Google Chrome < 57.0.2987.133 Multiple Vulnerabilities (macOS)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

A web browser installed on the remote macOS or Mac OS X host is
affected by multiple vulnerabilities.

Description :

The version of Google Chrome installed on the remote macOS or Mac OS X
host is prior to 57.0.2987.133. It is, therefore, affected by the
following vulnerabilities :

- A type cast error exists in Blink in the
LayoutInline::absoluteVisualRect() function within file
layout/LayoutInline.cpp that allows an unauthenticated,
remote attacker to cause an unspecified impact.
(CVE-2017-5052)

- An out-of-bounds read error exists in V8 in the
IndexOfValueImpl() function template within file
builtins/builtins-array.cc when handling arrays. An
unauthenticated, remote attacker can exploit this to
disclose memory content. (CVE-2017-5053)

- A heap buffer overflow condition exists in V8 that
allows an unauthenticated, remote attacker to execute
arbitrary code. (CVE-2017-5054)

- A use-after-free error exists in the PrintViewManager
class within file printing/print_view_manager.cc when
handling previews. An unauthenticated, remote attacker
can exploit this to deference already freed memory,
resulting in the execution arbitrary code.
(CVE-2017-5055)

- A use-after-free error exists in the Blink that allows
an unauthenticated, remote attacker to dereference
already freed memory, resulting in the execution of
arbitrary code. (CVE-2017-5056)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://www.nessus.org/u?64842ac1

Solution :

Upgrade to Google Chrome version 57.0.2987.133 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 99137 ()

Bugtraq ID: 97220
97221

CVE ID: CVE-2017-5052
CVE-2017-5053
CVE-2017-5054
CVE-2017-5055
CVE-2017-5056

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now