Vulnerabilities > CVE-2010-2107 - Unspecified vulnerability in Google Chrome

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
google
critical
nessus

Summary

Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality.

Vulnerable Configurations

Part Description Count
Application
Google
444

Nessus

NASL familyWindows
NASL idGOOGLE_CHROME_5_0_375_55.NASL
descriptionThe version of Google Chrome installed on the remote host is earlier than 5.0.375.55. As such, it is reportedly affected by multiple vulnerabilities : - URLs do not closely match the Safe Browsing specification. (Issue #7713) - It is possible to spoof URLs with unload event handlers. (Issue #16535) - A memory error exists in the Safe Browsing interaction. (Issue #30079) - It is possible to bypass the whitelist-mode plugin blocker. (Issue #39740) - A memory error exists with drag and drop. (Issue #41469) - JavaScript is incorrectly executed in the extension context. (Issue #42228)
last seen2020-06-01
modified2020-06-02
plugin id46732
published2010-05-26
reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/46732
titleGoogle Chrome < 5.0.375.55 Multiple Vulnerabilities
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(46732);
  script_version("1.17");
  script_cvs_date("Date: 2018/11/15 20:50:27");

  script_cve_id(
    "CVE-2010-2105",
    "CVE-2010-2106",
    "CVE-2010-2107",
    "CVE-2010-2108",
    "CVE-2010-2109",
    "CVE-2010-2110"
  );
  script_bugtraq_id(40367);

  script_name(english:"Google Chrome < 5.0.375.55 Multiple Vulnerabilities");
  script_summary(english:"Checks version number of Google Chrome");

  script_set_attribute(attribute:"synopsis", value:
"The remote host contains a web browser that is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote host is earlier
than 5.0.375.55.  As such, it is reportedly affected by multiple
vulnerabilities :

  - URLs do not closely match the Safe Browsing
    specification. (Issue #7713)

  - It is possible to spoof URLs with unload event handlers.
    (Issue #16535)

  - A memory error exists in the Safe Browsing interaction.
    (Issue #30079)

  - It is possible to bypass the whitelist-mode plugin
    blocker. (Issue #39740)

  - A memory error exists with drag and drop. (Issue #41469)

  - JavaScript is incorrectly executed in the extension
    context. (Issue #42228)");

  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5b640e65");
  script_set_attribute(attribute:"solution", value:"Upgrade to Google Chrome 5.0.375.55 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/05/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/05/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/05/26");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");

  script_dependencies("google_chrome_installed.nasl");
  script_require_keys("SMB/Google_Chrome/Installed");

  exit(0);
}


include("google_chrome_version.inc");

get_kb_item_or_exit("SMB/Google_Chrome/Installed");

installs = get_kb_list("SMB/Google_Chrome/*");
google_chrome_check_version(installs:installs, fix:'5.0.375.55', severity:SECURITY_HOLE);

Oval

accepted2013-08-12T04:01:05.748-04:00
classvulnerability
contributors
  • nameSecPod Team
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
commentGoogle Chrome is installed
ovaloval:org.mitre.oval:def:11914
descriptionUnspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality.
familywindows
idoval:org.mitre.oval:def:12128
statusaccepted
submitted2010-09-06T17:53:36
titleUnspecified vulnerability in Google Chrome before 5.0.375.55 related to the Safe Browsing functionality
version50

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 40367 CVE ID: CVE-2010-2105,CVE-2010-2106,CVE-2010-2107,CVE-2010-2108,CVE-2010-2109,CVE-2010-2110 Google Chrome是Google发布的开源WEB浏览器。 Chrome的5.0.375.55版本更新修复了多个安全漏洞,用户受骗访问恶意网页就可能导致绕过安全限制或完全入侵用户系统。 1) Chrome没有正确地遵循对规范化URL的Safe Browsing规范。 2) 上传事件处理器实现中的错误可能导致伪造URL栏。 3) Safe Browsing交互和拖放功能中的错误可能导致内存破坏并执行任意代码。 4) 白名单模式的插件拦截器中的错误可能导致绕过安全限制。 5) 扩展上下文中没有正确地执行JavaScript。 Google Chrome &lt; 5.0.375.55 厂商补丁: Google ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.google.com
idSSV:19721
last seen2017-11-19
modified2010-06-01
published2010-06-01
reporterRoot
titleGoogle Chrome 5.0.375.55更新修复多个安全漏洞