The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0309 advisory.

  - chromium-browser: Inappropriate implementation in QUIC Networking (CVE-2019-5754)

  - chromium-browser: Inappropriate implementation in V8 (CVE-2019-5755, CVE-2019-5782)

  - chromium-browser: Use after free in PDFium (CVE-2019-5756, CVE-2019-5762, CVE-2019-5772)

  - chromium-browser: Type Confusion in SVG (CVE-2019-5757)

  - chromium-browser: Use after free in Blink (CVE-2019-5758)

  - chromium-browser: Use after free in HTML select elements (CVE-2019-5759)

  - chromium-browser: Use after free in WebRTC (CVE-2019-5760, CVE-2019-5764)

  - chromium-browser: Use after free in SwiftShader (CVE-2019-5761)

  - chromium-browser: Insufficient validation of untrusted input in V8 (CVE-2019-5763)

  - chromium-browser: Insufficient policy enforcement in the browser (CVE-2019-5765)

  - chromium-browser: Insufficient policy enforcement in Canvas (CVE-2019-5766)

  - chromium-browser: Incorrect security UI in WebAPKs (CVE-2019-5767)

  - chromium-browser: Insufficient policy enforcement in DevTools (CVE-2019-5768)

  - chromium-browser: Insufficient validation of untrusted input in Blink (CVE-2019-5769)

  - chromium-browser: Heap buffer overflow in WebGL (CVE-2019-5770)

  - chromium-browser: Heap buffer overflow in SwiftShader (CVE-2019-5771)

  - chromium-browser: Insufficient data validation in IndexedDB (CVE-2019-5773)

  - chromium-browser: Insufficient validation of untrusted input in SafeBrowsing (CVE-2019-5774)

  - chromium-browser: Insufficient policy enforcement in Omnibox (CVE-2019-5775, CVE-2019-5776, CVE-2019-5777,     CVE-2019-5781)

  - chromium-browser: Insufficient policy enforcement in Extensions (CVE-2019-5778)

  - chromium-browser: Insufficient policy enforcement in ServiceWorker (CVE-2019-5779)

  - chromium-browser: Insufficient policy enforcement (CVE-2019-5780)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 6 : chromium-browser (RHSA-2019:0309)

critical Nessus Plugin ID 122112

Version 1.10

Version 1.9

Version 1.10 Jun 21, 2024, 2:16 PM Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202406211416
Version 1.9 Apr 25, 2024, 2:46 AM Detection (updated detection logic) Plugin metadata CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") Plugin Feed: 202404250246