Test ID:	1.3.6.1.4.1.25623.1.0.704395
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-4395-1)
Summary:	The remote host is missing an update for the Debian 'chromium' package(s) announced via the DSA-4395-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'chromium' package(s) announced via the DSA-4395-1 advisory. Vulnerability Insight: Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-17481 A use-after-free issue was discovered in the pdfium library. CVE-2019-5754 Klzgrad discovered an error in the QUIC networking implementation. CVE-2019-5755 Jay Bosamiya discovered an implementation error in the v8 javascript library. CVE-2019-5756 A use-after-free issue was discovered in the pdfium library. CVE-2019-5757 Alexandru Pitis discovered a type confusion error in the SVG image format implementation. CVE-2019-5758 Zhe Jin discovered a use-after-free issue in blink/webkit. CVE-2019-5759 Almog Benin discovered a use-after-free issue when handling HTML pages containing select elements. CVE-2019-5760 Zhe Jin discovered a use-after-free issue in the WebRTC implementation. CVE-2019-5762 A use-after-free issue was discovered in the pdfium library. CVE-2019-5763 Guang Gon discovered an input validation error in the v8 javascript library. CVE-2019-5764 Eyal Itkin discovered a use-after-free issue in the WebRTC implementation. CVE-2019-5765 Sergey Toshin discovered a policy enforcement error. CVE-2019-5766 David Erceg discovered a policy enforcement error. CVE-2019-5767 Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao reported an error in the WebAPKs user interface. CVE-2019-5768 Rob Wu discovered a policy enforcement error in the developer tools. CVE-2019-5769 Guy Eshel discovered an input validation error in blink/webkit. CVE-2019-5770 hemidallt discovered a buffer overflow issue in the WebGL implementation. CVE-2019-5772 Zhen Zhou discovered a use-after-free issue in the pdfium library. CVE-2019-5773 Yongke Wong discovered an input validation error in the IndexDB implementation. CVE-2019-5774 Junghwan Kang and Juno Im discovered an input validation error in the SafeBrowsing implementation. CVE-2019-5775 evil1m0 discovered a policy enforcement error. CVE-2019-5776 Lnyas Zhang discovered a policy enforcement error. CVE-2019-5777 Khalil Zhani discovered a policy enforcement error. CVE-2019-5778 David Erceg discovered a policy enforcement error in the Extensions implementation. CVE-2019-5779 David Erceg discovered a policy enforcement error in the ServiceWorker implementation. CVE-2019-5780 Andreas Hegenberg discovered a policy enforcement error. CVE-2019-5781 evil1m0 discovered a policy enforcement error. CVE-2019-5782 Qixun Zhao discovered an implementation error in the v8 javascript library. CVE-2019-5783 Shintaro Kobori discovered an input validation error in the developer tools. CVE-2019-5784 Lucas Pinheiro discovered an implementation error in the v8 javascript library. For the stable distribution (stretch), these problems have been fixed in version 72.0.3626.96-1~ deb9u1. We recommend that you upgrade your chromium packages. For the detailed security status of chromium please refer to its security tracker page at: [link moved to references] Affected Software/OS: 'chromium' package(s) on Debian 9. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-17481 BugTraq ID: 106084 http://www.securityfocus.com/bid/106084 Debian Security Information: DSA-4352 (Google Search) https://www.debian.org/security/2018/dsa-4352 Debian Security Information: DSA-4395 (Google Search) https://www.debian.org/security/2019/dsa-4395 https://security.gentoo.org/glsa/201908-18 https://crbug.com/901654 RedHat Security Advisories: RHSA-2018:3803 https://access.redhat.com/errata/RHSA-2018:3803 Common Vulnerability Exposure (CVE) ID: CVE-2018-20073 https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html https://crbug.com/733943 SuSE Security Announcement: openSUSE-SU-2019:1815 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00057.html Common Vulnerability Exposure (CVE) ID: CVE-2019-13684 https://crbug.com/837936 Common Vulnerability Exposure (CVE) ID: CVE-2019-13768 https://crbug.com/922677 Common Vulnerability Exposure (CVE) ID: CVE-2019-5754 BugTraq ID: 106767 http://www.securityfocus.com/bid/106767 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JVFHYCJGMZQUKYSIE2BXE4NLEGFGUXU5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQOP53LXXPRGD4N5OBKGQTSMFXT32LF6/ https://crbug.com/914497 RedHat Security Advisories: RHSA-2019:0309 https://access.redhat.com/errata/RHSA-2019:0309 Common Vulnerability Exposure (CVE) ID: CVE-2019-5755 https://crbug.com/913296 Common Vulnerability Exposure (CVE) ID: CVE-2019-5756 https://crbug.com/895152 Common Vulnerability Exposure (CVE) ID: CVE-2019-5757 https://crbug.com/915469 Common Vulnerability Exposure (CVE) ID: CVE-2019-5758 https://crbug.com/913970 Common Vulnerability Exposure (CVE) ID: CVE-2019-5759 https://crbug.com/912211 Common Vulnerability Exposure (CVE) ID: CVE-2019-5760 https://crbug.com/912074 Common Vulnerability Exposure (CVE) ID: CVE-2019-5762 https://crbug.com/900552 Common Vulnerability Exposure (CVE) ID: CVE-2019-5763 https://crbug.com/914731 Common Vulnerability Exposure (CVE) ID: CVE-2019-5764 https://crbug.com/913246 Common Vulnerability Exposure (CVE) ID: CVE-2019-5765 https://crbug.com/922627 Common Vulnerability Exposure (CVE) ID: CVE-2019-5766 https://crbug.com/907047 Common Vulnerability Exposure (CVE) ID: CVE-2019-5767 https://crbug.com/902427 Common Vulnerability Exposure (CVE) ID: CVE-2019-5768 https://crbug.com/805557 Common Vulnerability Exposure (CVE) ID: CVE-2019-5769 https://crbug.com/913975 Common Vulnerability Exposure (CVE) ID: CVE-2019-5770 https://crbug.com/908749 Common Vulnerability Exposure (CVE) ID: CVE-2019-5772 https://crbug.com/908292 Common Vulnerability Exposure (CVE) ID: CVE-2019-5773 https://crbug.com/917668 Common Vulnerability Exposure (CVE) ID: CVE-2019-5774 https://crbug.com/904182 Common Vulnerability Exposure (CVE) ID: CVE-2019-5775 https://crbug.com/896722 Common Vulnerability Exposure (CVE) ID: CVE-2019-5776 https://crbug.com/863663 Common Vulnerability Exposure (CVE) ID: CVE-2019-5777 https://crbug.com/849421 Common Vulnerability Exposure (CVE) ID: CVE-2019-5778 https://crbug.com/918470 Common Vulnerability Exposure (CVE) ID: CVE-2019-5779 https://crbug.com/904219 Common Vulnerability Exposure (CVE) ID: CVE-2019-5780 https://crbug.com/891697 Common Vulnerability Exposure (CVE) ID: CVE-2019-5781 https://crbug.com/896725 Common Vulnerability Exposure (CVE) ID: CVE-2019-5782 https://crbug.com/906043 Common Vulnerability Exposure (CVE) ID: CVE-2019-5783 https://crbug.com/895081 Common Vulnerability Exposure (CVE) ID: CVE-2019-5784 https://chromereleases.googleblog.com/2019/02/stable-channel-update-for-desktop.html https://crbug.com/915975
Copyright	Copyright (C) 2019 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.