Test ID:	1.3.6.1.4.1.25623.1.0.842990
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3153-1)
Summary:	The remote host is missing an update for the 'oxide-qt' package(s) announced via the USN-3153-1 advisory.
Description:	Summary: The remote host is missing an update for the 'oxide-qt' package(s) announced via the USN-3153-1 advisory. Vulnerability Insight: Multiple vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting (XSS) attacks, read uninitialized memory, obtain sensitive information, spoof the webview URL, bypass same origin restrictions, cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5204, CVE-2016-5205, CVE-2016-5207, CVE-2016-5208, CVE-2016-5209, CVE-2016-5212, CVE-2016-5215, CVE-2016-5222, CVE-2016-5224, CVE-2016-5225, CVE-2016-5226, CVE-2016-9650, CVE-2016-9652) Multiple vulnerabilities were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5213, CVE-2016-5219, CVE-2016-9651) An integer overflow was discovered in ANGLE. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5221) Affected Software/OS: 'oxide-qt' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 16.10. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5204 BugTraq ID: 94633 http://www.securityfocus.com/bid/94633 https://security.gentoo.org/glsa/201612-11 RedHat Security Advisories: RHSA-2016:2919 http://rhn.redhat.com/errata/RHSA-2016-2919.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5205 Common Vulnerability Exposure (CVE) ID: CVE-2016-5207 Common Vulnerability Exposure (CVE) ID: CVE-2016-5208 Common Vulnerability Exposure (CVE) ID: CVE-2016-5209 Common Vulnerability Exposure (CVE) ID: CVE-2016-5212 Common Vulnerability Exposure (CVE) ID: CVE-2016-5213 Common Vulnerability Exposure (CVE) ID: CVE-2016-5215 Common Vulnerability Exposure (CVE) ID: CVE-2016-5219 Common Vulnerability Exposure (CVE) ID: CVE-2016-5221 Common Vulnerability Exposure (CVE) ID: CVE-2016-5222 Common Vulnerability Exposure (CVE) ID: CVE-2016-5224 Common Vulnerability Exposure (CVE) ID: CVE-2016-5225 Common Vulnerability Exposure (CVE) ID: CVE-2016-5226 Common Vulnerability Exposure (CVE) ID: CVE-2016-9650 Common Vulnerability Exposure (CVE) ID: CVE-2016-9651 https://www.exploit-db.com/exploits/42175/ https://crbug.com/664411 Common Vulnerability Exposure (CVE) ID: CVE-2016-9652 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00042.html http://www.debian.org/security/2016/dsa-3731 http://www.ubuntu.com/usn/USN-3153-1 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LGZO2VOGJOZUUXNQITD6YMIUQ2L5GTU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LV2U7SINGF3SBK7HVKSWFOYLQBUH6PUE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZECS3A7ULG4B4YXBKUZMA3NTQBE5HGU/
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.