Test ID:	1.3.6.1.4.1.25623.1.0.703731
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-3731-1)
Summary:	The remote host is missing an update for the Debian 'chromium-browser' package(s) announced via the DSA-3731-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'chromium-browser' package(s) announced via the DSA-3731-1 advisory. Vulnerability Insight: Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5181 A cross-site scripting issue was discovered. CVE-2016-5182 Giwan Go discovered a heap overflow issue. CVE-2016-5183 A use-after-free issue was discovered in the pdfium library. CVE-2016-5184 Another use-after-free issue was discovered in the pdfium library. CVE-2016-5185 cloudfuzzer discovered a use-after-free issue in Blink/Webkit. CVE-2016-5186 Abdulrahman Alqabandi discovered an out-of-bounds read issue in the developer tools. CVE-2016-5187 Luan Herrera discovered a URL spoofing issue. CVE-2016-5188 Luan Herrera discovered that some drop down menus can be used to hide parts of the user interface. CVE-2016-5189 xisigr discovered a URL spoofing issue. CVE-2016-5190 Atte Kettunen discovered a use-after-free issue. CVE-2016-5191 Gareth Hughes discovered a cross-site scripting issue. CVE-2016-5192 haojunhou@gmail.com discovered a same-origin bypass. CVE-2016-5193 Yuyang Zhou discovered a way to pop open a new window. CVE-2016-5194 The chrome development team found and fixed various issues during internal auditing. CVE-2016-5198 Tencent Keen Security Lab discovered an out-of-bounds memory access issue in the v8 javascript library. CVE-2016-5199 A heap corruption issue was discovered in the ffmpeg library. CVE-2016-5200 Choongwoo Han discovered an out-of-bounds memory access issue in the v8 javascript library. CVE-2016-5201 Rob Wu discovered an information leak. CVE-2016-5202 The chrome development team found and fixed various issues during internal auditing. CVE-2016-5203 A use-after-free issue was discovered in the pdfium library. CVE-2016-5204 Mariusz Mlynski discovered a cross-site scripting issue in SVG image handling. CVE-2016-5205 A cross-site scripting issue was discovered. CVE-2016-5206 Rob Wu discovered a same-origin bypass in the pdfium library. CVE-2016-5207 Mariusz Mlynski discovered a cross-site scripting issue. CVE-2016-5208 Mariusz Mlynski discovered another cross-site scripting issue. CVE-2016-5209 Giwan Go discovered an out-of-bounds write issue in Blink/Webkit. CVE-2016-5210 Ke Liu discovered an out-of-bounds write in the pdfium library. CVE-2016-5211 A use-after-free issue was discovered in the pdfium library. CVE-2016-5212 Khalil Zhani discovered an information disclosure issue in the developer tools. CVE-2016-5213 Khalil Zhani discovered a use-after-free issue in the v8 javascript library. CVE-2016-5214 Jonathan Birch discovered a file download protection bypass. CVE-2016-5215 Looben Yang discovered a use-after-free issue. CVE-2016-5216 A use-after-free issue was discovered in the pdfium library. CVE-2016-5217 Rob Wu discovered a condition where data was not validated by the pdfium library. CVE-2016-5218 Abdulrahman Alqabandi discovered a URL spoofing issue. CVE-2016-5219 Rob Wu discovered a ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'chromium-browser' package(s) on Debian 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5181 BugTraq ID: 93528 http://www.securityfocus.com/bid/93528 https://security.gentoo.org/glsa/201610-09 RedHat Security Advisories: RHSA-2016:2067 http://rhn.redhat.com/errata/RHSA-2016-2067.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5182 Common Vulnerability Exposure (CVE) ID: CVE-2016-5183 Common Vulnerability Exposure (CVE) ID: CVE-2016-5184 Common Vulnerability Exposure (CVE) ID: CVE-2016-5185 Common Vulnerability Exposure (CVE) ID: CVE-2016-5186 Common Vulnerability Exposure (CVE) ID: CVE-2016-5187 Common Vulnerability Exposure (CVE) ID: CVE-2016-5188 Common Vulnerability Exposure (CVE) ID: CVE-2016-5189 Common Vulnerability Exposure (CVE) ID: CVE-2016-5190 Common Vulnerability Exposure (CVE) ID: CVE-2016-5191 Common Vulnerability Exposure (CVE) ID: CVE-2016-5192 Common Vulnerability Exposure (CVE) ID: CVE-2016-5193 Common Vulnerability Exposure (CVE) ID: CVE-2016-5194 Common Vulnerability Exposure (CVE) ID: CVE-2016-5198 BugTraq ID: 94079 http://www.securityfocus.com/bid/94079 RedHat Security Advisories: RHSA-2016:2672 http://rhn.redhat.com/errata/RHSA-2016-2672.html http://www.securitytracker.com/id/1037224 Common Vulnerability Exposure (CVE) ID: CVE-2016-5199 BugTraq ID: 94196 http://www.securityfocus.com/bid/94196 https://security.gentoo.org/glsa/201611-16 RedHat Security Advisories: RHSA-2016:2718 http://rhn.redhat.com/errata/RHSA-2016-2718.html http://www.securitytracker.com/id/1037273 Common Vulnerability Exposure (CVE) ID: CVE-2016-5200 Common Vulnerability Exposure (CVE) ID: CVE-2016-5201 Common Vulnerability Exposure (CVE) ID: CVE-2016-5202 http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00029.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5202 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-5202 https://security-tracker.debian.org/tracker/CVE-2016-5202 Common Vulnerability Exposure (CVE) ID: CVE-2016-5203 BugTraq ID: 94633 http://www.securityfocus.com/bid/94633 https://security.gentoo.org/glsa/201612-11 RedHat Security Advisories: RHSA-2016:2919 http://rhn.redhat.com/errata/RHSA-2016-2919.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5204 Common Vulnerability Exposure (CVE) ID: CVE-2016-5205 Common Vulnerability Exposure (CVE) ID: CVE-2016-5206 Common Vulnerability Exposure (CVE) ID: CVE-2016-5207 Common Vulnerability Exposure (CVE) ID: CVE-2016-5208 Common Vulnerability Exposure (CVE) ID: CVE-2016-5209 Common Vulnerability Exposure (CVE) ID: CVE-2016-5210 Common Vulnerability Exposure (CVE) ID: CVE-2016-5211 Common Vulnerability Exposure (CVE) ID: CVE-2016-5212 Common Vulnerability Exposure (CVE) ID: CVE-2016-5213 Common Vulnerability Exposure (CVE) ID: CVE-2016-5214 Common Vulnerability Exposure (CVE) ID: CVE-2016-5215 Common Vulnerability Exposure (CVE) ID: CVE-2016-5216 Common Vulnerability Exposure (CVE) ID: CVE-2016-5217 Common Vulnerability Exposure (CVE) ID: CVE-2016-5218 Common Vulnerability Exposure (CVE) ID: CVE-2016-5219 Common Vulnerability Exposure (CVE) ID: CVE-2016-5220 Common Vulnerability Exposure (CVE) ID: CVE-2016-5221 Common Vulnerability Exposure (CVE) ID: CVE-2016-5222 Common Vulnerability Exposure (CVE) ID: CVE-2016-5223 Common Vulnerability Exposure (CVE) ID: CVE-2016-5224 Common Vulnerability Exposure (CVE) ID: CVE-2016-5225 Common Vulnerability Exposure (CVE) ID: CVE-2016-5226 Common Vulnerability Exposure (CVE) ID: CVE-2016-9650 Common Vulnerability Exposure (CVE) ID: CVE-2016-9651 https://www.exploit-db.com/exploits/42175/ https://crbug.com/664411 Common Vulnerability Exposure (CVE) ID: CVE-2016-9652 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00042.html http://www.debian.org/security/2016/dsa-3731 http://www.ubuntu.com/usn/USN-3153-1 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LGZO2VOGJOZUUXNQITD6YMIUQ2L5GTU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LV2U7SINGF3SBK7HVKSWFOYLQBUH6PUE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZECS3A7ULG4B4YXBKUZMA3NTQBE5HGU/
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.