ID CVE-2016-1656 Type cve Reporter NVD Modified 2016-12-02T22:22:02
Description
The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors.
{"result": {"redhat": [{"id": "RHSA-2016:0638", "type": "redhat", "title": "(RHSA-2016:0638) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 50.0.2661.75.\n\nSecurity Fix(es):\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-1652, CVE-2016-1653, CVE-2016-1651, CVE-2016-1654, CVE-2016-1655, CVE-2016-1656, CVE-2016-1657, CVE-2016-1658, CVE-2016-1659)", "published": "2016-04-18T10:48:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0638", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-03-04T19:18:51"}], "nessus": [{"id": "OPENSUSE-2016-505.NASL", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2016-505)", "description": "Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities :\n\n - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding\n\n - CVE-2016-1652: Universal XSS in extension bindings\n\n - CVE-2016-1653: Out-of-bounds write in V8\n\n - CVE-2016-1654: Uninitialized memory read in media\n\n - CVE-2016-1655: Use-after-free related to extensions\n\n - CVE-2016-1656: Android downloaded file path restriction bypass\n\n - CVE-2016-1657: Address bar spoofing\n\n - CVE-2016-1658: Potential leak of sensitive information to malicious extensions\n\n - CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives", "published": "2016-04-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90702", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-10-29T13:45:35"}, {"id": "MACOSX_GOOGLE_CHROME_50_0_2661_75.NASL", "type": "nessus", "title": "Google Chrome < 50.0.2661.75 Multiple Vulnerabilities", "description": "The version of Google Chrome installed on the remote Mac OS X host is prior to 50.0.2661.75. It is, therefore, affected by multiple vulnerabilities :\n\n - An out-of-bounds read error exists in PDFium in the sycc420_to_rgb() and sycc422_to_rgb() functions within file fxcodec/codec/fx_codec_jpx_opj.cpp that is triggered when decoding JPEG2000 images. An unauthenticated, remote attacker can exploit this to cause a denial of service or disclose memory contents.\n (CVE-2016-1651)\n\n - A cross-site scripting vulnerability exists due to a failure by extension bindings to validate input before returning it to users. An unauthenticated, remote attacker can exploit this, via a crafted request, to execute arbitrary script code in the user's browser session. (CVE-2016-1652)\n\n - An out-of-bounds write error exists in Google V8, related to the LoadBuffer operator, that is triggered when handling typed arrays. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service or the execution of arbitrary code. (CVE-2016-1653)\n\n - An uninitialized memory read error exists in media that allows an attacker to have an unspecified impact.\n No other details are available. (CVE-2016-1654)\n\n - A use-after-free error exists in extensions that is triggered when handling frame removal by content scripts. An unauthenticated, remote attacker can exploit this to dereference already freed memory, resulting in arbitrary code execution. (CVE-2016-1655)\n\n - A flaw exists, related to content disposition, due to the improper sanitization of the names of downloaded files. An unauthenticated, remote attacker can exploit this to bypass path restrictions. (CVE-2016-1656)\n\n - A flaw exists in the FocusLocationBarByDefault() function of the WebContentsImpl class within the file content/browser/web_contents/web_contents_impl.cc that allows an authenticated, remote attacker to spoof the address bar. (CVE-2016-1657)\n\n - An unspecified flaw exists that allows an unauthenticated, remote attacker to access sensitive information by using malicious extensions.\n (CVE-2016-1658)\n\n - Multiple vulnerabilities exist in Chrome, the most serious of which allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-1659)", "published": "2016-04-15T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90543", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-10-29T13:38:39"}, {"id": "FREEBSD_PKG_6D8505F0061411E6B39C00262D5ED8EE.NASL", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (6d8505f0-0614-11e6-b39c-00262d5ed8ee)", "description": "Google Chrome Releases reports :\n\n20 security fixes in this release, including :\n\n- [590275] High CVE-2016-1652: Universal XSS in extension bindings.\nCredit to anonymous.\n\n- [589792] High CVE-2016-1653: Out-of-bounds write in V8. Credit to Choongwoo Han.\n\n- [591785] Medium CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding. Credit to kdot working with HP's Zero Day Initiative.\n\n- [589512] Medium CVE-2016-1654: Uninitialized memory read in media.\nCredit to Atte Kettunen of OUSPG.\n\n- [582008] Medium CVE-2016-1655: Use-after-free related to extensions.\nCredit to Rob Wu.\n\n- [570750] Medium CVE-2016-1656: Android downloaded file path restriction bypass. Credit to Dzmitry Lukyanenko.\n\n- [567445] Medium CVE-2016-1657: Address bar spoofing. Credit to Luan Herrera.\n\n- [573317] Low CVE-2016-1658: Potential leak of sensitive information to malicious extensions. Credit to Antonio Sanso (@asanso) of Adobe.\n\n- [602697] CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives.", "published": "2016-04-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90592", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-10-29T13:39:34"}, {"id": "SUSE_SU-2016-1060-1.NASL", "type": "nessus", "title": "SUSE SLES12 Security Update : Chromium (SUSE-SU-2016:1060-1)", "description": "Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities :\n\n - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding\n\n - CVE-2016-1652: Universal XSS in extension bindings\n\n - CVE-2016-1653: Out-of-bounds write in V8\n\n - CVE-2016-1654: Uninitialized memory read in media\n\n - CVE-2016-1655: Use-after-free related to extensions\n\n - CVE-2016-1656: Android downloaded file path restriction bypass\n\n - CVE-2016-1657: Address bar spoofing\n\n - CVE-2016-1658: Potential leak of sensitive information to malicious extensions\n\n - CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-04-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90585", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-10-29T13:33:52"}, {"id": "REDHAT-RHSA-2016-0638.NASL", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2016:0638)", "description": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 50.0.2661.75.\n\nSecurity Fix(es) :\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-1652, CVE-2016-1653, CVE-2016-1651, CVE-2016-1654, CVE-2016-1655, CVE-2016-1656, CVE-2016-1657, CVE-2016-1658, CVE-2016-1659)", "published": "2016-04-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90570", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-10-29T13:39:34"}, {"id": "OPENSUSE-2016-504.NASL", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2016-504)", "description": "Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities :\n\n - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding\n\n - CVE-2016-1652: Universal XSS in extension bindings\n\n - CVE-2016-1653: Out-of-bounds write in V8\n\n - CVE-2016-1654: Uninitialized memory read in media\n\n - CVE-2016-1655: Use-after-free related to extensions\n\n - CVE-2016-1656: Android downloaded file path restriction bypass\n\n - CVE-2016-1657: Address bar spoofing\n\n - CVE-2016-1658: Potential leak of sensitive information to malicious extensions\n\n - CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives", "published": "2016-04-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90701", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-10-29T13:38:15"}, {"id": "OPENSUSE-2016-1061.NASL", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2016-1061)", "description": "Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities :\n\n - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding\n\n - CVE-2016-1652: Universal XSS in extension bindings\n\n - CVE-2016-1653: Out-of-bounds write in V8\n\n - CVE-2016-1654: Uninitialized memory read in media\n\n - CVE-2016-1655: Use-after-free related to extensions\n\n - CVE-2016-1656: Android downloaded file path restriction bypass\n\n - CVE-2016-1657: Address bar spoofing\n\n - CVE-2016-1658: Potential leak of sensitive information to malicious extensions\n\n - CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives", "published": "2016-04-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90569", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-10-29T13:44:35"}, {"id": "GOOGLE_CHROME_50_0_2661_75.NASL", "type": "nessus", "title": "Google Chrome < 50.0.2661.75 Multiple Vulnerabilities", "description": "The version of Google Chrome installed on the remote Windows host is prior to 50.0.2661.75. It is, therefore, affected by multiple vulnerabilities :\n\n - An out-of-bounds read error exists in PDFium in the sycc420_to_rgb() and sycc422_to_rgb() functions within file fxcodec/codec/fx_codec_jpx_opj.cpp that is triggered when decoding JPEG2000 images. An unauthenticated, remote attacker can exploit this to cause a denial of service or disclose memory contents.\n (CVE-2016-1651)\n\n - A cross-site scripting vulnerability exists due to a failure by extension bindings to validate input before returning it to users. An unauthenticated, remote attacker can exploit this, via a crafted request, to execute arbitrary script code in the user's browser session. (CVE-2016-1652)\n\n - An out-of-bounds write error exists in Google V8, related to the LoadBuffer operator, that is triggered when handling typed arrays. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service or the execution of arbitrary code. (CVE-2016-1653)\n\n - An uninitialized memory read error exists in media that allows an attacker to have an unspecified impact.\n No other details are available. (CVE-2016-1654)\n\n - A use-after-free error exists in extensions that is triggered when handling frame removal by content scripts. An unauthenticated, remote attacker can exploit this to dereference already freed memory, resulting in arbitrary code execution. (CVE-2016-1655)\n\n - A flaw exists, related to content disposition, due to the improper sanitization of the names of downloaded files. An unauthenticated, remote attacker can exploit this to bypass path restrictions. (CVE-2016-1656)\n\n - A flaw exists in the FocusLocationBarByDefault() function of the WebContentsImpl class within the file content/browser/web_contents/web_contents_impl.cc that allows an authenticated, remote attacker to spoof the address bar. (CVE-2016-1657)\n\n - An unspecified flaw exists that allows an unauthenticated, remote attacker to access sensitive information by using malicious extensions.\n (CVE-2016-1658)\n\n - Multiple vulnerabilities exist in Chrome, the most serious of which allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-1659)", "published": "2016-04-15T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90542", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-10-29T13:43:56"}, {"id": "GENTOO_GLSA-201605-02.NASL", "type": "nessus", "title": "GLSA-201605-02 : Chromium: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201605-02 (Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.\n Workaround :\n\n There is no known workaround at this time.", "published": "2016-05-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=91176", "cvelist": ["CVE-2016-1667", "CVE-2016-1665", "CVE-2016-1668", "CVE-2016-1669", "CVE-2016-1666", "CVE-2016-1656", "CVE-2016-1650", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1663", "CVE-2016-1657", "CVE-2016-1661", "CVE-2016-1671", "CVE-2016-1664", "CVE-2016-1647", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1662", "CVE-2016-1648", "CVE-2016-1649", "CVE-2016-1646", "CVE-2016-1655", "CVE-2016-1670", "CVE-2016-1660", "CVE-2016-1652"], "lastseen": "2017-10-29T13:45:45"}], "suse": [{"id": "SUSE-SU-2016:1060-1", "type": "suse", "title": "Security update for Chromium (important)", "description": "Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities:\n\n - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding\n - CVE-2016-1652: Universal XSS in extension bindings\n - CVE-2016-1653: Out-of-bounds write in V8\n - CVE-2016-1654: Uninitialized memory read in media\n - CVE-2016-1655: Use-after-free related to extensions\n - CVE-2016-1656: Android downloaded file path restriction bypass\n - CVE-2016-1657: Address bar spoofing\n - CVE-2016-1658: Potential leak of sensitive information to malicious\n extensions\n - CVE-2016-1659: Various fixes from internal audits, fuzzing and other\n initiatives\n\n", "published": "2016-04-17T13:07:56", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2016-09-04T12:05:28"}, {"id": "OPENSUSE-SU-2016:1061-1", "type": "suse", "title": "Security update for Chromium (important)", "description": "Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities:\n\n - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding\n - CVE-2016-1652: Universal XSS in extension bindings\n - CVE-2016-1653: Out-of-bounds write in V8\n - CVE-2016-1654: Uninitialized memory read in media\n - CVE-2016-1655: Use-after-free related to extensions\n - CVE-2016-1656: Android downloaded file path restriction bypass\n - CVE-2016-1657: Address bar spoofing\n - CVE-2016-1658: Potential leak of sensitive information to malicious\n extensions\n - CVE-2016-1659: Various fixes from internal audits, fuzzing and other\n initiatives\n\n", "published": "2016-04-17T13:08:14", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2016-09-04T11:52:32"}, {"id": "OPENSUSE-SU-2016:1135-1", "type": "suse", "title": "Security update for Chromium (important)", "description": "Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities:\n\n - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding\n - CVE-2016-1652: Universal XSS in extension bindings\n - CVE-2016-1653: Out-of-bounds write in V8\n - CVE-2016-1654: Uninitialized memory read in media\n - CVE-2016-1655: Use-after-free related to extensions\n - CVE-2016-1656: Android downloaded file path restriction bypass\n - CVE-2016-1657: Address bar spoofing\n - CVE-2016-1658: Potential leak of sensitive information to malicious\n extensions\n - CVE-2016-1659: Various fixes from internal audits, fuzzing and other\n initiatives\n\n", "published": "2016-04-24T02:07:44", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2016-09-04T12:14:44"}, {"id": "OPENSUSE-SU-2016:1136-1", "type": "suse", "title": "Security update for Chromium (important)", "description": "Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities:\n\n - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding\n - CVE-2016-1652: Universal XSS in extension bindings\n - CVE-2016-1653: Out-of-bounds write in V8\n - CVE-2016-1654: Uninitialized memory read in media\n - CVE-2016-1655: Use-after-free related to extensions\n - CVE-2016-1656: Android downloaded file path restriction bypass\n - CVE-2016-1657: Address bar spoofing\n - CVE-2016-1658: Potential leak of sensitive information to malicious\n extensions\n - CVE-2016-1659: Various fixes from internal audits, fuzzing and other\n initiatives\n\n", "published": "2016-04-24T12:07:36", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2016-09-04T12:29:44"}], "openvas": [{"id": "OPENVAS:1361412562310807547", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update_13-2016-04)-Linux", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "published": "2016-04-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807547", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-07-02T21:12:40"}, {"id": "OPENVAS:1361412562310851283", "type": "openvas", "title": "SuSE Update for Chromium openSUSE-SU-2016:1135-1 (Chromium)", "description": "Check the version of Chromium", "published": "2016-04-24T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851283", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-12-12T11:17:25"}, {"id": "OPENVAS:1361412562310851284", "type": "openvas", "title": "SuSE Update for Chromium openSUSE-SU-2016:1136-1 (Chromium)", "description": "Check the version of Chromium", "published": "2016-04-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851284", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-12-12T11:18:20"}, {"id": "OPENVAS:1361412562310851280", "type": "openvas", "title": "SuSE Update for Chromium openSUSE-SU-2016:1061-1 (Chromium)", "description": "Check the version of Chromium", "published": "2016-04-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851280", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-12-12T11:17:34"}, {"id": "OPENVAS:1361412562310807546", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update_13-2016-04)-Windows", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "published": "2016-04-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807546", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-07-02T21:13:07"}, {"id": "OPENVAS:1361412562310807548", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update_13-2016-04)-MAC OS X", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "published": "2016-04-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807548", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2017-07-02T21:12:41"}], "freebsd": [{"id": "6D8505F0-0614-11E6-B39C-00262D5ED8EE", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "description": "\nGoogle Chrome Releases reports:\n\n20 security fixes in this release, including:\n\n[590275] High CVE-2016-1652: Universal XSS in extension\n\t bindings. Credit to anonymous.\n[589792] High CVE-2016-1653: Out-of-bounds write in V8. Credit\n\t to Choongwoo Han.\n[591785] Medium CVE-2016-1651: Out-of-bounds read in Pdfium\n\t JPEG2000 decoding. Credit to kdot working with HP's Zero Day\n\t Initiative.\n[589512] Medium CVE-2016-1654: Uninitialized memory read in\n\t media. Credit to Atte Kettunen of OUSPG.\n[582008] Medium CVE-2016-1655: Use-after-free related to\n\t extensions. Credit to Rob Wu.\n[570750] Medium CVE-2016-1656: Android downloaded file path\n\t restriction bypass. Credit to Dzmitry Lukyanenko.\n[567445] Medium CVE-2016-1657: Address bar spoofing. Credit to\n\t Luan Herrera.\n[573317] Low CVE-2016-1658: Potential leak of sensitive\n\t information to malicious extensions. Credit to Antonio Sanso\n\t (@asanso) of Adobe.\n[602697] CVE-2016-1659: Various fixes from internal audits,\n\t fuzzing and other initiatives.\n\n\n", "published": "2016-04-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vuxml.freebsd.org/freebsd/6d8505f0-0614-11e6-b39c-00262d5ed8ee.html", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2016-09-26T17:24:06"}], "threatpost": [{"id": "LATEST-CHROME-UPDATE-ADDRESSES-TWO-HIGH-SEVERITY-VULNERABILITIES/117400", "type": "threatpost", "title": "Google Chrome Security Update 50.0.2662.75", "description": "Google on Wednesday pushed its third Chrome update since the beginning of March, patching a pair of high-severity vulnerabilities in the browser.\n\nYesterday\u2019s update brings Chrome to version 50.0.2662.75 and [patched 20 vulnerabilities](<http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html>), according to the Google Chrome Releases blog.\n\n### Related Posts\n\n#### [Chrome 53 Fixes Address Spoofing Vulnerability, 32 Other Bugs](<https://threatpost.com/chrome-53-fixes-address-spoofing-vulnerability-32-other-bugs/120305/> \"Permalink to Chrome 53 Fixes Address Spoofing Vulnerability, 32 Other Bugs\" )\n\nSeptember 1, 2016 , 11:52 am\n\n#### [FBI Warned State Election Board Systems of Hacks](<https://threatpost.com/fbi-warned-state-election-board-systems-of-hacks/120198/> \"Permalink to FBI Warned State Election Board Systems of Hacks\" )\n\nAugust 29, 2016 , 5:40 pm\n\n#### [Juniper Acknowledges Equation Group Targeted ScreenOS](<https://threatpost.com/juniper-acknowledges-equation-group-exploits-target-screenos/120042/> \"Permalink to Juniper Acknowledges Equation Group Targeted ScreenOS\" )\n\nAugust 22, 2016 , 1:52 pm\n\nEight of the bugs qualified for a reward under Google\u2019s bug bounty program, the remaining dozen bugs were found internally.\n\nTwo of the flaws were rated \u201cHigh\u201d severity by Google: one was a cross-site scripting flaw credited to an unnamed researcher, and the other an out-of-bounds write flaw in V8 found by Choongwoo Han, a South Korean researcher and student at the Korea Advanced Institute of Science and Technology. The two bugs earned rewards of $7,500 and $5,000 respectively.\n\nFollowing is a complete list of vulnerabilities that earned rewards:\n\n$7500][[590275](<https://crbug.com/590275>)] High CVE-2016-1652: Universal XSS in extension bindings. _Credit to anonymous._\n\n[$5000][[589792](<https://crbug.com/589792>)] High CVE-2016-1653: Out-of-bounds write in V8. _Credit to Choongwoo Han._\n\n[[591785](<https://crbug.com/591785>)] Medium CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding. _Credit to kdot working with HP\u2019s Zero Day Initiative._\n\n[$1500][[589512](<https://crbug.com/589512>)] Medium CVE-2016-1654: Uninitialized memory read in media. _Credit to Atte Kettunen of OUSPG._\n\n[$1500][[582008](<https://crbug.com/582008>)] Medium CVE-2016-1655: Use-after-free related to extensions. _Credit to Rob Wu._\n\n[$500][[570750](<https://crbug.com/570750>)] Medium CVE-2016-1656: Android downloaded file path restriction bypass. _Credit to __[Dzmitry Lukyanenko](<https://www.linkedin.com/in/dzima>)_.\n\n[$1000][[567445](<https://crbug.com/567445>)] Medium CVE-2016-1657: Address bar spoofing. _Credit to Luan Herrera._\n\n[$500][[573317](<https://crbug.com/573317>)] Low CVE-2016-1658: Potential leak of sensitive information to malicious extensions. _Credit to Antonio Sanso (@asanso) of Adobe._\n\nOn March 25, [Google pushed out an update](<https://threatpost.com/google-fixes-four-critical-vulnerabilities-in-latest-chrome-build/116990/>) that addressed a number of flaws in Chrome disclosed during the [Pwn2Own](<https://threatpost.com/safari-flash-fall-at-pwn2own-2016-day-one/116837/>) [contest](<https://threatpost.com/pwn2own-day-two-safari-microsoft-edge-go-down-winner-crowned/116877/>) earlier in the month.", "published": "2016-04-14T08:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://threatpost.com/latest-chrome-update-addresses-two-high-severity-vulnerabilities/117400/", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2016-09-04T20:45:43"}], "kaspersky": [{"id": "KLA10783", "type": "kaspersky", "title": "\r KLA10783Multiple vulnerabilities in Google Chrome\t\t\t ", "description": "### *CVSS*:\n10.0\n\n### *Detect date*:\n04/13/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, inject arbitrary code, cause denial of service or obtain sensitive information.\n\n### *Affected products*:\nGoogle Chrome versions earlier than 50.0.2661.75\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Get Chrome](<https://www.google.com/chrome/browser/desktop/index.html>)\n\n### *Original advisories*:\n[Google chrome releases blog entry](<http://feedproxy.google.com/~r/GoogleChromeReleases/~3/sWdN1-CS2Vc/stable-channel-update_13.html>) \n\n\n### *Impacts*:\nSUI \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2016-1659](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1659>) \n[CVE-2016-1658](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1658>) \n[CVE-2016-1657](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1657>) \n[CVE-2016-1656](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1656>) \n[CVE-2016-1655](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1655>) \n[CVE-2016-1654](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1654>) \n[CVE-2016-1653](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1653>) \n[CVE-2016-1652](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1652>) \n[CVE-2016-1651](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1651>)", "published": "2016-04-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10783", "cvelist": ["CVE-2016-1656", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1657", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1655", "CVE-2016-1652"], "lastseen": "2018-03-30T14:10:53"}], "gentoo": [{"id": "GLSA-201605-02", "type": "gentoo", "title": "Chromium: Multiple vulnerabilities", "description": "### Background\n\nChromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. \n\n### Description\n\nMultiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/chromium-50.0.2661.102\"", "published": "2016-05-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201605-02", "cvelist": ["CVE-2016-1667", "CVE-2016-1665", "CVE-2016-1668", "CVE-2016-1669", "CVE-2016-1666", "CVE-2016-1656", "CVE-2016-1650", "CVE-2016-1654", "CVE-2016-1659", "CVE-2016-1653", "CVE-2016-1663", "CVE-2016-1657", "CVE-2016-1661", "CVE-2016-1671", "CVE-2016-1664", "CVE-2016-1647", "CVE-2016-1658", "CVE-2016-1651", "CVE-2016-1662", "CVE-2016-1648", "CVE-2016-1649", "CVE-2016-1646", "CVE-2016-1655", "CVE-2016-1670", "CVE-2016-1660", "CVE-2016-1652"], "lastseen": "2016-09-06T19:46:06"}]}}
