Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.842619 |
Categoría: | Ubuntu Local Security Checks |
Título: | Ubuntu Update for oxide-qt USN-2877-1 |
Resumen: | The remote host is missing an update for the 'oxide-qt'; package(s) announced via the referenced advisory. |
Descripción: | Summary: The remote host is missing an update for the 'oxide-qt' package(s) announced via the referenced advisory. Vulnerability Insight: A bad cast was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2016-1612) An issue was discovered when initializing the UnacceleratedImageBufferSurface class in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information. (CVE-2016-1614) An issue was discovered with the CSP implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to determine whether specific HSTS sites had been visited by reading a CSP report. (CVE-2016-1617) An issue was discovered with random number generator in Blink. An attacker could potentially exploit this to defeat cryptographic protection mechanisms. (CVE-2016-1618) Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2016-1620) Multiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2016-2051) Multiple security issues were discovered in Harfbuzz. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2016-2052) Affected Software/OS: oxide-qt on Ubuntu 15.10, Ubuntu 15.04, Ubuntu 14.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-1612 BugTraq ID: 81431 http://www.securityfocus.com/bid/81431 Debian Security Information: DSA-3456 (Google Search) http://www.debian.org/security/2016/dsa-3456 https://security.gentoo.org/glsa/201603-09 RedHat Security Advisories: RHSA-2016:0072 http://rhn.redhat.com/errata/RHSA-2016-0072.html http://www.securitytracker.com/id/1034801 SuSE Security Announcement: openSUSE-SU-2016:0249 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00035.html SuSE Security Announcement: openSUSE-SU-2016:0250 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00036.html SuSE Security Announcement: openSUSE-SU-2016:0271 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00046.html http://www.ubuntu.com/usn/USN-2877-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-1614 BugTraq ID: 81430 http://www.securityfocus.com/bid/81430 Common Vulnerability Exposure (CVE) ID: CVE-2016-1617 Common Vulnerability Exposure (CVE) ID: CVE-2016-1618 Common Vulnerability Exposure (CVE) ID: CVE-2016-1620 Common Vulnerability Exposure (CVE) ID: CVE-2016-2051 Common Vulnerability Exposure (CVE) ID: CVE-2016-2052 BugTraq ID: 81812 http://www.securityfocus.com/bid/81812 https://security.gentoo.org/glsa/201701-76 SuSE Security Announcement: openSUSE-SU-2016:2082 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00070.html http://www.ubuntu.com/usn/USN-3067-1 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |