Executive Summary
Summary | |
---|---|
Title | chromium-browser security update |
Informations | |||
---|---|---|---|
Name | DSA-3507 | First vendor Publication | 2016-03-05 |
Vendor | Debian | Last vendor Modification | 2016-03-05 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-8126 Joerg Bornemann discovered multiple buffer overflow issues in the libpng library. CVE-2016-1630 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in Blink/Webkit. CVE-2016-1631 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the Pepper Plugin API. CVE-2016-1632 A bad cast was discovered. CVE-2016-1633 cloudfuzzer discovered a use-after-free issue in Blink/Webkit. CVE-2016-1634 cloudfuzzer discovered a use-after-free issue in Blink/Webkit. CVE-2016-1635 Rob Wu discovered a use-after-free issue in Blink/Webkit. CVE-2016-1636 A way to bypass SubResource Integrity validation was discovered. CVE-2016-1637 Keve Nagy discovered an information leak in the skia library. CVE-2016-1638 Rob Wu discovered a WebAPI bypass issue. CVE-2016-1639 Khalil Zhani discovered a use-after-free issue in the WebRTC implementation. CVE-2016-1640 Luan Herrera discovered an issue with the Extensions user interface. CVE-2016-1641 Atte Kettunen discovered a use-after-free issue in the handling of favorite icons. CVE-2016-1642 The chrome 49 development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the v8 javascript library, version 4.9.385.26. For the stable distribution (jessie), these problems have been fixed in version 49.0.2623.75-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 49.0.2623.75-1. We recommend that you upgrade your chromium-browser packages. |
Original Source
Url : http://www.debian.org/security/2016/dsa-3507 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
12 % | CWE-284 | Access Control (Authorization) Issues |
12 % | CWE-200 | Information Exposure |
12 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
12 % | CWE-17 | Code |
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-11-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201611-08.nasl - Type : ACT_GATHER_INFO |
2016-07-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-1430.nasl - Type : ACT_GATHER_INFO |
2016-06-23 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-754.nasl - Type : ACT_GATHER_INFO |
2016-06-02 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL76930736.nasl - Type : ACT_GATHER_INFO |
2016-05-26 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL81903701.nasl - Type : ACT_GATHER_INFO |
2016-03-23 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-664.nasl - Type : ACT_GATHER_INFO |
2016-03-22 | Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit... File : macosx_SecUpd2016-002.nasl - Type : ACT_GATHER_INFO |
2016-03-22 | Name : The remote Mac OS X host is affected by multiple vulnerabilities. File : macosx_10_11_4.nasl - Type : ACT_GATHER_INFO |
2016-03-17 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0776-1.nasl - Type : ACT_GATHER_INFO |
2016-03-16 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0770-1.nasl - Type : ACT_GATHER_INFO |
2016-03-14 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-330.nasl - Type : ACT_GATHER_INFO |
2016-03-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201603-09.nasl - Type : ACT_GATHER_INFO |
2016-03-11 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2920-1.nasl - Type : ACT_GATHER_INFO |
2016-03-10 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-316.nasl - Type : ACT_GATHER_INFO |
2016-03-09 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0665-1.nasl - Type : ACT_GATHER_INFO |
2016-03-07 | Name : The remote openSUSE host is missing a security update. File : suse_42_1_4789-160306.nasl - Type : ACT_GATHER_INFO |
2016-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0359.nasl - Type : ACT_GATHER_INFO |
2016-03-07 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_f85fa236e2a6412eb5c7c42120892de5.nasl - Type : ACT_GATHER_INFO |
2016-03-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3507.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2016-43735c33a7.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-13668fff74.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-1d87313b7c.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-233750b6ab.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-3461e976cb.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-39499d9af8.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-4ad4998d00.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-501493d853.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-5e52306c9c.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-8a1243db75.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-97fc1797fa.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0636-1.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_49_0_2623_75.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : google_chrome_49_0_2623_75.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2016-9a1c707b10.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-ec2ddd15d7.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-c80ec85542.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-ac8100927a.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-8c475f7169.nasl - Type : ACT_GATHER_INFO |
2016-03-01 | Name : The remote AIX host has a version of Java SDK installed that is affected by m... File : aix_java_jan2016_advisory.nasl - Type : ACT_GATHER_INFO |
2016-02-12 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0433-1.nasl - Type : ACT_GATHER_INFO |
2016-02-12 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0431-1.nasl - Type : ACT_GATHER_INFO |
2016-02-11 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0390-1.nasl - Type : ACT_GATHER_INFO |
2016-02-05 | Name : The remote Debian host is missing a security update. File : debian_DLA-410.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-115.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0101.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0100.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0099.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0098.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-110.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-107.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-106.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-105.nasl - Type : ACT_GATHER_INFO |
2016-01-29 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0269-1.nasl - Type : ACT_GATHER_INFO |
2016-01-29 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0265-1.nasl - Type : ACT_GATHER_INFO |
2016-01-28 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0256-1.nasl - Type : ACT_GATHER_INFO |
2016-01-25 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-31.nasl - Type : ACT_GATHER_INFO |
2016-01-25 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-30.nasl - Type : ACT_GATHER_INFO |
2016-01-25 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-28.nasl - Type : ACT_GATHER_INFO |
2016-01-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0057.nasl - Type : ACT_GATHER_INFO |
2016-01-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0055.nasl - Type : ACT_GATHER_INFO |
2016-01-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0056.nasl - Type : ACT_GATHER_INFO |
2016-01-21 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_jan_2016_unix.nasl - Type : ACT_GATHER_INFO |
2016-01-21 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_jan_2016.nasl - Type : ACT_GATHER_INFO |
2016-01-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3443.nasl - Type : ACT_GATHER_INFO |
2016-01-12 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0061-1.nasl - Type : ACT_GATHER_INFO |
2016-01-12 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0050-1.nasl - Type : ACT_GATHER_INFO |
2016-01-12 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0041-1.nasl - Type : ACT_GATHER_INFO |
2016-01-12 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0027-1.nasl - Type : ACT_GATHER_INFO |
2015-12-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20151209_libpng_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2015-12-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20151209_libpng12_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2015-12-17 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-902.nasl - Type : ACT_GATHER_INFO |
2015-12-17 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-904.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-2594.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-2595.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-2596.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-2594.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-2595.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-2596.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2594.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2595.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2596.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20151209_libpng_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2015-0153.nasl - Type : ACT_GATHER_INFO |
2015-12-04 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2015-337-01.nasl - Type : ACT_GATHER_INFO |
2015-11-30 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-825.nasl - Type : ACT_GATHER_INFO |
2015-11-30 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-801.nasl - Type : ACT_GATHER_INFO |
2015-11-30 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-802.nasl - Type : ACT_GATHER_INFO |
2015-11-30 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-826.nasl - Type : ACT_GATHER_INFO |
2015-11-24 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-611.nasl - Type : ACT_GATHER_INFO |
2015-11-20 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2815-1.nasl - Type : ACT_GATHER_INFO |
2015-11-19 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2024-1.nasl - Type : ACT_GATHER_INFO |
2015-11-19 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2017-1.nasl - Type : ACT_GATHER_INFO |
2015-11-19 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-2013-1.nasl - Type : ACT_GATHER_INFO |
2015-11-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3399.nasl - Type : ACT_GATHER_INFO |
2015-11-18 | Name : The remote Debian host is missing a security update. File : debian_DLA-343.nasl - Type : ACT_GATHER_INFO |
2015-11-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_1886e1958b8711e590e7b499baebfeaf.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-03-09 00:28:36 |
|
2016-03-08 21:28:02 |
|
2016-03-08 13:26:07 |
|
2016-03-08 09:29:36 |
|
2016-03-08 00:28:33 |
|
2016-03-07 21:28:38 |
|
2016-03-06 09:28:53 |
|
2016-03-06 00:28:46 |
|
2016-03-06 00:23:51 |
|