Detections
Analytics

Google Chrome OS < 33.0.1750.152 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 8202

Synopsis

The remote mobile host was detected using an outdated version of the Chrome OS.

Description

Chrome OS version 33.0.1750.152 (Platform version: 5116.115.4/5116.115.5) was released with fixes for the following security vulnerabilities :

 - Memory corruption in V8 via the builtin ArrayBuffer property access, which can lead to remote code execution (CVE-2014-1705)
 - Command injection in Crosh via the try_touch_experiment function, which may allow a context-dependent attacker to run arbitrary commands (CVE-2014-1706)
 - Path traversal issue in CrosDisk due to insufficient user input sanitation when mounting a source (CVE-2014-1707)
 - Issue with file persistence at boot, relating to a flaw in dump_vpd_log (CVE-2014-1708)
 - Memory corruption flaw in the AsyncPixelTransfersCompletedQuery::End() function in the GPU command buffer, which a context-dependent attacker can leverage to run arbitrary code (CVE-2014-1710)
 - Out-of-bounds write in the GPU driver, which can be leveraged to execute arbitrary code (CVE-2014-1711)
 - Use-after-free error in Blink bindings used in the V8 engine, which can be leveraged to execute arbitrary code (CVE-2014-1713)

Solution

Update Chrome OS to version 33.0.1750.152 or later.

See Also

http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html

http://packetstormsecurity.com/files/125893/Google-Chrome-Blink-locationAttributeSetter-Use-After-Free.html

Plugin Details

Severity: High

ID: 8202

Published: 5/1/2014

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:google:chrome_os

Patch Publication Date: 3/14/2014

Vulnerability Publication Date: 3/14/2014

Reference Information

CVE: CVE-2014-1705, CVE-2014-1706, CVE-2014-1707, CVE-2014-1708, CVE-2014-1710, CVE-2014-1711, CVE-2014-1713

BID: 66243, 66253, 66239, 66263