 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.704103 |
| Categoría: | Debian Local Security Checks |
| Título: | Debian: Security Advisory (DSA-4103-1) |
| Resumen: | The remote host is missing an update for the Debian 'chromium-browser' package(s) announced via the DSA-4103-1 advisory. |
| Descripción: | Summary: The remote host is missing an update for the Debian 'chromium-browser' package(s) announced via the DSA-4103-1 advisory. Vulnerability Insight: Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-15420 Drew Springall discovered a URL spoofing issue. CVE-2017-15429 A cross-site scripting issue was discovered in the v8 javascript library. CVE-2018-6031 A use-after-free issue was discovered in the pdfium library. CVE-2018-6032 Jun Kokatsu discovered a way to bypass the same origin policy. CVE-2018-6033 Juho Nurminen discovered a race condition when opening downloaded files. CVE-2018-6034 Tobias Klein discovered an integer overflow issue. CVE-2018-6035 Rob Wu discovered a way for extensions to access devtools. CVE-2018-6036 UK's National Cyber Security Centre discovered an integer overflow issue. CVE-2018-6037 Paul Stone discovered an issue in the autofill feature. CVE-2018-6038 cloudfuzzer discovered a buffer overflow issue. CVE-2018-6039 Juho Nurminen discovered a cross-site scripting issue in the developer tools. CVE-2018-6040 WenXu Wu discovered a way to bypass the content security policy. CVE-2018-6041 Luan Herrera discovered a URL spoofing issue. CVE-2018-6042 Khalil Zhani discovered a URL spoofing issue. CVE-2018-6043 A character escaping issue was discovered. CVE-2018-6045 Rob Wu discovered a way for extensions to access devtools. CVE-2018-6046 Rob Wu discovered a way for extensions to access devtools. CVE-2018-6047 Masato Kinugawa discovered an information leak issue. CVE-2018-6048 Jun Kokatsu discovered a way to bypass the referrer policy. CVE-2018-6049 WenXu Wu discovered a user interface spoofing issue. CVE-2018-6050 Jonathan Kew discovered a URL spoofing issue. CVE-2018-6051 Antonio Sanso discovered an information leak issue. CVE-2018-6052 Tanner Emek discovered that the referrer policy implementation was incomplete. CVE-2018-6053 Asset Kabdenov discovered an information leak issue. CVE-2018-6054 Rob Wu discovered a use-after-free issue. For the oldstable distribution (jessie), security support for chromium has been discontinued. For the stable distribution (stretch), these problems have been fixed in version 64.0.3282.119-1~ deb9u1. We recommend that you upgrade your chromium-browser packages. For the detailed security status of chromium-browser please refer to its security tracker page at: [link moved to references] Affected Software/OS: 'chromium-browser' package(s) on Debian 9. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-15420 Debian Security Information: DSA-4064 (Google Search) https://www.debian.org/security/2017/dsa-4064 Debian Security Information: DSA-4103 (Google Search) https://www.debian.org/security/2018/dsa-4103 https://security.gentoo.org/glsa/201801-03 https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html https://crbug.com/777419 RedHat Security Advisories: RHSA-2017:3401 https://access.redhat.com/errata/RHSA-2017:3401 http://www.securitytracker.com/id/1040282 Common Vulnerability Exposure (CVE) ID: CVE-2017-15429 BugTraq ID: 102196 http://www.securityfocus.com/bid/102196 https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop_14.html https://crbug.com/788453 RedHat Security Advisories: RHSA-2017:3479 https://access.redhat.com/errata/RHSA-2017:3479 Common Vulnerability Exposure (CVE) ID: CVE-2018-6031 BugTraq ID: 102797 http://www.securityfocus.com/bid/102797 RedHat Security Advisories: RHSA-2018:0265 https://access.redhat.com/errata/RHSA-2018:0265 Common Vulnerability Exposure (CVE) ID: CVE-2018-6032 Common Vulnerability Exposure (CVE) ID: CVE-2018-6033 Common Vulnerability Exposure (CVE) ID: CVE-2018-6034 Common Vulnerability Exposure (CVE) ID: CVE-2018-6035 Common Vulnerability Exposure (CVE) ID: CVE-2018-6036 Common Vulnerability Exposure (CVE) ID: CVE-2018-6037 Common Vulnerability Exposure (CVE) ID: CVE-2018-6038 Common Vulnerability Exposure (CVE) ID: CVE-2018-6039 Common Vulnerability Exposure (CVE) ID: CVE-2018-6040 Common Vulnerability Exposure (CVE) ID: CVE-2018-6041 Common Vulnerability Exposure (CVE) ID: CVE-2018-6042 Common Vulnerability Exposure (CVE) ID: CVE-2018-6043 Common Vulnerability Exposure (CVE) ID: CVE-2018-6045 Common Vulnerability Exposure (CVE) ID: CVE-2018-6046 Common Vulnerability Exposure (CVE) ID: CVE-2018-6047 Common Vulnerability Exposure (CVE) ID: CVE-2018-6048 Common Vulnerability Exposure (CVE) ID: CVE-2018-6049 Common Vulnerability Exposure (CVE) ID: CVE-2018-6050 Common Vulnerability Exposure (CVE) ID: CVE-2018-6051 Common Vulnerability Exposure (CVE) ID: CVE-2018-6052 Common Vulnerability Exposure (CVE) ID: CVE-2018-6053 Common Vulnerability Exposure (CVE) ID: CVE-2018-6054 Common Vulnerability Exposure (CVE) ID: CVE-2018-6055 BugTraq ID: 105516 http://www.securityfocus.com/bid/105516 Common Vulnerability Exposure (CVE) ID: CVE-2018-6119 BugTraq ID: 105512 http://www.securityfocus.com/bid/105512 |
| Copyright | Copyright (C) 2018 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |