 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.703415 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DSA-3415-1) |
| Summary: | The remote host is missing an update for the Debian 'chromium-browser' package(s) announced via the DSA-3415-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'chromium-browser' package(s) announced via the DSA-3415-1 advisory. Vulnerability Insight: Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-1302 Rub Wu discovered an information leak in the pdfium library. CVE-2015-6764 Guang Gong discovered an out-of-bounds read issue in the v8 javascript library. CVE-2015-6765 A use-after-free issue was discovered in AppCache. CVE-2015-6766 A use-after-free issue was discovered in AppCache. CVE-2015-6767 A use-after-free issue was discovered in AppCache. CVE-2015-6768 Mariusz Mlynski discovered a way to bypass the Same Origin Policy. CVE-2015-6769 Mariusz Mlynski discovered a way to bypass the Same Origin Policy. CVE-2015-6770 Mariusz Mlynski discovered a way to bypass the Same Origin Policy. CVE-2015-6771 An out-of-bounds read issue was discovered in the v8 javascript library. CVE-2015-6772 Mariusz Mlynski discovered a way to bypass the Same Origin Policy. CVE-2015-6773 cloudfuzzer discovered an out-of-bounds read issue in the skia library. CVE-2015-6774 A use-after-free issue was found in extensions binding. CVE-2015-6775 Atte Kettunen discovered a type confusion issue in the pdfium library. CVE-2015-6776 Hanno Bock discovered an out-of-bounds access issue in the openjpeg library, which is used by pdfium. CVE-2015-6777 Long Liu found a use-after-free issue. CVE-2015-6778 Karl Skomski found an out-of-bounds read issue in the pdfium library. CVE-2015-6779 Til Jasper Ullrich discovered that the pdfium library does not sanitize chrome: URLs. CVE-2015-6780 Khalil Zhani discovered a use-after-free issue. CVE-2015-6781 miaubiz discovered an integer overflow issue in the sfntly library. CVE-2015-6782 Luan Herrera discovered a URL spoofing issue. CVE-2015-6784 Inti De Ceukelaire discovered a way to inject HTML into serialized web pages. CVE-2015-6785 Michael Ficarra discovered a way to bypass the Content Security Policy. CVE-2015-6786 Michael Ficarra discovered another way to bypass the Content Security Policy. For the stable distribution (jessie), these problems have been fixed in version 47.0.2526.73-1~ deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 47.0.2526.73-1. We recommend that you upgrade your chromium-browser packages. Affected Software/OS: 'chromium-browser' package(s) on Debian 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-1302 BugTraq ID: 77537 http://www.securityfocus.com/bid/77537 Debian Security Information: DSA-3415 (Google Search) http://www.debian.org/security/2015/dsa-3415 https://security.gentoo.org/glsa/201603-09 RedHat Security Advisories: RHSA-2015:1841 http://rhn.redhat.com/errata/RHSA-2015-1841.html http://www.securitytracker.com/id/1034132 SuSE Security Announcement: openSUSE-SU-2015:2068 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-11/msg00120.html SuSE Security Announcement: openSUSE-SU-2015:2069 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-11/msg00121.html Common Vulnerability Exposure (CVE) ID: CVE-2015-6764 BugTraq ID: 78209 http://www.securityfocus.com/bid/78209 http://www.securitytracker.com/id/1034298 SuSE Security Announcement: openSUSE-SU-2015:2290 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html SuSE Security Announcement: openSUSE-SU-2015:2291 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html SuSE Security Announcement: openSUSE-SU-2016:0138 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-01/msg00045.html Common Vulnerability Exposure (CVE) ID: CVE-2015-6765 BugTraq ID: 78416 http://www.securityfocus.com/bid/78416 http://www.ubuntu.com/usn/USN-2825-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-6766 Common Vulnerability Exposure (CVE) ID: CVE-2015-6767 Common Vulnerability Exposure (CVE) ID: CVE-2015-6768 Common Vulnerability Exposure (CVE) ID: CVE-2015-6769 Common Vulnerability Exposure (CVE) ID: CVE-2015-6770 Common Vulnerability Exposure (CVE) ID: CVE-2015-6771 Common Vulnerability Exposure (CVE) ID: CVE-2015-6772 Common Vulnerability Exposure (CVE) ID: CVE-2015-6773 Common Vulnerability Exposure (CVE) ID: CVE-2015-6774 Common Vulnerability Exposure (CVE) ID: CVE-2015-6775 Common Vulnerability Exposure (CVE) ID: CVE-2015-6776 Common Vulnerability Exposure (CVE) ID: CVE-2015-6777 Common Vulnerability Exposure (CVE) ID: CVE-2015-6778 Common Vulnerability Exposure (CVE) ID: CVE-2015-6779 Common Vulnerability Exposure (CVE) ID: CVE-2015-6780 Common Vulnerability Exposure (CVE) ID: CVE-2015-6781 Common Vulnerability Exposure (CVE) ID: CVE-2015-6782 Common Vulnerability Exposure (CVE) ID: CVE-2015-6784 Common Vulnerability Exposure (CVE) ID: CVE-2015-6785 Common Vulnerability Exposure (CVE) ID: CVE-2015-6786 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |