9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.015 Low
EPSS
Percentile
86.9%
Severity: Critical
Date : 2016-10-23
CVE-ID : CVE-2016-5181 CVE-2016-5182 CVE-2016-5183 CVE-2016-5184
CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 CVE-2016-5188
CVE-2016-5189 CVE-2016-5190 CVE-2016-5191 CVE-2016-5192
CVE-2016-5193 CVE-2016-5194
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
The package chromium before version 54.0.2840.59-1 is vulnerable to
multiple issues including arbitrary code execution, content spoofing,
cross-site scripting, information disclosure, same-origin policy bypass
and insufficient validation.
Upgrade to 54.0.2840.59-1.
The problems have been fixed upstream in version 54.0.2840.59.
None.
An universal XSS flaw was found in the Blink component of the Chromium
browser.
A heap overflow flaw was found in the Blink component of the Chromium
browser.
An use after free flaw was found in the PDFium component of the
Chromium browser.
An use after free flaw was found in the PDFium component of the
Chromium browser.
An use after free flaw was found in the Blink component of the Chromium
browser.
An out of bounds read flaw was found in the DevTools component of the
Chromium browser.
An URL spoofing flaw was found in the Chromium browser.
An UI spoofing flaw was found in the Chromium browser.
An URL spoofing flaw was found in the Chromium browser.
An use after free flaw was found in the Internals component of the
Chromium browser.
An universal XSS flaw was found in the Bookmarks component of the
Chromium browser.
A cross-origin bypass flaw was found in the Blink component of the
Chromium browser.
A scheme bypass vulnerability has been discovered.
Various fixes from internal audits, fuzzing and other initiatives.
A remote attacker can bypass security measures, access sensitive
information or execute arbitrary code on the affected host.
https://googlechromereleases.blogspot.fr/2016/10/stable-channel-update-for-desktop.html
https://access.redhat.com/security/cve/CVE-2016-5181
https://access.redhat.com/security/cve/CVE-2016-5182
https://access.redhat.com/security/cve/CVE-2016-5183
https://access.redhat.com/security/cve/CVE-2016-5184
https://access.redhat.com/security/cve/CVE-2016-5185
https://access.redhat.com/security/cve/CVE-2016-5186
https://access.redhat.com/security/cve/CVE-2016-5187
https://access.redhat.com/security/cve/CVE-2016-5188
https://access.redhat.com/security/cve/CVE-2016-5189
https://access.redhat.com/security/cve/CVE-2016-5190
https://access.redhat.com/security/cve/CVE-2016-5191
https://access.redhat.com/security/cve/CVE-2016-5192
https://access.redhat.com/security/cve/CVE-2016-5193
https://access.redhat.com/security/cve/CVE-2016-5194
access.redhat.com/security/cve/CVE-2016-5181
access.redhat.com/security/cve/CVE-2016-5182
access.redhat.com/security/cve/CVE-2016-5183
access.redhat.com/security/cve/CVE-2016-5184
access.redhat.com/security/cve/CVE-2016-5185
access.redhat.com/security/cve/CVE-2016-5186
access.redhat.com/security/cve/CVE-2016-5187
access.redhat.com/security/cve/CVE-2016-5188
access.redhat.com/security/cve/CVE-2016-5189
access.redhat.com/security/cve/CVE-2016-5190
access.redhat.com/security/cve/CVE-2016-5191
access.redhat.com/security/cve/CVE-2016-5192
access.redhat.com/security/cve/CVE-2016-5193
access.redhat.com/security/cve/CVE-2016-5194
googlechromereleases.blogspot.fr/2016/10/stable-channel-update-for-desktop.html
wiki.archlinux.org/index.php/CVE
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.015 Low
EPSS
Percentile
86.9%