Vulnerabilities > CVE-2013-2886

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
debian
google
nessus
NVD
Published: 2013-07-31
Updated: 2023-11-07

Summary

Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Vulnerable Configurations

Part Description Count
OS
Debian
1
Application
Google
2963

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_69098C5CFC4B11E28AD000262D5ED8EE.NASL
    descriptionGoogle Chrome Releases reports : Eleven vulnerabilities, including : [257748] Medium CVE-2013-2881: Origin bypass in frame handling. Credit to Karthik Bhargavan. [260106] High CVE-2013-2882: Type confusion in V8. Credit to Cloudfuzzer. [260165] High CVE-2013-2883: Use-after-free in MutationObserver. Credit to Cloudfuzzer. [248950] High CVE-2013-2884: Use-after-free in DOM. Credit to Ivan Fratric of Google Security Team. [249640] [257353] High CVE-2013-2885: Use-after-free in input handling. Credit to Ivan Fratric of Google Security Team. [261701] High CVE-2013-2886: Various fixes from internal audits, fuzzing and other initiatives.
    last seen2020-06-01
    modified2020-06-02
    plugin id69214
    published2013-08-05
    reporterThis script is Copyright (C) 2013 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69214
    titleFreeBSD : chromium -- multiple vulnerabilities (69098c5c-fc4b-11e2-8ad0-00262d5ed8ee)
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from the FreeBSD VuXML database :
#
# Copyright 2003-2013 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
#    copyright notice, this list of conditions and the following
#    disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
#    published online in any format, converted to PDF, PostScript,
#    RTF and other formats) must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer
#    in the documentation and/or other materials provided with the
#    distribution.
# 
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#

include("compat.inc");

if (description)
{
  script_id(69214);
  script_version("$Revision: 1.3 $");
  script_cvs_date("$Date: 2013/08/25 02:35:59 $");

  script_cve_id("CVE-2013-2881", "CVE-2013-2882", "CVE-2013-2883", "CVE-2013-2884", "CVE-2013-2885", "CVE-2013-2886");

  script_name(english:"FreeBSD : chromium -- multiple vulnerabilities (69098c5c-fc4b-11e2-8ad0-00262d5ed8ee)");
  script_summary(english:"Checks for updated package in pkg_info output");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote FreeBSD host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Google Chrome Releases reports :

Eleven vulnerabilities, including :

[257748] Medium CVE-2013-2881: Origin bypass in frame handling. Credit
to Karthik Bhargavan.

[260106] High CVE-2013-2882: Type confusion in V8. Credit to
Cloudfuzzer.

[260165] High CVE-2013-2883: Use-after-free in MutationObserver.
Credit to Cloudfuzzer.

[248950] High CVE-2013-2884: Use-after-free in DOM. Credit to Ivan
Fratric of Google Security Team.

[249640] [257353] High CVE-2013-2885: Use-after-free in input
handling. Credit to Ivan Fratric of Google Security Team.

[261701] High CVE-2013-2886: Various fixes from internal audits,
fuzzing and other initiatives."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.googlechromereleases.blogspot.nl/"
  );
  # http://www.freebsd.org/ports/portaudit/69098c5c-fc4b-11e2-8ad0-00262d5ed8ee.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?502d4a51"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:chromium");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/07/30");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/08/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/05");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013 Tenable Network Security, Inc.");
  script_family(english:"FreeBSD Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");

  exit(0);
}


include("audit.inc");
include("freebsd_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (pkg_test(save_report:TRUE, pkg:"chromium<28.0.1500.95")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2732.NASL
    descriptionSeveral vulnerabilities have been discovered in the Chromium web browser. - CVE-2013-2881 Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling. - CVE-2013-2882 Cloudfuzzer discovered a type confusion issue in the V8 JavaScript library. - CVE-2013-2883 Cloudfuzzer discovered a use-after-free issue in MutationObserver. - CVE-2013-2884 Ivan Fratric of the Google Security Team discovered a use-after-free issue in the DOM implementation. - CVE-2013-2885 Ivan Fratric of the Google Security Team discovered a use-after-free issue in input handling. - CVE-2013-2886 The chrome 28 development team found various issues from internal fuzzing, audits, and other studies.
    last seen2020-03-17
    modified2013-08-07
    plugin id69227
    published2013-08-07
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/69227
    titleDebian DSA-2732-1 : chromium-browser - several vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2732. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include("compat.inc");

if (description)
{
  script_id(69227);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");

  script_cve_id("CVE-2013-2881", "CVE-2013-2882", "CVE-2013-2883", "CVE-2013-2884", "CVE-2013-2885", "CVE-2013-2886");
  script_bugtraq_id(61547, 61548, 61549, 61550, 61551, 61552);
  script_xref(name:"DSA", value:"2732");

  script_name(english:"Debian DSA-2732-1 : chromium-browser - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been discovered in the Chromium web
browser.

  - CVE-2013-2881
    Karthik Bhargavan discovered a way to bypass the Same
    Origin Policy in frame handling.

  - CVE-2013-2882
    Cloudfuzzer discovered a type confusion issue in the V8
    JavaScript library.

  - CVE-2013-2883
    Cloudfuzzer discovered a use-after-free issue in
    MutationObserver.

  - CVE-2013-2884
    Ivan Fratric of the Google Security Team discovered a
    use-after-free issue in the DOM implementation.

  - CVE-2013-2885
    Ivan Fratric of the Google Security Team discovered a
    use-after-free issue in input handling.

  - CVE-2013-2886
    The chrome 28 development team found various issues from
    internal fuzzing, audits, and other studies."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2881"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2882"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2883"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2884"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2885"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2886"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/wheezy/chromium-browser"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2013/dsa-2732"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the chromium-browser packages.

For the stable distribution (wheezy), these problems have been fixed
in version 28.0.1500.95-1~deb7u1."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:chromium-browser");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/07/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/07");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"7.0", prefix:"chromium", reference:"28.0.1500.95-1~deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"chromium-browser", reference:"28.0.1500.95-1~deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"chromium-browser-dbg", reference:"28.0.1500.95-1~deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"chromium-browser-inspector", reference:"28.0.1500.95-1~deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"chromium-browser-l10n", reference:"28.0.1500.95-1~deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"chromium-dbg", reference:"28.0.1500.95-1~deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"chromium-inspector", reference:"28.0.1500.95-1~deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"chromium-l10n", reference:"28.0.1500.95-1~deb7u1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
  • NASL familyWindows
    NASL idGOOGLE_CHROME_28_0_1500_95.NASL
    descriptionThe version of Google Chrome installed on the remote host is a version prior to 28.0.1500.95. It is, therefore, affected by multiple vulnerabilities : - A cross-origin restriction bypass error exists related to HTML frames. (CVE-2013-2881) - A type-confusion error exists in the V8 JavaScript engine. (CVE-2013-2882) - Use-after-free errors exist related to MutationObserver, DOM and input handling. (CVE-2013-2883, CVE-2013-2884, CVE-2013-2885) - Unspecified errors exist with no further details. (CVE-2013-2886)
    last seen2020-06-01
    modified2020-06-02
    plugin id69139
    published2013-07-30
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/69139
    titleGoogle Chrome < 28.0.1500.95 Multiple Vulnerabilities
    code
    #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(69139);
  script_version("1.18");
  script_cvs_date("Date: 2019/11/27");

  script_cve_id(
    "CVE-2013-2881",
    "CVE-2013-2882",
    "CVE-2013-2883",
    "CVE-2013-2884",
    "CVE-2013-2885",
    "CVE-2013-2886"
  );
  script_bugtraq_id(
    61547,
    61548,
    61549,
    61550,
    61551,
    61552
  );

  script_name(english:"Google Chrome < 28.0.1500.95 Multiple Vulnerabilities");
  script_summary(english:"Checks version number of Google Chrome");

  script_set_attribute(attribute:"synopsis", value:
"The remote host contains a web browser that is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote host is a version
prior to 28.0.1500.95.  It is, therefore, affected by multiple
vulnerabilities :

  - A cross-origin restriction bypass error exists
    related to HTML frames. (CVE-2013-2881)

  - A type-confusion error exists in the V8 JavaScript
    engine. (CVE-2013-2882)

  - Use-after-free errors exist related to
    MutationObserver, DOM and input handling.
    (CVE-2013-2883, CVE-2013-2884, CVE-2013-2885)

  - Unspecified errors exist with no further details.
    (CVE-2013-2886)");
  # https://chromereleases.googleblog.com/2013/07/stable-channel-update_30.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a01ad123");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome 28.0.1500.95 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-2886");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/07/30");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/07/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("google_chrome_installed.nasl");
  script_require_keys("SMB/Google_Chrome/Installed");

  exit(0);
}

include("google_chrome_version.inc");

get_kb_item_or_exit("SMB/Google_Chrome/Installed");

installs = get_kb_list("SMB/Google_Chrome/*");
google_chrome_check_version(installs:installs, fix:'28.0.1500.95', severity:SECURITY_HOLE, xss:TRUE);
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201309-16.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201309-16 (Chromium, V8: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact : A context-dependent attacker could entice a user to open a specially crafted website or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass security restrictions or have other, unspecified, impact. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id70112
    published2013-09-25
    reporterThis script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/70112
    titleGLSA-201309-16 : Chromium, V8: Multiple vulnerabilities
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 201309-16.
#
# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(70112);
  script_version("1.26");
  script_cvs_date("Date: 2018/07/12 15:01:52");

  script_cve_id("CVE-2012-5116", "CVE-2012-5117", "CVE-2012-5118", "CVE-2012-5120", "CVE-2012-5121", "CVE-2012-5122", "CVE-2012-5123", "CVE-2012-5124", "CVE-2012-5125", "CVE-2012-5126", "CVE-2012-5127", "CVE-2012-5128", "CVE-2012-5130", "CVE-2012-5132", "CVE-2012-5133", "CVE-2012-5135", "CVE-2012-5136", "CVE-2012-5137", "CVE-2012-5138", "CVE-2012-5139", "CVE-2012-5140", "CVE-2012-5141", "CVE-2012-5142", "CVE-2012-5143", "CVE-2012-5144", "CVE-2012-5145", "CVE-2012-5146", "CVE-2012-5147", "CVE-2012-5148", "CVE-2012-5149", "CVE-2012-5150", "CVE-2012-5151", "CVE-2012-5152", "CVE-2012-5153", "CVE-2012-5154", "CVE-2013-0828", "CVE-2013-0829", "CVE-2013-0830", "CVE-2013-0831", "CVE-2013-0832", "CVE-2013-0833", "CVE-2013-0834", "CVE-2013-0835", "CVE-2013-0836", "CVE-2013-0837", "CVE-2013-0838", "CVE-2013-0839", "CVE-2013-0840", "CVE-2013-0841", "CVE-2013-0842", "CVE-2013-0879", "CVE-2013-0880", "CVE-2013-0881", "CVE-2013-0882", "CVE-2013-0883", "CVE-2013-0884", "CVE-2013-0885", "CVE-2013-0887", "CVE-2013-0888", "CVE-2013-0889", "CVE-2013-0890", "CVE-2013-0891", "CVE-2013-0892", "CVE-2013-0893", "CVE-2013-0894", "CVE-2013-0895", "CVE-2013-0896", "CVE-2013-0897", "CVE-2013-0898", "CVE-2013-0899", "CVE-2013-0900", "CVE-2013-0902", "CVE-2013-0903", "CVE-2013-0904", "CVE-2013-0905", "CVE-2013-0906", "CVE-2013-0907", "CVE-2013-0908", "CVE-2013-0909", "CVE-2013-0910", "CVE-2013-0911", "CVE-2013-0912", "CVE-2013-0916", "CVE-2013-0917", "CVE-2013-0918", "CVE-2013-0919", "CVE-2013-0920", "CVE-2013-0921", "CVE-2013-0922", "CVE-2013-0923", "CVE-2013-0924", "CVE-2013-0925", "CVE-2013-0926", "CVE-2013-2836", "CVE-2013-2837", "CVE-2013-2838", "CVE-2013-2839", "CVE-2013-2840", "CVE-2013-2841", "CVE-2013-2842", "CVE-2013-2843", "CVE-2013-2844", "CVE-2013-2845", "CVE-2013-2846", "CVE-2013-2847", "CVE-2013-2848", "CVE-2013-2849", "CVE-2013-2853", "CVE-2013-2855", "CVE-2013-2856", "CVE-2013-2857", "CVE-2013-2858", "CVE-2013-2859", "CVE-2013-2860", "CVE-2013-2861", "CVE-2013-2862", "CVE-2013-2863", "CVE-2013-2865", "CVE-2013-2867", "CVE-2013-2868", "CVE-2013-2869", "CVE-2013-2870", "CVE-2013-2871", "CVE-2013-2874", "CVE-2013-2875", "CVE-2013-2876", "CVE-2013-2877", "CVE-2013-2878", "CVE-2013-2879", "CVE-2013-2880", "CVE-2013-2881", "CVE-2013-2882", "CVE-2013-2883", "CVE-2013-2884", "CVE-2013-2885", "CVE-2013-2886", "CVE-2013-2887", "CVE-2013-2900", "CVE-2013-2901", "CVE-2013-2902", "CVE-2013-2903", "CVE-2013-2904", "CVE-2013-2905");
  script_bugtraq_id(56413, 56684, 56741, 56903, 58318, 58388, 58723, 58724, 58725, 58727, 58728, 58729, 58730, 58731, 58732, 58733, 58734, 59326, 59327, 59328, 59330, 59331, 59332, 59334, 59336, 59337, 59338, 59339, 59340, 59342, 59343, 59344, 59345, 59346, 59347, 59349, 59351, 59413, 59414, 59415, 59416, 59417, 59418, 59419, 59420, 59422, 59423, 59425, 59427, 59428, 59429, 59430, 59431, 59433, 59435, 59436, 59437, 59438, 59515, 59516, 59518, 59520, 59521, 59522, 59523, 59524, 59680, 59681, 59682, 59683, 60062, 60063, 60064, 60065, 60066, 60067, 60068, 60069, 60070, 60071, 60072, 60073, 60074, 60076, 60395, 60396, 60397, 60398, 60399, 60400, 60401, 60403, 60404, 60405, 61046, 61047, 61049, 61050, 61051, 61052, 61054, 61055, 61057, 61059, 61060, 61061, 61547, 61548, 61549, 61550, 61551, 61552, 61885, 61886, 61887, 61888, 61889, 61890, 61891);
  script_xref(name:"GLSA", value:"201309-16");

  script_name(english:"GLSA-201309-16 : Chromium, V8: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-201309-16
(Chromium, V8: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and V8. Please
      review the CVE identifiers and release notes referenced below for
      details.
  
Impact :

    A context-dependent attacker could entice a user to open a specially
      crafted website or JavaScript program using Chromium or V8, possibly
      resulting in the execution of arbitrary code with the privileges of the
      process or a Denial of Service condition. Furthermore, a remote attacker
      may be able to bypass security restrictions or have other, unspecified,
      impact.
  
Workaround :

    There is no known workaround at this time."
  );
  # https://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?0b9b0b08"
  );
  # https://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?2f59319e"
  );
  # https://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?ee73f07e"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/201309-16"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All Chromium users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose
      '>=www-client/chromium-29.0.1457.57'
    All V8 users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=dev-lang/v8-3.18.5.14'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:chromium");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:v8");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/09/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/25");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"www-client/chromium", unaffected:make_list("ge 29.0.1457.57"), vulnerable:make_list("lt 29.0.1457.57"))) flag++;
if (qpkg_check(package:"dev-lang/v8", unaffected:make_list("ge 3.18.5.14"), vulnerable:make_list("lt 3.18.5.14"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Chromium / V8");
}

Oval

accepted2013-09-09T04:02:46.427-04:00
classvulnerability
contributors
nameShane Shaffer
organizationG2, Inc.
definition_extensions
commentGoogle Chrome is installed
ovaloval:org.mitre.oval:def:11914
descriptionMultiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
familywindows
idoval:org.mitre.oval:def:17704
statusaccepted
submitted2013-07-31T16:20:28.782-04:00
titleMultiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95
version40

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 61514 CVE(CAN) ID: CVE-2013-2881,CVE-2013-2882,CVE-2013-2883,CVE-2013-2884,CVE-2013-2885,CVE-2013-2886 Google Chrome是由Google开发的一款设计简单、高效的Web浏览工具。 Chrome 28.0.1500.95存在多个安全漏洞,攻击者可利用这些漏洞在浏览器中执行任意代码、绕过安全限制、泄露敏感信息、造成拒绝服务。 0 Google Chrome &lt; 28.0.1500.95 厂商补丁: Google ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.google.com
idSSV:60928
last seen2017-11-19
modified2013-08-05
published2013-08-05
reporterRoot
titleGoogle Chrome 28.0.1500.95之前版本多个安全漏洞

References