Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.851634 |
Categoría: | SuSE Local Security Checks |
Título: | openSUSE: Security Advisory for chromium (openSUSE-SU-2017:2902-1) |
Resumen: | The remote host is missing an update for the 'chromium'; package(s) announced via the referenced advisory. |
Descripción: | Summary: The remote host is missing an update for the 'chromium' package(s) announced via the referenced advisory. Vulnerability Insight: This update to Chromium 62.0.3202.75 fixes the following security issues: - CVE-2017-5124: UXSS with MHTML - CVE-2017-5125: Heap overflow in Skia - CVE-2017-5126: Use after free in PDFium - CVE-2017-5127: Use after free in PDFium - CVE-2017-5128: Heap overflow in WebGL - CVE-2017-5129: Use after free in WebAudio - CVE-2017-5132: Incorrect stack manipulation in WebAssembly. - CVE-2017-5130: Heap overflow in libxml2 - CVE-2017-5131: Out of bounds write in Skia - CVE-2017-5133: Out of bounds write in Skia - CVE-2017-15386: UI spoofing in Blink - CVE-2017-15387: Content security bypass - CVE-2017-15388: Out of bounds read in Skia - CVE-2017-15389: URL spoofing in OmniBox - CVE-2017-15390: URL spoofing in OmniBox - CVE-2017-15391: Extension limitation bypass in Extensions. - CVE-2017-15392: Incorrect registry key handling in PlatformIntegration - CVE-2017-15393: Referrer leak in Devtools - CVE-2017-15394: URL spoofing in extensions UI - CVE-2017-15395: Null pointer dereference in ImageCapture - CVE-2017-15396: Stack overflow in V8 Affected Software/OS: chromium on openSUSE Leap 42.3, openSUSE Leap 42.2 Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-5124 BugTraq ID: 101482 http://www.securityfocus.com/bid/101482 Debian Security Information: DSA-4020 (Google Search) https://www.debian.org/security/2017/dsa-4020 https://security.gentoo.org/glsa/201710-24 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://chromium.googlesource.com/chromium/src/+/4558c2885e618557a674660aff57404d25537070 https://crbug.com/762930 https://github.com/Bo0oM/CVE-2017-5124 https://www.reddit.com/r/netsec/comments/7cus2h/chrome_61_uxss_exploit_cve20175124/ RedHat Security Advisories: RHSA-2017:2997 https://access.redhat.com/errata/RHSA-2017:2997 Common Vulnerability Exposure (CVE) ID: CVE-2017-5125 https://crbug.com/749147 Common Vulnerability Exposure (CVE) ID: CVE-2017-5126 https://crbug.com/760455 Common Vulnerability Exposure (CVE) ID: CVE-2017-5127 https://crbug.com/765384 Common Vulnerability Exposure (CVE) ID: CVE-2017-5128 https://crbug.com/765469 Common Vulnerability Exposure (CVE) ID: CVE-2017-5129 https://crbug.com/765495 Common Vulnerability Exposure (CVE) ID: CVE-2017-5130 http://bugzilla.gnome.org/show_bug.cgi?id=783026 https://crbug.com/722079 https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed https://www.oracle.com/security-alerts/cpuapr2020.html https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html Common Vulnerability Exposure (CVE) ID: CVE-2017-5131 https://crbug.com/744109 Common Vulnerability Exposure (CVE) ID: CVE-2017-5132 https://crbug.com/718858 Common Vulnerability Exposure (CVE) ID: CVE-2017-5133 https://crbug.com/762106 |
Copyright | Copyright (C) 2017 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |