Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.703376
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 3376-1 (chromium-browser - security update)
Summary:Several vulnerabilities have been;discovered in the chromium web browser.;;CVE-2015-1303;Mariusz Mlynski discovered a way to bypass the Same Origin Policy;in the DOM implementation.;;CVE-2015-1304;Mariusz Mlynski discovered a way to bypass the Same Origin Policy;in the v8 javascript library.;;CVE-2015-6755;Mariusz Mlynski discovered a way to bypass the Same Origin Policy;in blink/webkit.;;CVE-2015-6756;A use-after-free issue was found in the pdfium library.;;CVE-2015-6757;Collin Payne found a use-after-free issue in the ServiceWorker;implementation.;;CVE-2015-6758;Atte Kettunen found an issue in the pdfium library.;;CVE-2015-6759;Muneaki Nishimura discovered an information leak.;;CVE-2015-6760;Ronald Crane discovered a logic error in the ANGLE library;involving lost device events.;;CVE-2015-6761;Aki Helin and Khalil Zhani discovered a memory corruption issue in;the ffmpeg library.;;CVE-2015-6762;Muneaki Nishimura discovered a way to bypass the Same Origin Policy;in the CSS implementation.;;CVE-2015-6763;The chrome 46 development team found and fixed various issues;during internal auditing. Also multiple issues were fixed in;the v8 javascript library, version 4.6.85.23.
Description:Summary:
Several vulnerabilities have been
discovered in the chromium web browser.

CVE-2015-1303
Mariusz Mlynski discovered a way to bypass the Same Origin Policy
in the DOM implementation.

CVE-2015-1304
Mariusz Mlynski discovered a way to bypass the Same Origin Policy
in the v8 javascript library.

CVE-2015-6755
Mariusz Mlynski discovered a way to bypass the Same Origin Policy
in blink/webkit.

CVE-2015-6756
A use-after-free issue was found in the pdfium library.

CVE-2015-6757
Collin Payne found a use-after-free issue in the ServiceWorker
implementation.

CVE-2015-6758
Atte Kettunen found an issue in the pdfium library.

CVE-2015-6759
Muneaki Nishimura discovered an information leak.

CVE-2015-6760
Ronald Crane discovered a logic error in the ANGLE library
involving lost device events.

CVE-2015-6761
Aki Helin and Khalil Zhani discovered a memory corruption issue in
the ffmpeg library.

CVE-2015-6762
Muneaki Nishimura discovered a way to bypass the Same Origin Policy
in the CSS implementation.

CVE-2015-6763
The chrome 46 development team found and fixed various issues
during internal auditing. Also multiple issues were fixed in
the v8 javascript library, version 4.6.85.23.

Affected Software/OS:
chromium-browser on Debian Linux

Solution:
For the stable distribution (jessie),
these problems have been fixed in version 46.0.2490.71-1~
deb8u1.

For the testing (stretch) and unstable (sid) distributions, these
problems have been fixed in version 46.0.2490.71-1.

We recommend that you upgrade your chromium-browser packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-1303
BugTraq ID: 76844
http://www.securityfocus.com/bid/76844
Debian Security Information: DSA-3376 (Google Search)
http://www.debian.org/security/2015/dsa-3376
https://security.gentoo.org/glsa/201603-09
RedHat Security Advisories: RHSA-2015:1841
http://rhn.redhat.com/errata/RHSA-2015-1841.html
http://www.securitytracker.com/id/1033683
SuSE Security Announcement: openSUSE-SU-2015:1719 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00008.html
SuSE Security Announcement: openSUSE-SU-2015:1876 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00002.html
http://www.ubuntu.com/usn/USN-2757-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-1304
Common Vulnerability Exposure (CVE) ID: CVE-2015-6755
BugTraq ID: 77071
http://www.securityfocus.com/bid/77071
RedHat Security Advisories: RHSA-2015:1912
http://rhn.redhat.com/errata/RHSA-2015-1912.html
http://www.securitytracker.com/id/1033816
http://www.ubuntu.com/usn/USN-2770-1
http://www.ubuntu.com/usn/USN-2770-2
Common Vulnerability Exposure (CVE) ID: CVE-2015-6756
Common Vulnerability Exposure (CVE) ID: CVE-2015-6757
Common Vulnerability Exposure (CVE) ID: CVE-2015-6758
Common Vulnerability Exposure (CVE) ID: CVE-2015-6759
Common Vulnerability Exposure (CVE) ID: CVE-2015-6760
Common Vulnerability Exposure (CVE) ID: CVE-2015-6761
BugTraq ID: 77073
http://www.securityfocus.com/bid/77073
https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-6762
Common Vulnerability Exposure (CVE) ID: CVE-2015-6763
https://www.exploit-db.com/exploits/38763/
http://packetstormsecurity.com/files/134482/Google-Chrome-Integer-Overflow.html
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.