 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.703776 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DSA-3776-1) |
| Summary: | The remote host is missing an update for the Debian 'chromium-browser' package(s) announced via the DSA-3776-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'chromium-browser' package(s) announced via the DSA-3776-1 advisory. Vulnerability Insight: Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5006 Mariusz Mlynski discovered a cross-site scripting issue. CVE-2017-5007 Mariusz Mlynski discovered another cross-site scripting issue. CVE-2017-5008 Mariusz Mlynski discovered a third cross-site scripting issue. CVE-2017-5009 Sean Stanek and Chip Bradford discovered an out-of-bounds memory issue in the webrtc library. CVE-2017-5010 Mariusz Mlynski discovered a fourth cross-site scripting issue. CVE-2017-5011 Khalil Zhani discovered a way to access unauthorized files in the developer tools. CVE-2017-5012 Gergely Nagy discovered a heap overflow issue in the v8 javascript library. CVE-2017-5013 Haosheng Wang discovered a URL spoofing issue. CVE-2017-5014 sweetchip discovered a heap overflow issue in the skia library. CVE-2017-5015 Armin Razmdjou discovered a URL spoofing issue. CVE-2017-5016 Haosheng Wang discovered another URL spoofing issue. CVE-2017-5017 danberm discovered an uninitialized memory issue in support for webm video files. CVE-2017-5018 Rob Wu discovered a cross-site scripting issue. CVE-2017-5019 Wadih Matar discovered a use-after-free issue. CVE-2017-5020 Rob Wu discovered another cross-site scripting issue. CVE-2017-5021 Rob Wu discovered a use-after-free issue in extensions. CVE-2017-5022 PKAV Team discovered a way to bypass the Content Security Policy. CVE-2017-5023 UK's National Cyber Security Centre (NCSC) discovered a type confusion issue. CVE-2017-5024 Paul Mehta discovered a heap overflow issue in the ffmpeg library. CVE-2017-5025 Paul Mehta discovered another heap overflow issue in the ffmpeg library. CVE-2017-5026 Ronni Skansing discovered a user interface spoofing issue. For the stable distribution (jessie), these problems have been fixed in version 56.0.2924.76-1~ deb8u1. For the testing (stretch) and unstable (sid) distributions, these problems will be fixed soon. We recommend that you upgrade your chromium-browser packages. Affected Software/OS: 'chromium-browser' package(s) on Debian 8. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-5006 BugTraq ID: 95792 http://www.securityfocus.com/bid/95792 Debian Security Information: DSA-3776 (Google Search) http://www.debian.org/security/2017/dsa-3776 https://security.gentoo.org/glsa/201701-66 RedHat Security Advisories: RHSA-2017:0206 http://rhn.redhat.com/errata/RHSA-2017-0206.html http://www.securitytracker.com/id/1037718 Common Vulnerability Exposure (CVE) ID: CVE-2017-5007 Common Vulnerability Exposure (CVE) ID: CVE-2017-5008 Common Vulnerability Exposure (CVE) ID: CVE-2017-5009 Common Vulnerability Exposure (CVE) ID: CVE-2017-5010 Common Vulnerability Exposure (CVE) ID: CVE-2017-5011 Common Vulnerability Exposure (CVE) ID: CVE-2017-5012 Common Vulnerability Exposure (CVE) ID: CVE-2017-5013 Common Vulnerability Exposure (CVE) ID: CVE-2017-5014 Common Vulnerability Exposure (CVE) ID: CVE-2017-5015 Common Vulnerability Exposure (CVE) ID: CVE-2017-5016 Common Vulnerability Exposure (CVE) ID: CVE-2017-5017 Common Vulnerability Exposure (CVE) ID: CVE-2017-5018 Common Vulnerability Exposure (CVE) ID: CVE-2017-5019 Common Vulnerability Exposure (CVE) ID: CVE-2017-5020 Common Vulnerability Exposure (CVE) ID: CVE-2017-5021 Common Vulnerability Exposure (CVE) ID: CVE-2017-5022 Common Vulnerability Exposure (CVE) ID: CVE-2017-5023 Common Vulnerability Exposure (CVE) ID: CVE-2017-5024 https://security.gentoo.org/glsa/201705-05 Common Vulnerability Exposure (CVE) ID: CVE-2017-5025 Common Vulnerability Exposure (CVE) ID: CVE-2017-5026 Common Vulnerability Exposure (CVE) ID: CVE-2017-5027 Common Vulnerability Exposure (CVE) ID: CVE-2017-5028 https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html https://crbug.com/653555 |
| Copyright | Copyright (C) 2017 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |