Lucene search

K
archlinuxArch LinuxASA-201608-16
HistoryAug 17, 2016 - 12:00 a.m.

chromium: multiple issues

2016-08-1700:00:00
Arch Linux
lists.archlinux.org
12

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

89.0%

  • CVE-2016-5139 (arbitrary code execution)

Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in
OpenJPEG, as used in PDFium, allow remote attackers to cause a denial of
service (heap-based buffer overflow) or possibly have other unspecified
impact via crafted JPEG 2000 data.

  • CVE-2016-5140 (arbitrary code execution)

Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in
j2k.c in OpenJPEG, as used in PDFium, allows remote attackers to cause a
denial of service or possibly have other unspecified impact via crafted
JPEG 2000 data.

  • CVE-2016-5141 (address bar spoofing)

Blink allows remote attackers to spoof the address bar via vectors
involving a provisional URL for an initially empty document, related to
FrameLoader.cpp and ScopedPageLoadDeferrer.cpp.

  • CVE-2016-5142 (arbitrary code execution)

The Web Cryptography API (aka WebCrypto) implementation in Blink does
not properly copy data buffers, which allows remote attackers to cause a
denial of service (use-after-free) or possibly have other unspecified
impact via crafted JavaScript code, related to NormalizeAlgorithm.cpp
and SubtleCrypto.cpp.

  • CVE-2016-5143, CVE-2016-5144 (access restriction bypass)

The Developer Tools (aka DevTools) subsystem in Blink mishandles the
script-path hostname, remoteBase parameter, and remoteFrontendUrl
parameter, which allows remote attackers to bypass intended access
restrictions via a crafted URL.

  • CVE-2016-5145 (same-origin policy bypass)

Blink does not ensure that a taint property is preserved after a
structure-clone operation on an ImageBitmap object derived from a
cross-origin image, which allows remote attackers to bypass the Same
Origin Policy via crafted JavaScript code.

  • CVE-2016-5146 (arbitrary code execution)

Multiple unspecified vulnerabilities allow attackers to cause a denial
of service or possibly have other unspecified impact via unknown vectors.

OSVersionArchitecturePackageVersionFilename
anyanyanychromium< 52.0.2743.116-1UNKNOWN

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

89.0%

Related for ASA-201608-16