Executive Summary
Summary | |
---|---|
Title | Oxide vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-2345-1 | First vendor Publication | 2014-10-14 |
Vendor | Ubuntu | Last vendor Modification | 2014-10-14 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Oxide. Software Description: - oxide-qt: Web browser engine library for Qt (QML plugin) Details: Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3178, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192) Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-3179, CVE-2014-3200) It was discovered that Chromium did not properly handle the interaction of IPC and V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-3188) A use-after-free was discovered in the web workers implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via applicatin crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-3194) It was discovered that V8 did not correctly handle Javascript heap allocations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal sensitive information. (CVE-2014-3195) It was discovered that Blink did not properly provide substitute data for pages blocked by the XSS auditor. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to steal sensitive information. (CVE-2014-3197) It was discovered that the wrap function for Event's in the V8 bindings in Blink produced an erroneous result in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service by stopping a worker process that was handling an Event object. (CVE-2014-3199) Multiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7967) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: In general, a standard system update will make all the necessary changes. References: Package Information: |
Original Source
Url : http://www.ubuntu.com/usn/USN-2345-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-416 | Use After Free |
25 % | CWE-399 | Resource Management Errors |
12 % | CWE-264 | Permissions, Privileges, and Access Controls |
12 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:26960 | |||
Oval ID: | oval:org.mitre.oval:def:26960 | ||
Title: | DSA-3039-1 chromium-browser - security update | ||
Description: | Several vulnerabilities were discovered in the chromium web browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3039-1 CVE-2014-3160 CVE-2014-3162 CVE-2014-3165 CVE-2014-3166 CVE-2014-3167 CVE-2014-3168 CVE-2014-3169 CVE-2014-3170 CVE-2014-3171 CVE-2014-3172 CVE-2014-3173 CVE-2014-3174 CVE-2014-3175 CVE-2014-3176 CVE-2014-3177 CVE-2014-3178 CVE-2014-3179 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | chromium-browser |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27038 | |||
Oval ID: | oval:org.mitre.oval:def:27038 | ||
Title: | USN-2345-1 -- Oxide vulnerabilities | ||
Description: | Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3178">CVE-2014-3178</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3190">CVE-2014-3190</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3191">CVE-2014-3191</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3192">CVE-2014-3192</a>) Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3179">CVE-2014-3179</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3200">CVE-2014-3200</a>) It was discovered that Chromium did not properly handle the interaction of IPC and V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the program. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3188">CVE-2014-3188</a>) A use-after-free was discovered in the web workers implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via applicatin crash or execute arbitrary code with the privileges of the user invoking the program. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3194">CVE-2014-3194</a>) It was discovered that V8 did not correctly handle Javascript heap allocations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal sensitive information. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3195">CVE-2014-3195</a>) It was discovered that Blink did not properly provide substitute data for pages blocked by the XSS auditor. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to steal sensitive information. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3197">CVE-2014-3197</a>) It was discovered that the wrap function for Event's in the V8 bindings in Blink produced an erroneous result in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service by stopping a worker process that was handling an Event object. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3199">CVE-2014-3199</a>) Multiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7967">CVE-2014-7967</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2345-1 CVE-2014-3178 CVE-2014-3190 CVE-2014-3191 CVE-2014-3192 CVE-2014-3179 CVE-2014-3200 CVE-2014-3188 CVE-2014-3194 CVE-2014-3195 CVE-2014-3197 CVE-2014-3199 CVE-2014-7967 | Version: | 3 |
Platform(s): | Ubuntu 14.04 | Product(s): | oxide-qt |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27125 | |||
Oval ID: | oval:org.mitre.oval:def:27125 | ||
Title: | RHSA-2014:1626: chromium-browser security update (Critical) | ||
Description: | Chromium is an open-source web browser, powered by WebKit (Blink). Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. (CVE-2014-3188, CVE-2014-3189, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192, CVE-2014-3193, CVE-2014-3194, CVE-2014-3199, CVE-2014-3200) Several information leak flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to disclose potentially sensitive information. (CVE-2014-3195, CVE-2014-3197, CVE-2014-3198) All Chromium users should upgrade to these updated packages, which contain Chromium version 38.0.2125.101, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1626-00 CVE-2014-3188 CVE-2014-3189 CVE-2014-3190 CVE-2014-3191 CVE-2014-3192 CVE-2014-3193 CVE-2014-3194 CVE-2014-3195 CVE-2014-3197 CVE-2014-3198 CVE-2014-3199 CVE-2014-3200 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | chromium-browser |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-10-26 | Name : The remote host contains an application that is affected by multiple vulnerab... File : itunes_12_2_0_banner.nasl - Type : ACT_GATHER_INFO |
2015-07-03 | Name : The remote host contains an application that is affected by multiple vulnerab... File : itunes_12_2_0.nasl - Type : ACT_GATHER_INFO |
2015-02-03 | Name : The remote device is affected by multiple vulnerabilities. File : appletv_7_0_3.nasl - Type : ACT_GATHER_INFO |
2015-01-29 | Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit... File : macosx_10_10_2.nasl - Type : ACT_GATHER_INFO |
2015-01-28 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : macosx_Safari8_0_3.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-13.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-634.nasl - Type : ACT_GATHER_INFO |
2014-10-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2345-1.nasl - Type : ACT_GATHER_INFO |
2014-10-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1626.nasl - Type : ACT_GATHER_INFO |
2014-10-09 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d2bbcc014ec311e4ab3f00262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-10-07 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : macosx_google_chrome_38_0_2125_101.nasl - Type : ACT_GATHER_INFO |
2014-10-07 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_38_0_2125_101.nasl - Type : ACT_GATHER_INFO |
2014-09-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3039.nasl - Type : ACT_GATHER_INFO |
2014-09-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201409-06.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_37_0_2062_120.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_36a415c8386711e4b52200262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_37_0_2062_120.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-10-16 13:25:52 |
|
2014-10-14 21:23:13 |
|