FreeBSD : chromium -- Stack overflow in V8 (3cd46257-bbc5-11e7-a3bc-e8e0b747a45a)

high Nessus Plugin ID 104227

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Google Chrome Releases reports :

2 security fixes in this release, including :

- [770452] High CVE-2017-15396: Stack overflow in V8. Reported by Yuan Deng of Ant-financial Light-Year Security Lab on 2017-09-30

- [770450] Medium CVE-2017-15406: Stack overflow in V8. Reported by Yuan Deng of Ant-financial Light-Year Security Lab on 2017-09-30

Solution

Update the affected package.

See Also

http://www.nessus.org/u?6133a3fa

http://www.nessus.org/u?a47eee78

Plugin Details

Severity: High

ID: 104227

File Name: freebsd_pkg_3cd46257bbc511e7a3bce8e0b747a45a.nasl

Version: 3.7

Type: local

Published: 10/30/2017

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:chromium, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/28/2017

Vulnerability Publication Date: 10/26/2017

Reference Information

CVE: CVE-2017-15396, CVE-2017-15406