Vulnerabilities > CVE-2013-2872 - Unspecified vulnerability in Google Chrome

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
google
nessus

Summary

Google Chrome before 28.0.1500.71 on Mac OS X does not ensure a sufficient source of entropy for renderer processes, which might make it easier for remote attackers to defeat cryptographic protection mechanisms in third-party components via unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Google
2957
OS
Apple
1

Nessus

  • NASL familyWindows
    NASL idGOOGLE_CHROME_28_0_1500_71.NASL
    descriptionThe version of Google Chrome installed on the remote host is a version prior to 28.0.1500.71 and is, therefore, affected by multiple vulnerabilities : - A vulnerability exists that exposes HTTP in SSL to a man-in-the-middle attack. (CVE-2013-2853) - Block pop-unders in various scenarios. (CVE-2013-2867) - An error exists related to an incorrect sync of the NPAPI extension component. (CVE-2013-2868) - An unspecified flaw exists due to a lack of entropy in renderers. (CVE-2013-2872) - Use-after-free errors exist related to network sockets, input handling, and resource loading. (CVE-2013-2870, CVE-2013-2871, CVE-2013-2873) - A screen data leak error exists related to GL textures. (CVE-2013-2874) - An extension permission error exists related to interstitials. (CVE-2013-2876) - Multiple out-of-bounds errors exist related to JPEG2000, SVG, text handling and XML parsing. (CVE-2013-2869, CVE-2013-2875, CVE-2013-2877, CVE-2013-2878) - An unspecified error exists when setting up sign-in and sync. (CVE-2013-2879) - The vendor reports various, unspecified errors exist. (CVE-2013-2880)
    last seen2020-06-01
    modified2020-06-02
    plugin id67232
    published2013-07-10
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67232
    titleGoogle Chrome < 28.0.1500.71 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(67232);
      script_version("1.19");
      script_cvs_date("Date: 2019/11/27");
    
      script_cve_id(
        "CVE-2013-2853",
        "CVE-2013-2867",
        "CVE-2013-2868",
        "CVE-2013-2869",
        "CVE-2013-2870",
        "CVE-2013-2871",
        "CVE-2013-2872",
        "CVE-2013-2873",
        "CVE-2013-2874",
        "CVE-2013-2875",
        "CVE-2013-2876",
        "CVE-2013-2877",
        "CVE-2013-2878",
        "CVE-2013-2879",
        "CVE-2013-2880"
      );
      script_bugtraq_id(
        61046,
        61047,
        61049,
        61050,
        61051,
        61052,
        61053,
        61054,
        61055,
        61056,
        61057,
        61058,
        61059,
        61060,
        61061
      );
    
      script_name(english:"Google Chrome < 28.0.1500.71 Multiple Vulnerabilities");
      script_summary(english:"Checks version number of Google Chrome");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote host contains a web browser that is affected by multiple
    vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of Google Chrome installed on the remote host is a version
    prior to 28.0.1500.71 and is, therefore, affected by multiple
    vulnerabilities :
    
      - A vulnerability exists that exposes HTTP in SSL to a
        man-in-the-middle attack. (CVE-2013-2853)
    
      - Block pop-unders in various scenarios. (CVE-2013-2867)
    
      - An error exists related to an incorrect sync of the
        NPAPI extension component. (CVE-2013-2868)
    
      - An unspecified flaw exists due to a lack of entropy in
        renderers. (CVE-2013-2872)
    
      - Use-after-free errors exist related to network sockets,
        input handling, and resource loading. (CVE-2013-2870,
        CVE-2013-2871, CVE-2013-2873)
    
      - A screen data leak error exists related to GL textures.
        (CVE-2013-2874)
    
      - An extension permission error exists related to
        interstitials.  (CVE-2013-2876)
    
      - Multiple out-of-bounds errors exist related to JPEG2000,
        SVG, text handling and XML parsing.  (CVE-2013-2869,
        CVE-2013-2875, CVE-2013-2877, CVE-2013-2878)
    
      - An unspecified error exists when setting up sign-in and
        sync. (CVE-2013-2879)
    
      - The vendor reports various, unspecified errors exist.
        (CVE-2013-2880)");
      # https://chromereleases.googleblog.com/2013/07/stable-channel-update.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f68d8c39");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Google Chrome 28.0.1500.71 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-2870");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2013/07/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2013/07/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/10");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("google_chrome_installed.nasl");
      script_require_keys("SMB/Google_Chrome/Installed");
    
      exit(0);
    }
    
    include("google_chrome_version.inc");
    
    get_kb_item_or_exit("SMB/Google_Chrome/Installed");
    
    installs = get_kb_list("SMB/Google_Chrome/*");
    google_chrome_check_version(installs:installs, fix:'28.0.1500.71', severity:SECURITY_HOLE);
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_3B80104FE96C11E28BAC00262D5ED8EE.NASL
    descriptionGoogle Chrome Releases reports : A special reward for Andrey Labunets for his combination of CVE-2013-2879 and CVE-2013-2868 along with some (since fixed) server-side bugs. [252216] Low CVE-2013-2867: Block pop-unders in various scenarios. [252062] High CVE-2013-2879: Confusion setting up sign-in and sync. Credit to Andrey Labunets. [252034] Medium CVE-2013-2868: Incorrect sync of NPAPI extension component. Credit to Andrey Labunets. [245153] Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling. Credit to Felix Groebert of Google Security Team. [244746] [242762] Critical CVE-2013-2870: Use-after-free with network sockets. Credit to Collin Payne. [244260] Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco at INRIA Paris. [243991] [243818] High CVE-2013-2871: Use-after-free in input handling. Credit to miaubiz. [Mac only] [242702] Low CVE-2013-2872: Possible lack of entropy in renderers. Credit to Eric Rescorla. [241139] High CVE-2013-2873: Use-after-free in resource loading. Credit to miaubiz. [233848] Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to miaubiz. [229504] Medium CVE-2013-2876: Extensions permissions confusion with interstitials. Credit to Dev Akhawe. [229019] Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki Helin of OUSPG. [196636] None: Remove the
    last seen2020-06-01
    modified2020-06-02
    plugin id67237
    published2013-07-11
    reporterThis script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67237
    titleFreeBSD : chromium -- multiple vulnerabilities (3b80104f-e96c-11e2-8bac-00262d5ed8ee)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2013 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(67237);
      script_version("$Revision: 1.7 $");
      script_cvs_date("$Date: 2015/01/26 05:42:54 $");
    
      script_cve_id("CVE-2013-2853", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2872", "CVE-2013-2873", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2877", "CVE-2013-2878", "CVE-2013-2879");
    
      script_name(english:"FreeBSD : chromium -- multiple vulnerabilities (3b80104f-e96c-11e2-8bac-00262d5ed8ee)");
      script_summary(english:"Checks for updated package in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote FreeBSD host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Google Chrome Releases reports :
    
    A special reward for Andrey Labunets for his combination of
    CVE-2013-2879 and CVE-2013-2868 along with some (since fixed)
    server-side bugs.
    
    [252216] Low CVE-2013-2867: Block pop-unders in various scenarios.
    
    [252062] High CVE-2013-2879: Confusion setting up sign-in and sync.
    Credit to Andrey Labunets.
    
    [252034] Medium CVE-2013-2868: Incorrect sync of NPAPI extension
    component. Credit to Andrey Labunets.
    
    [245153] Medium CVE-2013-2869: Out-of-bounds read in JPEG2000
    handling. Credit to Felix Groebert of Google Security Team.
    
    [244746] [242762] Critical CVE-2013-2870: Use-after-free with network
    sockets. Credit to Collin Payne.
    
    [244260] Medium CVE-2013-2853: Man-in-the-middle attack against HTTP
    in SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan
    from Prosecco at INRIA Paris.
    
    [243991] [243818] High CVE-2013-2871: Use-after-free in input
    handling. Credit to miaubiz.
    
    [Mac only] [242702] Low CVE-2013-2872: Possible lack of entropy in
    renderers. Credit to Eric Rescorla.
    
    [241139] High CVE-2013-2873: Use-after-free in resource loading.
    Credit to miaubiz.
    
    [233848] Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to
    miaubiz.
    
    [229504] Medium CVE-2013-2876: Extensions permissions confusion with
    interstitials. Credit to Dev Akhawe.
    
    [229019] Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit
    to Aki Helin of OUSPG.
    
    [196636] None: Remove the 'viewsource' attribute on iframes. Credit to
    Collin Jackson.
    
    [177197] Medium CVE-2013-2878: Out-of-bounds read in text handling.
    Credit to Atte Kettunen of OUSPG."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://googlechromereleases.blogspot.nl/"
      );
      # http://www.freebsd.org/ports/portaudit/3b80104f-e96c-11e2-8bac-00262d5ed8ee.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?6523f6c3"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:chromium");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2013/07/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2013/07/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"chromium<28.0.1500.71")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");