an image exists in the browser cache via crafted\n JavaScript code.\");\n\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year since the disclosure\n of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer\n release, disable respective features, remove the product or replace the product by another one.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Apple Safari web browser and is prone\n to information disclosure vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less_equal(version:vers, test_version:\"5.34.51.22\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"None\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-09-04T14:19:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4692"], "description": "The host is installed with Apple Safari web browser and is prone\nto information disclosure vulnerability.", "modified": "2017-09-01T00:00:00", "published": "2011-12-09T00:00:00", "id": "OPENVAS:802282", "href": "http://plugins.openvas.org/nasl.php?oid=802282", "type": "openvas", "title": "Apple Safari WebKit Information Disclosure Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_safari_webkit_info_disc_vuln_win.nasl 7044 2017-09-01 11:50:59Z teissa $\n#\n# Apple Safari WebKit Information Disclosure Vulnerability (Windows)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to gain access to\nsensitive information and launch other attacks.\n\nImpact Level: Application\";\n\ntag_affected = \"Apple Safari versions 5.1.1 and prior.\";\n\ntag_insight = \"The flaw is due to WebKit does not prevent capture of data about\nthe time required for image loading, which makes it easier for remote attackers\nto determine whether an image exists in the browser cache via crafted\nJavaScript code.\";\n\ntag_solution = \"No solution or patch was made available for at least one year\nsince disclosure of this vulnerability. Likely none will be provided anymore.\nGeneral solution options are to upgrade to a newer release, disable respective\nfeatures, remove the product or replace the product by another one.\";\n\ntag_summary = \"The host is installed with Apple Safari web browser and is prone\nto information disclosure vulnerability.\";\n\nif(description)\n{\n script_id(802282);\n script_version(\"$Revision: 7044 $\");\n script_cve_id(\"CVE-2011-4692\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-09-01 13:50:59 +0200 (Fri, 01 Sep 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-09 11:11:11 +0530 (Fri, 09 Dec 2011)\");\n script_name(\"Apple Safari WebKit Information Disclosure Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://oxplot.github.com/visipisi/visipisi.html\");\n script_xref(name : \"URL\" , value : \"http://lcamtuf.coredump.cx/cachetime/firefox.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_safari_detect_win_900003.nasl\");\n script_require_keys(\"AppleSafari/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsafVer = get_kb_item(\"AppleSafari/Version\");\nif(!safVer){\n exit(0);\n}\n\n## Grep for Apple Safari Versions 5.1.1 (5.34.51.22) and prior.\nif(version_is_less_equal(version:safVer, test_version:\"5.34.51.22\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-09-05T11:22:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4692", "CVE-2011-4691"], "description": "The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.", "modified": "2017-09-04T00:00:00", "published": "2011-12-09T00:00:00", "id": "OPENVAS:802358", "href": "http://plugins.openvas.org/nasl.php?oid=802358", "type": "openvas", "title": "Google Chrome Cache History Information Disclosure Vulnerabilities (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_cache_history_info_disc_vuln_win.nasl 7052 2017-09-04 11:50:51Z teissa $\n#\n# Google Chrome Cache History Information Disclosure Vulnerabilities (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to gain\nsensitive information about visited web page.\n\nImpact Level: Application\";\n\ntag_affected = \"Google Chrome version 15.0.874.121 and prior on Windows\";\n\ntag_insight = \"Multiple flaws are due to improper capturing of data about the\ntimes of Same Origin Policy violations during IFRAME and image loading attempts,\nallows attacker to enumerate visited sites via crafted JavaScript code.\";\n\ntag_solution = \"No solution or patch was made available for at least one year\nsince disclosure of this vulnerability. Likely none will be provided anymore.\nGeneral solution options are to upgrade to a newer release, disable respective\nfeatures, remove the product or replace the product by another one.\";\n\ntag_summary = \"The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.\";\n\nif(description)\n{\n script_id(802358);\n script_version(\"$Revision: 7052 $\");\n script_cve_id(\"CVE-2011-4691\", \"CVE-2011-4692\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-09-04 13:50:51 +0200 (Mon, 04 Sep 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-09 12:30:25 +0530 (Fri, 09 Dec 2011)\");\n script_name(\"Google Chrome Cache History Information Disclosure Vulnerabilities (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/47127\");\n script_xref(name : \"URL\" , value : \"http://lcamtuf.coredump.cx/cachetime/\");\n script_xref(name : \"URL\" , value : \"http://sip.cs.princeton.edu/pub/webtiming.pdf\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_require_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 15.0.874.121\nif(version_is_less_equal(version:chromeVer, test_version:\"15.0.874.121\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-09-04T14:20:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4692", "CVE-2011-4691"], "description": "The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.", "modified": "2017-08-25T00:00:00", "published": "2011-12-09T00:00:00", "id": "OPENVAS:802359", "href": "http://plugins.openvas.org/nasl.php?oid=802359", "type": "openvas", "title": "Google Chrome Cache History Information Disclosure Vulnerabilities (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_cache_history_info_disc_vuln_macosx.nasl 7006 2017-08-25 11:51:20Z teissa $\n#\n# Google Chrome Cache History Information Disclosure Vulnerabilities (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to gain\nsensitive information about visited web page.\n\nImpact Level: Application\";\n\ntag_affected = \"Google Chrome version 15.0.874.121 and prior on Mac OS X.\";\n\ntag_insight = \"Multiple flaws are due to improper capturing of data about the\ntimes of Same Origin Policy violations during IFRAME and image loading attempts,\nallows attacker to enumerate visited sites via crafted JavaScript code.\";\n\ntag_solution = \"No solution or patch was made available for at least one year\nsince disclosure of this vulnerability. Likely none will be provided anymore.\nGeneral solution options are to upgrade to a newer release, disable respective\nfeatures, remove the product or replace the product by another one.\";\n\ntag_summary = \"The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.\";\n\nif(description)\n{\n script_id(802359);\n script_version(\"$Revision: 7006 $\");\n script_cve_id(\"CVE-2011-4691\", \"CVE-2011-4692\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-25 13:51:20 +0200 (Fri, 25 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-09 12:30:25 +0530 (Fri, 09 Dec 2011)\");\n script_name(\"Google Chrome Cache History Information Disclosure Vulnerabilities (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/47127\");\n script_xref(name : \"URL\" , value : \"http://lcamtuf.coredump.cx/cachetime/\");\n script_xref(name : \"URL\" , value : \"http://sip.cs.princeton.edu/pub/webtiming.pdf\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_require_keys(\"GoogleChrome/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than or equal to 15.0.874.121\nif(version_is_less_equal(version:chromeVer, test_version:\"15.0.874.121\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:40:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4692", "CVE-2011-4691"], "description": "The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.", "modified": "2018-09-22T00:00:00", "published": "2011-12-09T00:00:00", "id": "OPENVAS:1361412562310802359", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802359", "type": "openvas", "title": "Google Chrome Cache History Information Disclosure Vulnerabilities (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_cache_history_info_disc_vuln_macosx.nasl 11552 2018-09-22 13:45:08Z cfischer $\n#\n# Google Chrome Cache History Information Disclosure Vulnerabilities (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802359\");\n script_version(\"$Revision: 11552 $\");\n script_cve_id(\"CVE-2011-4691\", \"CVE-2011-4692\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-22 15:45:08 +0200 (Sat, 22 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-09 12:30:25 +0530 (Fri, 09 Dec 2011)\");\n script_name(\"Google Chrome Cache History Information Disclosure Vulnerabilities (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/47127\");\n script_xref(name:\"URL\", value:\"http://lcamtuf.coredump.cx/cachetime/\");\n script_xref(name:\"URL\", value:\"http://sip.cs.princeton.edu/pub/webtiming.pdf\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to gain\nsensitive information about visited web page.\");\n script_tag(name:\"affected\", value:\"Google Chrome version 15.0.874.121 and prior on Mac OS X.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to improper capturing of data about the\ntimes of Same Origin Policy violations during IFRAME and image loading attempts,\nallows attacker to enumerate visited sites via crafted JavaScript code.\");\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year since the disclosure\n of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer\n release, disable respective features, remove the product or replace the product by another one.\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/MacOSX/Version\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:chromeVer, test_version:\"15.0.874.121\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4692", "CVE-2011-4691"], "description": "The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.", "modified": "2018-09-22T00:00:00", "published": "2011-12-09T00:00:00", "id": "OPENVAS:1361412562310802358", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802358", "type": "openvas", "title": "Google Chrome Cache History Information Disclosure Vulnerabilities (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_cache_history_info_disc_vuln_win.nasl 11552 2018-09-22 13:45:08Z cfischer $\n#\n# Google Chrome Cache History Information Disclosure Vulnerabilities (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802358\");\n script_version(\"$Revision: 11552 $\");\n script_cve_id(\"CVE-2011-4691\", \"CVE-2011-4692\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-22 15:45:08 +0200 (Sat, 22 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-09 12:30:25 +0530 (Fri, 09 Dec 2011)\");\n script_name(\"Google Chrome Cache History Information Disclosure Vulnerabilities (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/47127\");\n script_xref(name:\"URL\", value:\"http://lcamtuf.coredump.cx/cachetime/\");\n script_xref(name:\"URL\", value:\"http://sip.cs.princeton.edu/pub/webtiming.pdf\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to gain\nsensitive information about visited web page.\");\n script_tag(name:\"affected\", value:\"Google Chrome version 15.0.874.121 and prior on Windows\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to improper capturing of data about the\ntimes of Same Origin Policy violations during IFRAME and image loading attempts,\nallows attacker to enumerate visited sites via crafted JavaScript code.\");\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year\nsince the disclosure of this vulnerability. Likely none will be provided anymore.\nGeneral solution options are to upgrade to a newer release, disable respective\nfeatures, remove the product or replace the product by another one.\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:chromeVer, test_version:\"15.0.874.121\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4692", "CVE-2011-4691"], "description": "The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.", "modified": "2018-09-22T00:00:00", "published": "2011-12-09T00:00:00", "id": "OPENVAS:1361412562310802360", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802360", "type": "openvas", "title": "Google Chrome Cache History Information Disclosure Vulnerabilities (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_cache_history_info_disc_vuln_lin.nasl 11552 2018-09-22 13:45:08Z cfischer $\n#\n# Google Chrome Cache History Information Disclosure Vulnerabilities (Linux)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802360\");\n script_version(\"$Revision: 11552 $\");\n script_cve_id(\"CVE-2011-4691\", \"CVE-2011-4692\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-22 15:45:08 +0200 (Sat, 22 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-09 12:30:25 +0530 (Fri, 09 Dec 2011)\");\n script_name(\"Google Chrome Cache History Information Disclosure Vulnerabilities (Linux)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/47127\");\n script_xref(name:\"URL\", value:\"http://lcamtuf.coredump.cx/cachetime/\");\n script_xref(name:\"URL\", value:\"http://sip.cs.princeton.edu/pub/webtiming.pdf\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to gain\nsensitive information about visited web page.\");\n script_tag(name:\"affected\", value:\"Google Chrome version 15.0.874.121 and prior on Linux.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to improper capturing of data about the\ntimes of Same Origin Policy violations during IFRAME and image loading\nattempts, allows attacker to enumerate visited sites via crafted JavaScript\ncode.\");\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year since the disclosure\n of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer\n release, disable respective features, remove the product or replace the product by another one.\");\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:chromeVer, test_version:\"15.0.874.121\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-09-04T14:19:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4692", "CVE-2011-4691"], "description": "The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.", "modified": "2017-09-01T00:00:00", "published": "2011-12-09T00:00:00", "id": "OPENVAS:802360", "href": "http://plugins.openvas.org/nasl.php?oid=802360", "type": "openvas", "title": "Google Chrome Cache History Information Disclosure Vulnerabilities (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_cache_history_info_disc_vuln_lin.nasl 7044 2017-09-01 11:50:59Z teissa $\n#\n# Google Chrome Cache History Information Disclosure Vulnerabilities (Linux)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to gain\nsensitive information about visited web page.\n\nImpact Level: Application\";\n\ntag_affected = \"Google Chrome version 15.0.874.121 and prior on Linux.\";\n\ntag_insight = \"Multiple flaws are due to improper capturing of data about the\ntimes of Same Origin Policy violations during IFRAME and image loading\nattempts, allows attacker to enumerate visited sites via crafted JavaScript\ncode.\";\n\ntag_solution = \"No solution or patch was made available for at least one year\nsince disclosure of this vulnerability. Likely none will be provided anymore.\nGeneral solution options are to upgrade to a newer release, disable respective\nfeatures, remove the product or replace the product by another one.\";\n\ntag_summary = \"The host is installed with Google Chrome and is prone to\ninformation disclosure vulnerabilities.\";\n\nif(description)\n{\n script_id(802360);\n script_version(\"$Revision: 7044 $\");\n script_cve_id(\"CVE-2011-4691\", \"CVE-2011-4692\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-09-01 13:50:59 +0200 (Fri, 01 Sep 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-09 12:30:25 +0530 (Fri, 09 Dec 2011)\");\n script_name(\"Google Chrome Cache History Information Disclosure Vulnerabilities (Linux)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/47127\");\n script_xref(name : \"URL\" , value : \"http://lcamtuf.coredump.cx/cachetime/\");\n script_xref(name : \"URL\" , value : \"http://sip.cs.princeton.edu/pub/webtiming.pdf\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_require_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 15.0.874.121\nif(version_is_less_equal(version:chromeVer, test_version:\"15.0.874.121\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}]}