Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.851634 |
Kategorie: | SuSE Local Security Checks |
Titel: | openSUSE: Security Advisory for chromium (openSUSE-SU-2017:2902-1) |
Zusammenfassung: | The remote host is missing an update for the 'chromium'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'chromium' package(s) announced via the referenced advisory. Vulnerability Insight: This update to Chromium 62.0.3202.75 fixes the following security issues: - CVE-2017-5124: UXSS with MHTML - CVE-2017-5125: Heap overflow in Skia - CVE-2017-5126: Use after free in PDFium - CVE-2017-5127: Use after free in PDFium - CVE-2017-5128: Heap overflow in WebGL - CVE-2017-5129: Use after free in WebAudio - CVE-2017-5132: Incorrect stack manipulation in WebAssembly. - CVE-2017-5130: Heap overflow in libxml2 - CVE-2017-5131: Out of bounds write in Skia - CVE-2017-5133: Out of bounds write in Skia - CVE-2017-15386: UI spoofing in Blink - CVE-2017-15387: Content security bypass - CVE-2017-15388: Out of bounds read in Skia - CVE-2017-15389: URL spoofing in OmniBox - CVE-2017-15390: URL spoofing in OmniBox - CVE-2017-15391: Extension limitation bypass in Extensions. - CVE-2017-15392: Incorrect registry key handling in PlatformIntegration - CVE-2017-15393: Referrer leak in Devtools - CVE-2017-15394: URL spoofing in extensions UI - CVE-2017-15395: Null pointer dereference in ImageCapture - CVE-2017-15396: Stack overflow in V8 Affected Software/OS: chromium on openSUSE Leap 42.3, openSUSE Leap 42.2 Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-5124 BugTraq ID: 101482 http://www.securityfocus.com/bid/101482 Debian Security Information: DSA-4020 (Google Search) https://www.debian.org/security/2017/dsa-4020 https://security.gentoo.org/glsa/201710-24 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://chromium.googlesource.com/chromium/src/+/4558c2885e618557a674660aff57404d25537070 https://crbug.com/762930 https://github.com/Bo0oM/CVE-2017-5124 https://www.reddit.com/r/netsec/comments/7cus2h/chrome_61_uxss_exploit_cve20175124/ RedHat Security Advisories: RHSA-2017:2997 https://access.redhat.com/errata/RHSA-2017:2997 Common Vulnerability Exposure (CVE) ID: CVE-2017-5125 https://crbug.com/749147 Common Vulnerability Exposure (CVE) ID: CVE-2017-5126 https://crbug.com/760455 Common Vulnerability Exposure (CVE) ID: CVE-2017-5127 https://crbug.com/765384 Common Vulnerability Exposure (CVE) ID: CVE-2017-5128 https://crbug.com/765469 Common Vulnerability Exposure (CVE) ID: CVE-2017-5129 https://crbug.com/765495 Common Vulnerability Exposure (CVE) ID: CVE-2017-5130 http://bugzilla.gnome.org/show_bug.cgi?id=783026 https://crbug.com/722079 https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed https://www.oracle.com/security-alerts/cpuapr2020.html https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html Common Vulnerability Exposure (CVE) ID: CVE-2017-5131 https://crbug.com/744109 Common Vulnerability Exposure (CVE) ID: CVE-2017-5132 https://crbug.com/718858 Common Vulnerability Exposure (CVE) ID: CVE-2017-5133 https://crbug.com/762106 |
Copyright | Copyright (C) 2017 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |