FreeBSD : chromium -- vulnerability (36ff7a74-47b1-11e8-a7d6-54e1ad544088)

high Nessus Plugin ID 109330

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Google Chrome Releases reports :

62 security fixes in this release :

- [826626] Critical CVE-2018-6085: Use after free in Disk Cache.
Reported by Ned Williamson on 2018-03-28

- [827492] Critical CVE-2018-6086: Use after free in Disk Cache.
Reported by Ned Williamson on 2018-03-30

- [813876] High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20

- [822091] High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15

- [808838] High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04

- [820913] High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12

- [771933] High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05

- [819869] High CVE-2018-6092: Integer overflow in WebAssembly.
Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08

- [780435] Medium CVE-2018-6093: Same origin bypass in Service Worker.
Reported by Jun Kokatsu (@shhnjk) on 2017-11-01

- [633030] Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01

- [637098] Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11

- [776418] Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19

- [806162] Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26

- [798892] Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03

- [808825] Medium CVE-2018-6099: CORS bypass in ServiceWorker.
Reported by Jun Kokatsu (@shhnjk) on 2018-02-03

- [811117] Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11

- [813540] Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19

- [813814] Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20

- [816033] Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24

- [820068] Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08

- [803571] Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18

- [805729] Medium CVE-2018-6106: Incorrect handling of promises in V8.
Reported by lokihardt of Google Project Zero on 2018-01-25

- [808316] Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02

- [816769] Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27

- [710190] Low CVE-2018-6109: Incorrect handling of files by FileAPI.
Reported by Dominik Weber (@DoWeb_) on 2017-04-10

- [777737] Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24

- [780694] Low CVE-2018-6111: Heap-use-after-free in DevTools.
Reported by Khalil Zhani on 2017-11-02

- [798096] Low CVE-2018-6112: Incorrect URL handling in DevTools.
Reported by Rob Wu on 2017-12-29

- [805900] Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25

- [811691] Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13

- [819809] Low CVE-2018-6115: SmartScreen bypass in downloads.
Reported by James Feher on 2018-03-07

- [822266] Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15

- [822465] Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15

- [822424] Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15

Solution

Update the affected package.

See Also

http://www.nessus.org/u?db76b488

http://www.nessus.org/u?288bbd0c

Plugin Details

Severity: High

ID: 109330

File Name: freebsd_pkg_36ff7a7447b111e8a7d654e1ad544088.nasl

Version: 1.8

Type: local

Published: 4/25/2018

Updated: 7/10/2019

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:POC/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:chromium, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/24/2018

Vulnerability Publication Date: 4/10/2017

Reference Information

CVE: CVE-2018-6084, CVE-2018-6085, CVE-2018-6086, CVE-2018-6087, CVE-2018-6088, CVE-2018-6089, CVE-2018-6090, CVE-2018-6091, CVE-2018-6092, CVE-2018-6093, CVE-2018-6094, CVE-2018-6095, CVE-2018-6096, CVE-2018-6097, CVE-2018-6098, CVE-2018-6099, CVE-2018-6100, CVE-2018-6101, CVE-2018-6102, CVE-2018-6103, CVE-2018-6104, CVE-2018-6105, CVE-2018-6106, CVE-2018-6107, CVE-2018-6108, CVE-2018-6109, CVE-2018-6110, CVE-2018-6111, CVE-2018-6112, CVE-2018-6113, CVE-2018-6114, CVE-2018-6115, CVE-2018-6116, CVE-2018-6117