Google Chrome < 54.0.2840.98 Multiple Vulnerabilities (macOS)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

A web browser installed on the remote macOS or Mac OS X host is
affected by multiple vulnerabilities.

Description :

The version of Google Chrome installed on the remote macOS or Mac OS X
host is prior to 54.0.2840.98. It is, therefore, affected by the
following vulnerabilities :

- A remote code execution vulnerability exists in the
FFmpeg component due to an integer overflow condition in
the mov_read_keys() function in mov.c caused by improper
validation of user-supplied input. An unauthenticated,
remote attacker can exploit this, by convincing a user
to visit a website containing specially crafted content,
to cause a denial of service condition or the execution
of arbitrary code. (CVE-2016-5199)

- A denial of service vulnerability exists in the V8
component due to an out-of-bounds read error that is
triggered when handling 'Math.sign'. An unauthenticated,
remote attacker can exploit this, by convincing a user
to visit a website containing specially crafted content,
to crash the browser or disclose memory contents.
(CVE-2016-5200)

- An information disclosure vulnerability exists due to a
flaw in the expose() function in utils.js. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a website containing
specially crafted content, to disclose sensitive
internal class information. (CVE-2016-5201)

- An unspecified vulnerability exists in the
PruneExpiredDevices() function in dial_registry.cc that
allows an unauthenticated, remote attacker to have an
unspecified impact. (CVE-2016-5202)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://www.nessus.org/u?bdb7f5cb

Solution :

Upgrade to Google Chrome version 54.0.2840.98 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 94677 ()

Bugtraq ID: 94196

CVE ID: CVE-2016-5199
CVE-2016-5200
CVE-2016-5201
CVE-2016-5202

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now