Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.703590 |
Kategorie: | Debian Local Security Checks |
Titel: | Debian Security Advisory DSA 3590-1 (chromium-browser - security update) |
Zusammenfassung: | Several vulnerabilities have been;discovered in the chromium web browser.;;CVE-2016-1667;Mariusz Mylinski discovered a cross-origin bypass.;;CVE-2016-1668;Mariusz Mylinski discovered a cross-origin bypass in bindings to v8.;;CVE-2016-1669;Choongwoo Han discovered a buffer overflow in the v8 javascript;library.;;CVE-2016-1670;A race condition was found that could cause the renderer process;to reuse ids that should have been unique.;;CVE-2016-1672;Mariusz Mylinski discovered a cross-origin bypass in extension;bindings.;;CVE-2016-1673;Mariusz Mylinski discovered a cross-origin bypass in Blink/Webkit.;;CVE-2016-1674;Mariusz Mylinski discovered another cross-origin bypass in extension;bindings.;;CVE-2016-1675;Mariusz Mylinski discovered another cross-origin bypass in;Blink/Webkit.;;CVE-2016-1676;Rob Wu discovered a cross-origin bypass in extension bindings.;;CVE-2016-1677;Guang Gong discovered a type confusion issue in the v8 javascript;library.;;CVE-2016-1678;Christian Holler discovered an overflow issue in the v8 javascript;library.;;CVE-2016-1679;Rob Wu discovered a use-after-free issue in the bindings to v8.;;CVE-2016-1680;Atte Kettunen discovered a use-after-free issue in the skia library.;;CVE-2016-1681;Aleksandar Nikolic discovered an overflow issue in the pdfium;library.;;CVE-2016-1682;KingstonTime discovered a way to bypass the Content Security Policy.;;CVE-2016-1683;Nicolas Gregoire discovered an out-of-bounds write issue in the;libxslt library.;;CVE-2016-1684;Nicolas Gregoire discovered an integer overflow issue in the;libxslt library.;;CVE-2016-1685;Ke Liu discovered an out-of-bounds read issue in the pdfium library.;;CVE-2016-1686;Ke Liu discovered another out-of-bounds read issue in the pdfium;library.;;CVE-2016-1687;Rob Wu discovered an information leak in the handling of extensions.;;CVE-2016-1688;Max Korenko discovered an out-of-bounds read issue in the v8;javascript library.;;CVE-2016-1689;Rob Wu discovered a buffer overflow issue.;;CVE-2016-1690;Rob Wu discovered a use-after-free issue.;;CVE-2016-1691;Atte Kettunen discovered a buffer overflow issue in the skia library.;;CVE-2016-1692;Til Jasper Ullrich discovered a cross-origin bypass issue.;;CVE-2016-1693;Khalil Zhani discovered that the Software Removal Tool download was;done over an HTTP connection.;;CVE-2016-1694;Ryan Lester and Bryant Zadegan discovered that pinned public keys;would be removed when clearing the browser cache.;;CVE-2016-1695;The chrome development team found and fixed various issues during;internal auditing. |
Beschreibung: | Summary: Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1667 Mariusz Mylinski discovered a cross-origin bypass. CVE-2016-1668 Mariusz Mylinski discovered a cross-origin bypass in bindings to v8. CVE-2016-1669 Choongwoo Han discovered a buffer overflow in the v8 javascript library. CVE-2016-1670 A race condition was found that could cause the renderer process to reuse ids that should have been unique. CVE-2016-1672 Mariusz Mylinski discovered a cross-origin bypass in extension bindings. CVE-2016-1673 Mariusz Mylinski discovered a cross-origin bypass in Blink/Webkit. CVE-2016-1674 Mariusz Mylinski discovered another cross-origin bypass in extension bindings. CVE-2016-1675 Mariusz Mylinski discovered another cross-origin bypass in Blink/Webkit. CVE-2016-1676 Rob Wu discovered a cross-origin bypass in extension bindings. CVE-2016-1677 Guang Gong discovered a type confusion issue in the v8 javascript library. CVE-2016-1678 Christian Holler discovered an overflow issue in the v8 javascript library. CVE-2016-1679 Rob Wu discovered a use-after-free issue in the bindings to v8. CVE-2016-1680 Atte Kettunen discovered a use-after-free issue in the skia library. CVE-2016-1681 Aleksandar Nikolic discovered an overflow issue in the pdfium library. CVE-2016-1682 KingstonTime discovered a way to bypass the Content Security Policy. CVE-2016-1683 Nicolas Gregoire discovered an out-of-bounds write issue in the libxslt library. CVE-2016-1684 Nicolas Gregoire discovered an integer overflow issue in the libxslt library. CVE-2016-1685 Ke Liu discovered an out-of-bounds read issue in the pdfium library. CVE-2016-1686 Ke Liu discovered another out-of-bounds read issue in the pdfium library. CVE-2016-1687 Rob Wu discovered an information leak in the handling of extensions. CVE-2016-1688 Max Korenko discovered an out-of-bounds read issue in the v8 javascript library. CVE-2016-1689 Rob Wu discovered a buffer overflow issue. CVE-2016-1690 Rob Wu discovered a use-after-free issue. CVE-2016-1691 Atte Kettunen discovered a buffer overflow issue in the skia library. CVE-2016-1692 Til Jasper Ullrich discovered a cross-origin bypass issue. CVE-2016-1693 Khalil Zhani discovered that the Software Removal Tool download was done over an HTTP connection. CVE-2016-1694 Ryan Lester and Bryant Zadegan discovered that pinned public keys would be removed when clearing the browser cache. CVE-2016-1695 The chrome development team found and fixed various issues during internal auditing. Affected Software/OS: chromium-browser on Debian Linux Solution: For the stable distribution (jessie), these problems have been fixed in version 51.0.2704.63-1~ deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 51.0.2704.63-1. We recommend that you upgrade your chromium-browser packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-1667 BugTraq ID: 90584 http://www.securityfocus.com/bid/90584 Debian Security Information: DSA-3590 (Google Search) http://www.debian.org/security/2016/dsa-3590 https://security.gentoo.org/glsa/201605-02 RedHat Security Advisories: RHSA-2016:1080 http://rhn.redhat.com/errata/RHSA-2016-1080.html http://www.securitytracker.com/id/1035872 SuSE Security Announcement: openSUSE-SU-2016:1304 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html SuSE Security Announcement: openSUSE-SU-2016:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html SuSE Security Announcement: openSUSE-SU-2016:1655 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html http://www.ubuntu.com/usn/USN-2960-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-1668 Common Vulnerability Exposure (CVE) ID: CVE-2016-1669 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/ RedHat Security Advisories: RHSA-2017:0002 http://rhn.redhat.com/errata/RHSA-2017-0002.html RedHat Security Advisories: RHSA-2017:0879 https://access.redhat.com/errata/RHSA-2017:0879 RedHat Security Advisories: RHSA-2017:0880 https://access.redhat.com/errata/RHSA-2017:0880 RedHat Security Advisories: RHSA-2017:0881 https://access.redhat.com/errata/RHSA-2017:0881 RedHat Security Advisories: RHSA-2017:0882 https://access.redhat.com/errata/RHSA-2017:0882 RedHat Security Advisories: RHSA-2018:0336 https://access.redhat.com/errata/RHSA-2018:0336 SuSE Security Announcement: openSUSE-SU-2016:1834 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-07/msg00063.html Common Vulnerability Exposure (CVE) ID: CVE-2016-1670 Common Vulnerability Exposure (CVE) ID: CVE-2016-1672 BugTraq ID: 90876 http://www.securityfocus.com/bid/90876 https://security.gentoo.org/glsa/201607-07 RedHat Security Advisories: RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190 http://www.securitytracker.com/id/1035981 SuSE Security Announcement: openSUSE-SU-2016:1430 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html SuSE Security Announcement: openSUSE-SU-2016:1433 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html SuSE Security Announcement: openSUSE-SU-2016:1496 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2016-1673 http://www.ubuntu.com/usn/USN-2992-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-1674 Common Vulnerability Exposure (CVE) ID: CVE-2016-1675 Common Vulnerability Exposure (CVE) ID: CVE-2016-1676 Common Vulnerability Exposure (CVE) ID: CVE-2016-1677 Common Vulnerability Exposure (CVE) ID: CVE-2016-1678 Common Vulnerability Exposure (CVE) ID: CVE-2016-1679 Common Vulnerability Exposure (CVE) ID: CVE-2016-1680 Common Vulnerability Exposure (CVE) ID: CVE-2016-1681 Common Vulnerability Exposure (CVE) ID: CVE-2016-1682 Common Vulnerability Exposure (CVE) ID: CVE-2016-1683 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html BugTraq ID: 91826 http://www.securityfocus.com/bid/91826 Debian Security Information: DSA-3605 (Google Search) http://www.debian.org/security/2016/dsa-3605 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/ Common Vulnerability Exposure (CVE) ID: CVE-2016-1684 Common Vulnerability Exposure (CVE) ID: CVE-2016-1685 Common Vulnerability Exposure (CVE) ID: CVE-2016-1686 Common Vulnerability Exposure (CVE) ID: CVE-2016-1687 Common Vulnerability Exposure (CVE) ID: CVE-2016-1688 Common Vulnerability Exposure (CVE) ID: CVE-2016-1689 Common Vulnerability Exposure (CVE) ID: CVE-2016-1690 Common Vulnerability Exposure (CVE) ID: CVE-2016-1691 Common Vulnerability Exposure (CVE) ID: CVE-2016-1692 Common Vulnerability Exposure (CVE) ID: CVE-2016-1693 Common Vulnerability Exposure (CVE) ID: CVE-2016-1694 Common Vulnerability Exposure (CVE) ID: CVE-2016-1695 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |