Vulnerabilities > CVE-2010-2106 - Unspecified vulnerability in Google Chrome

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
google
nessus
NVD
Published: 2010-05-28
Updated: 2020-08-06

Summary

Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers.

Vulnerable Configurations

Part Description Count
Application
Google
444

Nessus

NASL familyWindows
NASL idGOOGLE_CHROME_5_0_375_55.NASL
descriptionThe version of Google Chrome installed on the remote host is earlier than 5.0.375.55. As such, it is reportedly affected by multiple vulnerabilities : - URLs do not closely match the Safe Browsing specification. (Issue #7713) - It is possible to spoof URLs with unload event handlers. (Issue #16535) - A memory error exists in the Safe Browsing interaction. (Issue #30079) - It is possible to bypass the whitelist-mode plugin blocker. (Issue #39740) - A memory error exists with drag and drop. (Issue #41469) - JavaScript is incorrectly executed in the extension context. (Issue #42228)
last seen2020-06-01
modified2020-06-02
plugin id46732
published2010-05-26
reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/46732
titleGoogle Chrome < 5.0.375.55 Multiple Vulnerabilities
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(46732);
  script_version("1.17");
  script_cvs_date("Date: 2018/11/15 20:50:27");

  script_cve_id(
    "CVE-2010-2105",
    "CVE-2010-2106",
    "CVE-2010-2107",
    "CVE-2010-2108",
    "CVE-2010-2109",
    "CVE-2010-2110"
  );
  script_bugtraq_id(40367);

  script_name(english:"Google Chrome < 5.0.375.55 Multiple Vulnerabilities");
  script_summary(english:"Checks version number of Google Chrome");

  script_set_attribute(attribute:"synopsis", value:
"The remote host contains a web browser that is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote host is earlier
than 5.0.375.55.  As such, it is reportedly affected by multiple
vulnerabilities :

  - URLs do not closely match the Safe Browsing
    specification. (Issue #7713)

  - It is possible to spoof URLs with unload event handlers.
    (Issue #16535)

  - A memory error exists in the Safe Browsing interaction.
    (Issue #30079)

  - It is possible to bypass the whitelist-mode plugin
    blocker. (Issue #39740)

  - A memory error exists with drag and drop. (Issue #41469)

  - JavaScript is incorrectly executed in the extension
    context. (Issue #42228)");

  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5b640e65");
  script_set_attribute(attribute:"solution", value:"Upgrade to Google Chrome 5.0.375.55 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/05/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/05/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/05/26");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");

  script_dependencies("google_chrome_installed.nasl");
  script_require_keys("SMB/Google_Chrome/Installed");

  exit(0);
}


include("google_chrome_version.inc");

get_kb_item_or_exit("SMB/Google_Chrome/Installed");

installs = get_kb_list("SMB/Google_Chrome/*");
google_chrome_check_version(installs:installs, fix:'5.0.375.55', severity:SECURITY_HOLE);

Oval

accepted2013-08-12T04:00:20.805-04:00
classvulnerability
contributors
  • nameSecPod Team
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
commentGoogle Chrome is installed
ovaloval:org.mitre.oval:def:11914
descriptionUnspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers.
familywindows
idoval:org.mitre.oval:def:11644
statusaccepted
submitted2010-09-06T17:53:36
titleUnspecified vulnerability in Google Chrome before 5.0.375.55 allows to spoof the URL bar
version50

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 40367 CVE ID: CVE-2010-2105,CVE-2010-2106,CVE-2010-2107,CVE-2010-2108,CVE-2010-2109,CVE-2010-2110 Google Chrome是Google发布的开源WEB浏览器。 Chrome的5.0.375.55版本更新修复了多个安全漏洞,用户受骗访问恶意网页就可能导致绕过安全限制或完全入侵用户系统。 1) Chrome没有正确地遵循对规范化URL的Safe Browsing规范。 2) 上传事件处理器实现中的错误可能导致伪造URL栏。 3) Safe Browsing交互和拖放功能中的错误可能导致内存破坏并执行任意代码。 4) 白名单模式的插件拦截器中的错误可能导致绕过安全限制。 5) 扩展上下文中没有正确地执行JavaScript。 Google Chrome &lt; 5.0.375.55 厂商补丁: Google ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.google.com
idSSV:19721
last seen2017-11-19
modified2010-06-01
published2010-06-01
reporterRoot
titleGoogle Chrome 5.0.375.55更新修复多个安全漏洞

References