Google Chrome < 60.0.3112.78 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 700171
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote host is utilizing a web browser that is affected by multiple attack vectors.

Description

The version of Google Chrome installed on the remote host is prior to 60.0.3112.78, and is affected by multiple vulnerabilities :

- A use-after-free error exists in IndexedDB due to improper handling of cursors during transactions. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-5091)
- A use-after-free error exists in the PPAPI component that allows unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-5092)
- An unspecified flaw exists in Blink that is triggered when displaying JavaScript alerts in fullscreen mode. An unauthenticated, remote attacker can exploit this to spoof components in the user interface. (CVE-2017-5093)
- A type confusion error exists in the 'Extensions Bindings' component that is triggered when passing event filters. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-5094)
- An overflow condition exists in PDFium due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2017-5095)
- An unspecified flaw exists related to 'Android intents' that allows an unauthenticated, remote attacker to disclose sensitive user information. (CVE-2017-5096)
- An out-of-bounds read error exists in Skia due to improper handling of verb arrays. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2017-5097)
- A use-after-free error exists in Google V8 that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-5098)
- An out-of-bounds write error exists in the PPAPI component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-5099)
- A use-after-free error exists in the 'Chrome Apps' component that allows an unauthenticated, remote attacker to have an unspecified impact. (CVE-2017-5100)
- Multiple unspecified flaws exist in the OmniBox component that allow an unauthenticated, remote attacker to spoof URLs in the address bar. (CVE-2017-5101, CVE-2017-5105)
- Multiple uninitialized memory use flaws exist in Skia that allow an unauthenticated, remote attacker to have an unspecified impact. (CVE-2017-5102, CVE-2017-5103)
- Multiple unspecified flaws exist that allow an unauthenticated, remote attacker to spoof components in the user interface. (CVE-2017-5104, CVE-2017-5109)
- A flaw exists in OmniBox that is triggered as domain names containing arbitrary Cyrillic letters are rendered in the address bar. An unauthenticated, remote attacker can exploit this, via a specially crafted domain name, to spoof the URL in the address bar. (CVE-2017-5106)
- A flaw exists in the SVG filters component due to improper handling of floating point multiplication. An unauthenticated, remote attacker can exploit this, via a timing attack, to extract sensitive user information. (CVE-2017-5107)
- A type confusion error exists in Google V8 that allows an unauthenticated, remote attacker to have an unspecified impact. (CVE-2017-5108)
- An unspecified flaw exists in the Payments dialog that allows an unauthenticated, remote attacker to spoof components in the user interface. (CVE-2017-5110)
- A type confusion error exists in SQLite due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-7000)

Solution

Update the Chrome browser to 60.0.3112.78 or later.

See Also

http://www.nessus.org/u?36f62a15

Plugin Details

Severity: High

ID: 700171

Family: Web Clients

Published: 8/2/2017

Updated: 3/6/2019

Nessus ID: 101981

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Patch Publication Date: 7/25/2017

Vulnerability Publication Date: 2/27/2017

Reference Information

CVE: CVE-2017-5091, CVE-2017-5092, CVE-2017-5093, CVE-2017-5094, CVE-2017-5095, CVE-2017-5096, CVE-2017-5097, CVE-2017-5098, CVE-2017-5099, CVE-2017-5100, CVE-2017-5101, CVE-2017-5102, CVE-2017-5103, CVE-2017-5104, CVE-2017-5105, CVE-2017-5106, CVE-2017-5107, CVE-2017-5108, CVE-2017-5109, CVE-2017-5110, CVE-2017-7000

BID: 99950