English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.704330
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 4330-1 (chromium-browser - security update)
Summary:Several vulnerabilities have been discovered in the chromium web browser.;;CVE-2018-5179 ;Yannic Boneberger discovered an error in the ServiceWorker implementation.;;CVE-2018-17462 ;Ned Williamson and Niklas Baumstark discovered a way to escape the sandbox.;;CVE-2018-17463 ;Ned Williamson and Niklas Baumstark discovered a remote code execution;issue in the v8 javascript library.;;CVE-2018-17464 ;xisigr discovered a URL spoofing issue.;;CVE-2018-17465 ;Lin Zuojian discovered a use-after-free issue in the v8 javascript;library.;;CVE-2018-17466 ;Omair discovered a memory corruption issue in the angle library.;;CVE-2018-17467 ;Khalil Zhani discovered a URL spoofing issue.;;CVE-2018-17468 ;Jams Lee discovered an information disclosure issue.;;CVE-2018-17469 ;Zhen Zhou discovered a buffer overflow issue in the pdfium library.;;CVE-2018-17470 ;Zhe Jin discovered a memory corruption issue in the GPU backend;implementation.;;CVE-2018-17471 ;Lnyas Zhang discovered an issue with the full screen user interface.;;CVE-2018-17473 ;Khalil Zhani discovered a URL spoofing issue.;;CVE-2018-17474 ;Zhe Jin discovered a use-after-free issue.;;CVE-2018-17475 ;Vladimir Metnew discovered a URL spoofing issue.;;CVE-2018-17476 ;Khalil Zhani discovered an issue with the full screen user interface.;;CVE-2018-17477 ;Aaron Muir Hamilton discovered a user interface spoofing issue in the;extensions pane.;;This update also fixes a buffer overflow in the embedded lcms library included;with chromium.
Description:Summary:
Several vulnerabilities have been discovered in the chromium web browser.

CVE-2018-5179
Yannic Boneberger discovered an error in the ServiceWorker implementation.

CVE-2018-17462
Ned Williamson and Niklas Baumstark discovered a way to escape the sandbox.

CVE-2018-17463
Ned Williamson and Niklas Baumstark discovered a remote code execution
issue in the v8 javascript library.

CVE-2018-17464
xisigr discovered a URL spoofing issue.

CVE-2018-17465
Lin Zuojian discovered a use-after-free issue in the v8 javascript
library.

CVE-2018-17466
Omair discovered a memory corruption issue in the angle library.

CVE-2018-17467
Khalil Zhani discovered a URL spoofing issue.

CVE-2018-17468
Jams Lee discovered an information disclosure issue.

CVE-2018-17469
Zhen Zhou discovered a buffer overflow issue in the pdfium library.

CVE-2018-17470
Zhe Jin discovered a memory corruption issue in the GPU backend
implementation.

CVE-2018-17471
Lnyas Zhang discovered an issue with the full screen user interface.

CVE-2018-17473
Khalil Zhani discovered a URL spoofing issue.

CVE-2018-17474
Zhe Jin discovered a use-after-free issue.

CVE-2018-17475
Vladimir Metnew discovered a URL spoofing issue.

CVE-2018-17476
Khalil Zhani discovered an issue with the full screen user interface.

CVE-2018-17477
Aaron Muir Hamilton discovered a user interface spoofing issue in the
extensions pane.

This update also fixes a buffer overflow in the embedded lcms library included
with chromium.

Affected Software/OS:
chromium-browser on Debian Linux

Solution:
For the stable distribution (stretch), these problems have been fixed in
version 70.0.3538.67-1~
deb9u1.

We recommend that you upgrade your chromium-browser packages.

For the detailed security status of chromium-browser please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium-browser

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-5179
CopyrightCopyright (c) 2018 Greenbone Networks GmbH http://greenbone.net

This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.