Vulnerabilities > CVE-2012-5132

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service (application crash) via a response with chunked transfer coding.

Vulnerable Configurations

Part Description Count
OS
Opensuse
2
Application
Google
2525

Nessus

  • NASL familyWindows
    NASL idGOOGLE_CHROME_23_0_1271_91.NASL
    descriptionThe version of Google Chrome installed on the remote host is earlier than 23.0.1271.91 and is, therefore, affected by the following vulnerabilities : - An out-of-bounds read error exists related to
    last seen2020-06-01
    modified2020-06-02
    plugin id63063
    published2012-11-27
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63063
    titleGoogle Chrome < 23.0.1271.91 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(63063);
      script_version("1.14");
      script_cvs_date("Date: 2019/12/04");
    
      script_cve_id(
        "CVE-2012-5130",
        "CVE-2012-5132",
        "CVE-2012-5133",
        "CVE-2012-5134",
        "CVE-2012-5135",
        "CVE-2012-5136"
      );
      script_bugtraq_id(56684);
    
      script_name(english:"Google Chrome < 23.0.1271.91 Multiple Vulnerabilities");
      script_summary(english:"Checks version number of Google Chrome");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote host contains a web browser that is affected by multiple
    vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of Google Chrome installed on the remote host is earlier
    than 23.0.1271.91 and is, therefore, affected by the following
    vulnerabilities :
    
      - An out-of-bounds read error exists related to 'Skia'.
        (CVE-2012-5130)
    
      - An unspecified error exists related to chunked encoding
        that can result in application crashes. (CVE-2012-5132)
    
      - Use-after-free errors exist related to 'SVG' filters
        and printing. (CVE-2012-5133, CVE-2012-5135)
    
      - A buffer underflow error exists related to 'libxml'.
        (CVE-2012-5134)
    
      - A cast error exists related to input element handling.
        (CVE-2012-5136)
    
    Successful exploitation of any of these issues could lead to an
    application crash or even allow arbitrary code execution, subject to the
    user's privileges.");
      # https://chromereleases.googleblog.com/2012/11/stable-channel-update.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a4c4a38d");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Google Chrome 23.0.1271.91 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-5135");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/26");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/11/26");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/11/27");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("google_chrome_installed.nasl");
      script_require_keys("SMB/Google_Chrome/Installed");
    
      exit(0);
    }
    
    include("google_chrome_version.inc");
    
    get_kb_item_or_exit("SMB/Google_Chrome/Installed");
    
    installs = get_kb_list("SMB/Google_Chrome/*");
    google_chrome_check_version(installs:installs, fix:'23.0.1271.91', severity:SECURITY_HOLE);
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_4D64FC61387811E2A4EB00262D5ED8EE.NASL
    descriptionGoogle Chrome Releases reports : [156567] High CVE-2012-5133: Use-after-free in SVG filters. Credit to miaubiz. [148638] Medium CVE-2012-5130: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG. [155711] Low CVE-2012-5132: Browser crash with chunked encoding. Credit to Attila Szasz. [158249] High CVE-2012-5134: Buffer underflow in libxml. Credit to Google Chrome Security Team (Juri Aedla). [159165] Medium CVE-2012-5135: Use-after-free with printing. Credit to Fermin Serna of Google Security Team. [159829] Medium CVE-2012-5136: Bad cast in input element handling. Credit to Google Chrome Security Team (Inferno).
    last seen2020-06-01
    modified2020-06-02
    plugin id63069
    published2012-11-28
    reporterThis script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63069
    titleFreeBSD : chromium -- multiple vulnerabilities (4d64fc61-3878-11e2-a4eb-00262d5ed8ee)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2016 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(63069);
      script_version("$Revision: 1.8 $");
      script_cvs_date("$Date: 2016/05/26 16:04:31 $");
    
      script_cve_id("CVE-2012-5130", "CVE-2012-5132", "CVE-2012-5133", "CVE-2012-5134", "CVE-2012-5135", "CVE-2012-5136");
    
      script_name(english:"FreeBSD : chromium -- multiple vulnerabilities (4d64fc61-3878-11e2-a4eb-00262d5ed8ee)");
      script_summary(english:"Checks for updated package in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote FreeBSD host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Google Chrome Releases reports :
    
    [156567] High CVE-2012-5133: Use-after-free in SVG filters. Credit to
    miaubiz.
    
    [148638] Medium CVE-2012-5130: Out-of-bounds read in Skia. Credit to
    Atte Kettunen of OUSPG.
    
    [155711] Low CVE-2012-5132: Browser crash with chunked encoding.
    Credit to Attila Szasz.
    
    [158249] High CVE-2012-5134: Buffer underflow in libxml. Credit to
    Google Chrome Security Team (Juri Aedla).
    
    [159165] Medium CVE-2012-5135: Use-after-free with printing. Credit to
    Fermin Serna of Google Security Team.
    
    [159829] Medium CVE-2012-5136: Bad cast in input element handling.
    Credit to Google Chrome Security Team (Inferno)."
      );
      # http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?bdc75d6a"
      );
      # http://www.freebsd.org/ports/portaudit/4d64fc61-3878-11e2-a4eb-00262d5ed8ee.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?89db03e1"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:chromium");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/26");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/11/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/11/28");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"chromium<23.0.1271.91")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-845.NASL
    descriptionChromium was updated to 25.0.1343 - Security Fixes (bnc#791234 and bnc#792154) : - CVE-2012-5131: Corrupt rendering in the Apple OSX driver for Intel GPUs - CVE-2012-5133: Use-after-free in SVG filters. - CVE-2012-5130: Out-of-bounds read in Skia - CVE-2012-5132: Browser crash with chunked encoding - CVE-2012-5134: Buffer underflow in libxml. - CVE-2012-5135: Use-after-free with printing. - CVE-2012-5136: Bad cast in input element handling. - CVE-2012-5138: Incorrect file path handling - CVE-2012-5137: Use-after-free in media source handling - Correct build so that proprietary codecs can be used when the chromium-ffmpeg package is installed - Update to 25.0.1335 - (gtk) Fixed <input> selection renders white text on white background in apps. (Issue: 158422) - Fixed translate infobar button to show selected language. (Issue: 155350) - Fixed broken Arabic language. (Issue: 158978) - Fixed pre-rendering if the preference is disabled at start up. (Issue: 159393) - Fixed JavaScript rendering issue. (Issue: 159655) - No further indications in the ChangeLog - Updated V8 - 3.14.5.0 - Bookmarks are now searched by their title while typing into the omnibox with matching bookmarks being shown in the autocomplete suggestions pop-down list. Matching is done by prefix. - Fixed chromium issues 155871, 154173, 155133. - Removed patch chomium-ffmpeg-no-pkgconfig.patch - Building now internal libffmpegsumo.so based on the standard chromium ffmpeg codecs - Add a configuration file (/etc/default/chromium) where we can indicate flags for the chromium-browser. - add explicit buildrequire on libbz2-devel
    last seen2020-06-05
    modified2014-06-13
    plugin id74839
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74839
    titleopenSUSE Security Update : Chromium (openSUSE-SU-2012:1637-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2012-845.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(74839);
      script_version("1.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2012-5130", "CVE-2012-5131", "CVE-2012-5132", "CVE-2012-5133", "CVE-2012-5134", "CVE-2012-5135", "CVE-2012-5136", "CVE-2012-5137", "CVE-2012-5138");
    
      script_name(english:"openSUSE Security Update : Chromium (openSUSE-SU-2012:1637-1)");
      script_summary(english:"Check for the openSUSE-2012-845 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Chromium was updated to 25.0.1343
    
      - Security Fixes (bnc#791234 and bnc#792154) :
    
      - CVE-2012-5131: Corrupt rendering in the Apple OSX driver
        for Intel GPUs
    
      - CVE-2012-5133: Use-after-free in SVG filters.
    
      - CVE-2012-5130: Out-of-bounds read in Skia
    
      - CVE-2012-5132: Browser crash with chunked encoding
    
      - CVE-2012-5134: Buffer underflow in libxml.
    
      - CVE-2012-5135: Use-after-free with printing.
    
      - CVE-2012-5136: Bad cast in input element handling.
    
      - CVE-2012-5138: Incorrect file path handling
    
      - CVE-2012-5137: Use-after-free in media source handling
    
      - Correct build so that proprietary codecs can be used
        when the chromium-ffmpeg package is installed
    
      - Update to 25.0.1335
    
      - (gtk) Fixed <input> selection renders white text on
        white background in apps. (Issue: 158422)
    
      - Fixed translate infobar button to show selected
        language. (Issue: 155350)
    
      - Fixed broken Arabic language. (Issue: 158978)
    
      - Fixed pre-rendering if the preference is disabled at
        start up. (Issue: 159393)
    
      - Fixed JavaScript rendering issue. (Issue: 159655)
    
      - No further indications in the ChangeLog
    
      - Updated V8 - 3.14.5.0
    
      - Bookmarks are now searched by their title while typing
        into the omnibox with matching bookmarks being shown in
        the autocomplete suggestions pop-down list. Matching is
        done by prefix.
    
      - Fixed chromium issues 155871, 154173, 155133.
    
      - Removed patch chomium-ffmpeg-no-pkgconfig.patch
    
      - Building now internal libffmpegsumo.so based on the
        standard chromium ffmpeg codecs
    
      - Add a configuration file (/etc/default/chromium) where
        we can indicate flags for the chromium-browser.
    
      - add explicit buildrequire on libbz2-devel"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=791234"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=792154"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2012-12/msg00024.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected Chromium packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromedriver");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromedriver-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-desktop-gnome");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-desktop-kde");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-suid-helper");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.2");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/28");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/12/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE12\.1|SUSE12\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1 / 12.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE12.1", reference:"chromedriver-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"chromedriver-debuginfo-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"chromium-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"chromium-debuginfo-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"chromium-debugsource-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"chromium-desktop-gnome-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"chromium-desktop-kde-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"chromium-ffmpegsumo-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"chromium-ffmpegsumo-debuginfo-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"chromium-suid-helper-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.1", reference:"chromium-suid-helper-debuginfo-25.0.1343.0-1.43.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromedriver-25.0.1343.0-1.23.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromedriver-debuginfo-25.0.1343.0-1.23.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromium-25.0.1343.0-1.23.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromium-debuginfo-25.0.1343.0-1.23.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromium-debugsource-25.0.1343.0-1.23.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromium-desktop-gnome-25.0.1343.0-1.23.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromium-desktop-kde-25.0.1343.0-1.23.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromium-ffmpegsumo-25.0.1343.0-1.23.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromium-ffmpegsumo-debuginfo-25.0.1343.0-1.23.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromium-suid-helper-25.0.1343.0-1.23.1") ) flag++;
    if ( rpm_check(release:"SUSE12.2", reference:"chromium-suid-helper-debuginfo-25.0.1343.0-1.23.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Chromium");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201309-16.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201309-16 (Chromium, V8: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact : A context-dependent attacker could entice a user to open a specially crafted website or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass security restrictions or have other, unspecified, impact. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id70112
    published2013-09-25
    reporterThis script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/70112
    titleGLSA-201309-16 : Chromium, V8: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201309-16.
    #
    # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(70112);
      script_version("1.26");
      script_cvs_date("Date: 2018/07/12 15:01:52");
    
      script_cve_id("CVE-2012-5116", "CVE-2012-5117", "CVE-2012-5118", "CVE-2012-5120", "CVE-2012-5121", "CVE-2012-5122", "CVE-2012-5123", "CVE-2012-5124", "CVE-2012-5125", "CVE-2012-5126", "CVE-2012-5127", "CVE-2012-5128", "CVE-2012-5130", "CVE-2012-5132", "CVE-2012-5133", "CVE-2012-5135", "CVE-2012-5136", "CVE-2012-5137", "CVE-2012-5138", "CVE-2012-5139", "CVE-2012-5140", "CVE-2012-5141", "CVE-2012-5142", "CVE-2012-5143", "CVE-2012-5144", "CVE-2012-5145", "CVE-2012-5146", "CVE-2012-5147", "CVE-2012-5148", "CVE-2012-5149", "CVE-2012-5150", "CVE-2012-5151", "CVE-2012-5152", "CVE-2012-5153", "CVE-2012-5154", "CVE-2013-0828", "CVE-2013-0829", "CVE-2013-0830", "CVE-2013-0831", "CVE-2013-0832", "CVE-2013-0833", "CVE-2013-0834", "CVE-2013-0835", "CVE-2013-0836", "CVE-2013-0837", "CVE-2013-0838", "CVE-2013-0839", "CVE-2013-0840", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0879", "CVE-2013-0880", "CVE-2013-0881", "CVE-2013-0882", "CVE-2013-0883", "CVE-2013-0884", "CVE-2013-0885", "CVE-2013-0887", "CVE-2013-0888", "CVE-2013-0889", "CVE-2013-0890", "CVE-2013-0891", "CVE-2013-0892", "CVE-2013-0893", "CVE-2013-0894", "CVE-2013-0895", "CVE-2013-0896", "CVE-2013-0897", "CVE-2013-0898", "CVE-2013-0899", "CVE-2013-0900", "CVE-2013-0902", "CVE-2013-0903", "CVE-2013-0904", "CVE-2013-0905", "CVE-2013-0906", "CVE-2013-0907", "CVE-2013-0908", "CVE-2013-0909", "CVE-2013-0910", "CVE-2013-0911", "CVE-2013-0912", "CVE-2013-0916", "CVE-2013-0917", "CVE-2013-0918", "CVE-2013-0919", "CVE-2013-0920", "CVE-2013-0921", "CVE-2013-0922", "CVE-2013-0923", "CVE-2013-0924", "CVE-2013-0925", "CVE-2013-0926", "CVE-2013-2836", "CVE-2013-2837", "CVE-2013-2838", "CVE-2013-2839", "CVE-2013-2840", "CVE-2013-2841", "CVE-2013-2842", "CVE-2013-2843", "CVE-2013-2844", "CVE-2013-2845", "CVE-2013-2846", "CVE-2013-2847", "CVE-2013-2848", "CVE-2013-2849", "CVE-2013-2853", "CVE-2013-2855", "CVE-2013-2856", "CVE-2013-2857", "CVE-2013-2858", "CVE-2013-2859", "CVE-2013-2860", "CVE-2013-2861", "CVE-2013-2862", "CVE-2013-2863", "CVE-2013-2865", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2874", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2877", "CVE-2013-2878", "CVE-2013-2879", "CVE-2013-2880", "CVE-2013-2881", "CVE-2013-2882", "CVE-2013-2883", "CVE-2013-2884", "CVE-2013-2885", "CVE-2013-2886", "CVE-2013-2887", "CVE-2013-2900", "CVE-2013-2901", "CVE-2013-2902", "CVE-2013-2903", "CVE-2013-2904", "CVE-2013-2905");
      script_bugtraq_id(56413, 56684, 56741, 56903, 58318, 58388, 58723, 58724, 58725, 58727, 58728, 58729, 58730, 58731, 58732, 58733, 58734, 59326, 59327, 59328, 59330, 59331, 59332, 59334, 59336, 59337, 59338, 59339, 59340, 59342, 59343, 59344, 59345, 59346, 59347, 59349, 59351, 59413, 59414, 59415, 59416, 59417, 59418, 59419, 59420, 59422, 59423, 59425, 59427, 59428, 59429, 59430, 59431, 59433, 59435, 59436, 59437, 59438, 59515, 59516, 59518, 59520, 59521, 59522, 59523, 59524, 59680, 59681, 59682, 59683, 60062, 60063, 60064, 60065, 60066, 60067, 60068, 60069, 60070, 60071, 60072, 60073, 60074, 60076, 60395, 60396, 60397, 60398, 60399, 60400, 60401, 60403, 60404, 60405, 61046, 61047, 61049, 61050, 61051, 61052, 61054, 61055, 61057, 61059, 61060, 61061, 61547, 61548, 61549, 61550, 61551, 61552, 61885, 61886, 61887, 61888, 61889, 61890, 61891);
      script_xref(name:"GLSA", value:"201309-16");
    
      script_name(english:"GLSA-201309-16 : Chromium, V8: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201309-16
    (Chromium, V8: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in Chromium and V8. Please
          review the CVE identifiers and release notes referenced below for
          details.
      
    Impact :
    
        A context-dependent attacker could entice a user to open a specially
          crafted website or JavaScript program using Chromium or V8, possibly
          resulting in the execution of arbitrary code with the privileges of the
          process or a Denial of Service condition. Furthermore, a remote attacker
          may be able to bypass security restrictions or have other, unspecified,
          impact.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      # https://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?0b9b0b08"
      );
      # https://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2f59319e"
      );
      # https://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?ee73f07e"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201309-16"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Chromium users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose
          '>=www-client/chromium-29.0.1457.57'
        All V8 users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.18.5.14'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:chromium");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:v8");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/09/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"www-client/chromium", unaffected:make_list("ge 29.0.1457.57"), vulnerable:make_list("lt 29.0.1457.57"))) flag++;
    if (qpkg_check(package:"dev-lang/v8", unaffected:make_list("ge 3.18.5.14"), vulnerable:make_list("lt 3.18.5.14"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Chromium / V8");
    }
    

Oval

accepted2013-08-12T04:07:12.584-04:00
classvulnerability
contributors
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
commentGoogle Chrome is installed
ovaloval:org.mitre.oval:def:11914
descriptionGoogle Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service (application crash) via a response with chunked transfer coding.
familywindows
idoval:org.mitre.oval:def:15040
statusaccepted
submitted2012-12-04T09:00:55.661-05:00
titleGoogle Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service (application crash) via a response with chunked transfer coding
version42

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 56684 CVE(CAN) ID: CVE-2012-5130,CVE-2012-5131,CVE-2012-5132,CVE-2012-5133,CVE-2012-5134,CVE-2012-5135,CVE-2012-5136 Google Chrome是由Google开发的一款设计简单、高效的Web浏览工具。 Google Chrome 23.0.1271.91之前版本在实现上存在多个远程漏洞,攻击者可利用这些漏洞在浏览器上下文中执行任意代码、造成拒绝服务、绕过同源策略等。 0 Google Chrome &lt; 23.0.1271.91 厂商补丁: Google ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载23.0.1271.91版本: https://www.google.com/intl/zh-CN/chrome/browser/
idSSV:60479
last seen2017-11-19
modified2012-11-27
published2012-11-27
reporterRoot
titleGoogle Chrome 23.0.1271.91之前版本多个远程漏洞