Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.842619 |
Kategorie: | Ubuntu Local Security Checks |
Titel: | Ubuntu Update for oxide-qt USN-2877-1 |
Zusammenfassung: | The remote host is missing an update for the 'oxide-qt'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'oxide-qt' package(s) announced via the referenced advisory. Vulnerability Insight: A bad cast was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2016-1612) An issue was discovered when initializing the UnacceleratedImageBufferSurface class in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information. (CVE-2016-1614) An issue was discovered with the CSP implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to determine whether specific HSTS sites had been visited by reading a CSP report. (CVE-2016-1617) An issue was discovered with random number generator in Blink. An attacker could potentially exploit this to defeat cryptographic protection mechanisms. (CVE-2016-1618) Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2016-1620) Multiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2016-2051) Multiple security issues were discovered in Harfbuzz. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2016-2052) Affected Software/OS: oxide-qt on Ubuntu 15.10, Ubuntu 15.04, Ubuntu 14.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-1612 BugTraq ID: 81431 http://www.securityfocus.com/bid/81431 Debian Security Information: DSA-3456 (Google Search) http://www.debian.org/security/2016/dsa-3456 https://security.gentoo.org/glsa/201603-09 RedHat Security Advisories: RHSA-2016:0072 http://rhn.redhat.com/errata/RHSA-2016-0072.html http://www.securitytracker.com/id/1034801 SuSE Security Announcement: openSUSE-SU-2016:0249 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00035.html SuSE Security Announcement: openSUSE-SU-2016:0250 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00036.html SuSE Security Announcement: openSUSE-SU-2016:0271 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00046.html http://www.ubuntu.com/usn/USN-2877-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-1614 BugTraq ID: 81430 http://www.securityfocus.com/bid/81430 Common Vulnerability Exposure (CVE) ID: CVE-2016-1617 Common Vulnerability Exposure (CVE) ID: CVE-2016-1618 Common Vulnerability Exposure (CVE) ID: CVE-2016-1620 Common Vulnerability Exposure (CVE) ID: CVE-2016-2051 Common Vulnerability Exposure (CVE) ID: CVE-2016-2052 BugTraq ID: 81812 http://www.securityfocus.com/bid/81812 https://security.gentoo.org/glsa/201701-76 SuSE Security Announcement: openSUSE-SU-2016:2082 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00070.html http://www.ubuntu.com/usn/USN-3067-1 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |