Detections
Analytics

Google Chrome < 58.0.3029.81 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 700067

Synopsis

The remote host is utilizing a web browser that is affected by multiple attack vectors.

Description

The version of Google Chrome installed on the remote host is prior to 58.0.3029.81, and is affected by multiple vulnerabilities :

 - A type confusion error exists in PDFium in the 'CJS_Object::GetEmbedObject()' function that allows an unauthenticated, remote attacker to have an unspecified impact. (CVE-2017-5057)
 - A use-after-free error exists in Print Preview that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-5058)
 - A type confusion error exists in Blink due to improper handling of pseudo-elements in layout trees. An unauthenticated, remote attacker can exploit this to have an unspecified impact. (CVE-2017-5059)
 - A spoofing vulnerability exists in 'url_formatter.cc' due to improper handling of Cyrillic letters in domain names. An unauthenticated, remote attacker can exploit this to spoof URLs in the address bar. (CVE-2017-5060)
 - A flaw exists in the Omnibox component that is triggered as unloaded content may be rendered in a compositor frame after a navigation commit. An unauthenticated, remote attacker can exploit this to spoof URLs in the address bar. (CVE-2017-5061)
 - A use-after-free error exists in the Apps component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-5062)
 - A heap-based buffer overflow condition exists in the Skia component in the 'spanSlowRate()' function in 'SkLinearBitmapPipeline_sample.h' due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution arbitrary code. (CVE-2017-5063)
 - A use-after-free error exists in Blink that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-5064)
 - A flaw exists in Blink due to a failure to properly close validation bubbles when uploading a document. An unauthenticated, remote attacker can exploit this to cause an unspecified impact. (CVE-2017-5065)
 - A flaw exists in the Networking component due to a failure to verify certificate chains that have mismatching signature algorithms. An unauthenticated, remote attacker can exploit this to have an unspecified impact. (CVE-2017-5066)
 - An unspecified flaw exists in the Omnibox component that allows an unauthenticated, remote attacker to spoof URLs. (CVE-2017-5067)
 - A same-origin policy bypass vulnerability exists in the 'PingLoader::sendViolationReport()' function in 'PingLoader.cpp' due to improper handling of HTTP Content-Type headers in CSP or XSS auditor violation reports. An unauthenticated, remote attacker can exploit this to bypass the same-origin policy. (CVE-2017-5069)

Solution

Update the Chrome browser to 58.0.3029.81 or later.

See Also

https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html

Plugin Details

Severity: High

ID: 700067

Family: Web Clients

Published: 4/25/2017

Updated: 3/6/2019

Nessus ID: 99633

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:google:chrome

Patch Publication Date: 4/19/2017

Vulnerability Publication Date: 2/20/2017

Reference Information

CVE: CVE-2017-5057

BID: 97939