English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.703590
Kategorie:Debian Local Security Checks
Titel:Debian Security Advisory DSA 3590-1 (chromium-browser - security update)
Zusammenfassung:Several vulnerabilities have been;discovered in the chromium web browser.;;CVE-2016-1667;Mariusz Mylinski discovered a cross-origin bypass.;;CVE-2016-1668;Mariusz Mylinski discovered a cross-origin bypass in bindings to v8.;;CVE-2016-1669;Choongwoo Han discovered a buffer overflow in the v8 javascript;library.;;CVE-2016-1670;A race condition was found that could cause the renderer process;to reuse ids that should have been unique.;;CVE-2016-1672;Mariusz Mylinski discovered a cross-origin bypass in extension;bindings.;;CVE-2016-1673;Mariusz Mylinski discovered a cross-origin bypass in Blink/Webkit.;;CVE-2016-1674;Mariusz Mylinski discovered another cross-origin bypass in extension;bindings.;;CVE-2016-1675;Mariusz Mylinski discovered another cross-origin bypass in;Blink/Webkit.;;CVE-2016-1676;Rob Wu discovered a cross-origin bypass in extension bindings.;;CVE-2016-1677;Guang Gong discovered a type confusion issue in the v8 javascript;library.;;CVE-2016-1678;Christian Holler discovered an overflow issue in the v8 javascript;library.;;CVE-2016-1679;Rob Wu discovered a use-after-free issue in the bindings to v8.;;CVE-2016-1680;Atte Kettunen discovered a use-after-free issue in the skia library.;;CVE-2016-1681;Aleksandar Nikolic discovered an overflow issue in the pdfium;library.;;CVE-2016-1682;KingstonTime discovered a way to bypass the Content Security Policy.;;CVE-2016-1683;Nicolas Gregoire discovered an out-of-bounds write issue in the;libxslt library.;;CVE-2016-1684;Nicolas Gregoire discovered an integer overflow issue in the;libxslt library.;;CVE-2016-1685;Ke Liu discovered an out-of-bounds read issue in the pdfium library.;;CVE-2016-1686;Ke Liu discovered another out-of-bounds read issue in the pdfium;library.;;CVE-2016-1687;Rob Wu discovered an information leak in the handling of extensions.;;CVE-2016-1688;Max Korenko discovered an out-of-bounds read issue in the v8;javascript library.;;CVE-2016-1689;Rob Wu discovered a buffer overflow issue.;;CVE-2016-1690;Rob Wu discovered a use-after-free issue.;;CVE-2016-1691;Atte Kettunen discovered a buffer overflow issue in the skia library.;;CVE-2016-1692;Til Jasper Ullrich discovered a cross-origin bypass issue.;;CVE-2016-1693;Khalil Zhani discovered that the Software Removal Tool download was;done over an HTTP connection.;;CVE-2016-1694;Ryan Lester and Bryant Zadegan discovered that pinned public keys;would be removed when clearing the browser cache.;;CVE-2016-1695;The chrome development team found and fixed various issues during;internal auditing.
Beschreibung:Summary:
Several vulnerabilities have been
discovered in the chromium web browser.

CVE-2016-1667
Mariusz Mylinski discovered a cross-origin bypass.

CVE-2016-1668
Mariusz Mylinski discovered a cross-origin bypass in bindings to v8.

CVE-2016-1669
Choongwoo Han discovered a buffer overflow in the v8 javascript
library.

CVE-2016-1670
A race condition was found that could cause the renderer process
to reuse ids that should have been unique.

CVE-2016-1672
Mariusz Mylinski discovered a cross-origin bypass in extension
bindings.

CVE-2016-1673
Mariusz Mylinski discovered a cross-origin bypass in Blink/Webkit.

CVE-2016-1674
Mariusz Mylinski discovered another cross-origin bypass in extension
bindings.

CVE-2016-1675
Mariusz Mylinski discovered another cross-origin bypass in
Blink/Webkit.

CVE-2016-1676
Rob Wu discovered a cross-origin bypass in extension bindings.

CVE-2016-1677
Guang Gong discovered a type confusion issue in the v8 javascript
library.

CVE-2016-1678
Christian Holler discovered an overflow issue in the v8 javascript
library.

CVE-2016-1679
Rob Wu discovered a use-after-free issue in the bindings to v8.

CVE-2016-1680
Atte Kettunen discovered a use-after-free issue in the skia library.

CVE-2016-1681
Aleksandar Nikolic discovered an overflow issue in the pdfium
library.

CVE-2016-1682
KingstonTime discovered a way to bypass the Content Security Policy.

CVE-2016-1683
Nicolas Gregoire discovered an out-of-bounds write issue in the
libxslt library.

CVE-2016-1684
Nicolas Gregoire discovered an integer overflow issue in the
libxslt library.

CVE-2016-1685
Ke Liu discovered an out-of-bounds read issue in the pdfium library.

CVE-2016-1686
Ke Liu discovered another out-of-bounds read issue in the pdfium
library.

CVE-2016-1687
Rob Wu discovered an information leak in the handling of extensions.

CVE-2016-1688
Max Korenko discovered an out-of-bounds read issue in the v8
javascript library.

CVE-2016-1689
Rob Wu discovered a buffer overflow issue.

CVE-2016-1690
Rob Wu discovered a use-after-free issue.

CVE-2016-1691
Atte Kettunen discovered a buffer overflow issue in the skia library.

CVE-2016-1692
Til Jasper Ullrich discovered a cross-origin bypass issue.

CVE-2016-1693
Khalil Zhani discovered that the Software Removal Tool download was
done over an HTTP connection.

CVE-2016-1694
Ryan Lester and Bryant Zadegan discovered that pinned public keys
would be removed when clearing the browser cache.

CVE-2016-1695
The chrome development team found and fixed various issues during
internal auditing.

Affected Software/OS:
chromium-browser on Debian Linux

Solution:
For the stable distribution (jessie), these
problems have been fixed in version 51.0.2704.63-1~
deb8u1.

For the testing distribution (stretch), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 51.0.2704.63-1.

We recommend that you upgrade your chromium-browser packages.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-1667
BugTraq ID: 90584
http://www.securityfocus.com/bid/90584
Debian Security Information: DSA-3590 (Google Search)
http://www.debian.org/security/2016/dsa-3590
https://security.gentoo.org/glsa/201605-02
RedHat Security Advisories: RHSA-2016:1080
http://rhn.redhat.com/errata/RHSA-2016-1080.html
http://www.securitytracker.com/id/1035872
SuSE Security Announcement: openSUSE-SU-2016:1304 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html
SuSE Security Announcement: openSUSE-SU-2016:1319 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html
SuSE Security Announcement: openSUSE-SU-2016:1655 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html
http://www.ubuntu.com/usn/USN-2960-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1668
Common Vulnerability Exposure (CVE) ID: CVE-2016-1669
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/
RedHat Security Advisories: RHSA-2017:0002
http://rhn.redhat.com/errata/RHSA-2017-0002.html
RedHat Security Advisories: RHSA-2017:0879
https://access.redhat.com/errata/RHSA-2017:0879
RedHat Security Advisories: RHSA-2017:0880
https://access.redhat.com/errata/RHSA-2017:0880
RedHat Security Advisories: RHSA-2017:0881
https://access.redhat.com/errata/RHSA-2017:0881
RedHat Security Advisories: RHSA-2017:0882
https://access.redhat.com/errata/RHSA-2017:0882
RedHat Security Advisories: RHSA-2018:0336
https://access.redhat.com/errata/RHSA-2018:0336
SuSE Security Announcement: openSUSE-SU-2016:1834 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-07/msg00063.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-1670
Common Vulnerability Exposure (CVE) ID: CVE-2016-1672
BugTraq ID: 90876
http://www.securityfocus.com/bid/90876
https://security.gentoo.org/glsa/201607-07
RedHat Security Advisories: RHSA-2016:1190
https://access.redhat.com/errata/RHSA-2016:1190
http://www.securitytracker.com/id/1035981
SuSE Security Announcement: openSUSE-SU-2016:1430 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html
SuSE Security Announcement: openSUSE-SU-2016:1433 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html
SuSE Security Announcement: openSUSE-SU-2016:1496 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-1673
http://www.ubuntu.com/usn/USN-2992-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1674
Common Vulnerability Exposure (CVE) ID: CVE-2016-1675
Common Vulnerability Exposure (CVE) ID: CVE-2016-1676
Common Vulnerability Exposure (CVE) ID: CVE-2016-1677
Common Vulnerability Exposure (CVE) ID: CVE-2016-1678
Common Vulnerability Exposure (CVE) ID: CVE-2016-1679
Common Vulnerability Exposure (CVE) ID: CVE-2016-1680
Common Vulnerability Exposure (CVE) ID: CVE-2016-1681
Common Vulnerability Exposure (CVE) ID: CVE-2016-1682
Common Vulnerability Exposure (CVE) ID: CVE-2016-1683
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
BugTraq ID: 91826
http://www.securityfocus.com/bid/91826
Debian Security Information: DSA-3605 (Google Search)
http://www.debian.org/security/2016/dsa-3605
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
Common Vulnerability Exposure (CVE) ID: CVE-2016-1684
Common Vulnerability Exposure (CVE) ID: CVE-2016-1685
Common Vulnerability Exposure (CVE) ID: CVE-2016-1686
Common Vulnerability Exposure (CVE) ID: CVE-2016-1687
Common Vulnerability Exposure (CVE) ID: CVE-2016-1688
Common Vulnerability Exposure (CVE) ID: CVE-2016-1689
Common Vulnerability Exposure (CVE) ID: CVE-2016-1690
Common Vulnerability Exposure (CVE) ID: CVE-2016-1691
Common Vulnerability Exposure (CVE) ID: CVE-2016-1692
Common Vulnerability Exposure (CVE) ID: CVE-2016-1693
Common Vulnerability Exposure (CVE) ID: CVE-2016-1694
Common Vulnerability Exposure (CVE) ID: CVE-2016-1695
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.