FreeBSD : chromium -- multiple vulnerabilities (8e986b2b-1baa-11e8-a944-54ee754af08e)

high Nessus Plugin ID 107044

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Google Chrome Releases reports :

Several security fixes in this release, including :

- [780450] High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01

- [787103] High CVE-2018-6032: Same origin bypass in Shared Worker.
Reported by Jun Kokatsu (@shhnjk) on 2017-11-20

- [793620] High CVE-2018-6033: Race when opening downloaded files.
Reported by Juho Nurminen on 2017-12-09

- [784183] Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12

- [797500] Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23

- [797500] Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23

- [753645] Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09

- [774174] Medium CVE-2018-6038: Heap buffer overflow in WebGL.
Reported by cloudfuzzer on 2017-10-12

- [775527] Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17

- [778658] Medium CVE-2018-6040: Content security policy bypass.
Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26

- [760342] Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29

- [773930] Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12

- [785809] Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16

- [797497] Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23

- [798163] Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31

- [799847] Medium CVE-2018-6047: Cross origin URL leak in WebGL.
Reported by Masato Kinugawa on 2018-01-08

- [763194] Low CVE-2018-6048: Referrer policy bypass in Blink.
Reported by Jun Kokatsu (@shhnjk) on 2017-09-08

- [771848] Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05

- [774438] Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13

- [774842] Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15

- [441275] Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11

- [615608] Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28

- [758169] Low CVE-2018-6053: Leak of page thumbnails in New Tab Page.
Reported by Asset Kabdenov on 2017-08-23

- [797511] Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24

Solution

Update the affected package.

See Also

http://www.nessus.org/u?26e44d0b

http://www.nessus.org/u?efc939e5

Plugin Details

Severity: High

ID: 107044

File Name: freebsd_pkg_8e986b2b1baa11e8a94454ee754af08e.nasl

Version: 3.6

Type: local

Published: 2/28/2018

Updated: 7/10/2019

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:chromium, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2/27/2018

Vulnerability Publication Date: 8/9/2017

Reference Information

CVE: CVE-2017-15420, CVE-2018-6031, CVE-2018-6032, CVE-2018-6033, CVE-2018-6034, CVE-2018-6035, CVE-2018-6036, CVE-2018-6037, CVE-2018-6038, CVE-2018-6039, CVE-2018-6040, CVE-2018-6041, CVE-2018-6042, CVE-2018-6043, CVE-2018-6045, CVE-2018-6046, CVE-2018-6047, CVE-2018-6048, CVE-2018-6049, CVE-2018-6050, CVE-2018-6051, CVE-2018-6052, CVE-2018-6053, CVE-2018-6054