English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.852166
Categoría:SuSE Local Security Checks
Título:openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:4056-1)
Resumen:The remote host is missing an update for the 'Chromium'; package(s) announced via the openSUSE-SU-2018:4056-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'Chromium'
package(s) announced via the openSUSE-SU-2018:4056-1 advisory.

Vulnerability Insight:
This update to Chromium version 71.0.3578.80
fixes security issues and bugs.

Security issues fixed (boo#1118529):

- CVE-2018-17480: Out of bounds write in V8

- CVE-2018-17481: Use after frees in PDFium

- CVE-2018-18335: Heap buffer overflow in Skia

- CVE-2018-18336: Use after free in PDFium

- CVE-2018-18337: Use after free in Blink

- CVE-2018-18338: Heap buffer overflow in Canvas

- CVE-2018-18339: Use after free in WebAudio

- CVE-2018-18340: Use after free in MediaRecorder

- CVE-2018-18341: Heap buffer overflow in Blink

- CVE-2018-18342: Out of bounds write in V8

- CVE-2018-18343: Use after free in Skia

- CVE-2018-18344: Inappropriate implementation in Extensions

- Multiple issues in SQLite via WebSQL

- CVE-2018-18345: Inappropriate implementation in Site Isolation

- CVE-2018-18346: Incorrect security UI in Blink

- CVE-2018-18347: Inappropriate implementation in Navigation

- CVE-2018-18348: Inappropriate implementation in Omnibox

- CVE-2018-18349: Insufficient policy enforcement in Blink

- CVE-2018-18350: Insufficient policy enforcement in Blink

- CVE-2018-18351: Insufficient policy enforcement in Navigation

- CVE-2018-18352: Inappropriate implementation in Media

- CVE-2018-18353: Inappropriate implementation in Network Authentication

- CVE-2018-18354: Insufficient data validation in Shell Integration

- CVE-2018-18355: Insufficient policy enforcement in URL Formatter

- CVE-2018-18356: Use after free in Skia

- CVE-2018-18357: Insufficient policy enforcement in URL Formatter

- CVE-2018-18358: Insufficient policy enforcement in Proxy

- CVE-2018-18359: Out of bounds read in V8

- Inappropriate implementation in PDFium

- Use after free in Extensions

- Inappropriate implementation in Navigation

- Insufficient policy enforcement in Navigation

- Insufficient policy enforcement in URL Formatter

- Various fixes from internal audits, fuzzing and other initiatives

The following changes are included:

- advertisements posing as error messages are now blocked

- Automatic playing of content at page load mostly disabled

- New JavaScript API for relative time display

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended
installation methods
like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2018-1521=1

- openSUSE Backports SLE-15:

zypper in -t patch openSUSE-2018-1521=1

Affected Software/OS:
Chromium on openSUSE Leap 15.0.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-17480
Common Vulnerability Exposure (CVE) ID: CVE-2018-17481
Common Vulnerability Exposure (CVE) ID: CVE-2018-18335
Common Vulnerability Exposure (CVE) ID: CVE-2018-18336
Common Vulnerability Exposure (CVE) ID: CVE-2018-18337
Common Vulnerability Exposure (CVE) ID: CVE-2018-18338
Common Vulnerability Exposure (CVE) ID: CVE-2018-18339
Common Vulnerability Exposure (CVE) ID: CVE-2018-18340
Common Vulnerability Exposure (CVE) ID: CVE-2018-18341
Common Vulnerability Exposure (CVE) ID: CVE-2018-18342
Common Vulnerability Exposure (CVE) ID: CVE-2018-18343
Common Vulnerability Exposure (CVE) ID: CVE-2018-18344
Common Vulnerability Exposure (CVE) ID: CVE-2018-18345
Common Vulnerability Exposure (CVE) ID: CVE-2018-18346
Common Vulnerability Exposure (CVE) ID: CVE-2018-18347
Common Vulnerability Exposure (CVE) ID: CVE-2018-18348
Common Vulnerability Exposure (CVE) ID: CVE-2018-18349
Common Vulnerability Exposure (CVE) ID: CVE-2018-18350
Common Vulnerability Exposure (CVE) ID: CVE-2018-18351
Common Vulnerability Exposure (CVE) ID: CVE-2018-18352
Common Vulnerability Exposure (CVE) ID: CVE-2018-18353
Common Vulnerability Exposure (CVE) ID: CVE-2018-18354
Common Vulnerability Exposure (CVE) ID: CVE-2018-18355
Common Vulnerability Exposure (CVE) ID: CVE-2018-18356
Common Vulnerability Exposure (CVE) ID: CVE-2018-18357
Common Vulnerability Exposure (CVE) ID: CVE-2018-18358
Common Vulnerability Exposure (CVE) ID: CVE-2018-18359
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.