Vulnerabilities > CVE-2017-15428 - Out-of-bounds Write vulnerability in Google Chrome

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
google
CWE-787
nessus
NVD
Published: 2019-01-09
Updated: 2023-11-07

Summary

Insufficient data validation in V8 builtins string generator could lead to out of bounds read and write access in V8 in Google Chrome prior to 62.0.3202.94 and allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

Vulnerable Configurations

Part Description Count
Application
Google
3810

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_GOOGLE_CHROME_62_0_3202_94.NASL
    descriptionThe version of Google Chrome installed on the remote macOS or Mac OS X host is prior to 62.0.3202.94. It is, therefore, affected by an out of bounds read flaw in V8 as noted in Chrome stable channel update release notes for November 13th 2017. Please refer to the release notes for additional information.
    last seen2020-06-01
    modified2020-06-02
    plugin id106351
    published2018-01-25
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106351
    titleGoogle Chrome < 62.0.3202.94 Out of bounds read flaw in V8 (macOS)
    code
    #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(106351);
  script_version("1.5");
  script_cvs_date("Date: 2019/11/08");

  script_cve_id("CVE-2017-15428");

  script_name(english:"Google Chrome < 62.0.3202.94 Out of bounds read flaw in V8 (macOS)");
  script_summary(english:"Checks the version of Google Chrome.");

  script_set_attribute(attribute:"synopsis", value:
"A web browser installed on the remote macOS or Mac OS X host is
affected by an out of bounds read flaw in the V8 component of Google
Chrome.");
  script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote macOS or Mac OS X
host is prior to 62.0.3202.94. It is, therefore, affected by an out of
bounds read flaw in V8 as noted in Chrome stable channel update
release notes for November 13th 2017. Please refer to the release
notes for additional  information.");
  # https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop_13.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?19ef0025");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome version 62.0.3202.94 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-15428");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/11/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/11/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/25");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_google_chrome_installed.nbin");
  script_require_keys("MacOSX/Google Chrome/Installed");

  exit(0);
}

include("google_chrome_version.inc");

get_kb_item_or_exit("MacOSX/Google Chrome/Installed");

google_chrome_check_version(fix:'62.0.3202.94', severity:SECURITY_WARNING);
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_82894193FFD411E78B91E8E0B747A45A.NASL
    descriptionGoogle Chrome Releases reports : 1 security fix in this release, including : - [782145] High CVE-2017-15428: Out of bounds read in V8. Reported by Zhao Qixun of Qihoo 360 Vulcan Team on 2017-11-07
    last seen2020-06-01
    modified2020-06-02
    plugin id106237
    published2018-01-23
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106237
    titleFreeBSD : chromium -- out of bounds read (82894193-ffd4-11e7-8b91-e8e0b747a45a)
  • NASL familyWindows
    NASL idGOOGLE_CHROME_62_0_3202_94.NASL
    descriptionThe version of Google Chrome installed on the remote Windows host is prior to 62.0.3202.94. It is, therefore, affected by an out of bounds read flaw in V8 as noted in Chrome stable channel update release notes for November 13th, 2017. Please refer to the release notes for additional information. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id106350
    published2018-01-25
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106350
    titleGoogle Chrome < 62.0.3202.94 Out of bounds read flaw in V8

References