English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 150599 CVE descriptions
and 73533 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.704330
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 4330-1 (chromium-browser - security update)
Summary:Several vulnerabilities have been discovered in the chromium web browser.;;CVE-2018-5179;Yannic Boneberger discovered an error in the ServiceWorker implementation.;;CVE-2018-17462;Ned Williamson and Niklas Baumstark discovered a way to escape the sandbox.;;CVE-2018-17463;Ned Williamson and Niklas Baumstark discovered a remote code execution;issue in the v8 javascript library.;;CVE-2018-17464;xisigr discovered a URL spoofing issue.;;CVE-2018-17465;Lin Zuojian discovered a use-after-free issue in the v8 javascript;library.;;CVE-2018-17466;Omair discovered a memory corruption issue in the angle library.;;CVE-2018-17467;Khalil Zhani discovered a URL spoofing issue.;;CVE-2018-17468;Jams Lee discovered an information disclosure issue.;;CVE-2018-17469;Zhen Zhou discovered a buffer overflow issue in the pdfium library.;;CVE-2018-17470;Zhe Jin discovered a memory corruption issue in the GPU backend;implementation.;;CVE-2018-17471;Lnyas Zhang discovered an issue with the full screen user interface.;;CVE-2018-17473;Khalil Zhani discovered a URL spoofing issue.;;CVE-2018-17474;Zhe Jin discovered a use-after-free issue.;;CVE-2018-17475;Vladimir Metnew discovered a URL spoofing issue.;;CVE-2018-17476;Khalil Zhani discovered an issue with the full screen user interface.;;CVE-2018-17477;Aaron Muir Hamilton discovered a user interface spoofing issue in the;extensions pane.;;This update also fixes a buffer overflow in the embedded lcms library included;with chromium.
Description:Summary:
Several vulnerabilities have been discovered in the chromium web browser.

CVE-2018-5179
Yannic Boneberger discovered an error in the ServiceWorker implementation.

CVE-2018-17462
Ned Williamson and Niklas Baumstark discovered a way to escape the sandbox.

CVE-2018-17463
Ned Williamson and Niklas Baumstark discovered a remote code execution
issue in the v8 javascript library.

CVE-2018-17464
xisigr discovered a URL spoofing issue.

CVE-2018-17465
Lin Zuojian discovered a use-after-free issue in the v8 javascript
library.

CVE-2018-17466
Omair discovered a memory corruption issue in the angle library.

CVE-2018-17467
Khalil Zhani discovered a URL spoofing issue.

CVE-2018-17468
Jams Lee discovered an information disclosure issue.

CVE-2018-17469
Zhen Zhou discovered a buffer overflow issue in the pdfium library.

CVE-2018-17470
Zhe Jin discovered a memory corruption issue in the GPU backend
implementation.

CVE-2018-17471
Lnyas Zhang discovered an issue with the full screen user interface.

CVE-2018-17473
Khalil Zhani discovered a URL spoofing issue.

CVE-2018-17474
Zhe Jin discovered a use-after-free issue.

CVE-2018-17475
Vladimir Metnew discovered a URL spoofing issue.

CVE-2018-17476
Khalil Zhani discovered an issue with the full screen user interface.

CVE-2018-17477
Aaron Muir Hamilton discovered a user interface spoofing issue in the
extensions pane.

This update also fixes a buffer overflow in the embedded lcms library included
with chromium.

Affected Software/OS:
chromium-browser on Debian Linux

Solution:
For the stable distribution (stretch), these problems have been fixed in
version 70.0.3538.67-1~
deb9u1.

We recommend that you upgrade your chromium-browser packages.

For the detailed security status of chromium-browser please refer to
its security tracker page linked in the references.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-5179
https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/
CopyrightCopyright (c) 2018 Greenbone Networks GmbH http://greenbone.net

This is only one of 73533 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.