Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable802027.PRM
HistorySep 06, 2016 - 12:00 a.m.

Chrome < 52.0.2743.82 Multiple Vulnerabilities

2016-09-0600:00:00
Tenable
www.tenable.com
20
JSON

The specific version of Chrome that the system is running is reportedly affected by the following vulnerabilities:

  • Google Chrome contains a flaw in PPAPI that is triggered when handling certain messages not sent by the browser in the plugin broker process. This may allow a context-dependent attacker to bypass the sandbox. (CVE-2016-1706)

  • Google Chrome for iOS contains a flaw in web/web_state/ui/crw_web_controller.mm that is triggered when handling invalid URLs. This may allow a context-dependent attacker to conduct URL spoofing attacks. (CVE-2016-1707)

  • Google Chrome contains a use-after-free error related to extensions that may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.
    (CVE-2016-1708)

  • Google sfntly contains an array indexing error in the ByteArray::Get() function in data/byte_array.cc that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, crashing a process linked against the library or potentially allowing the execution of arbitrary code. (CVE-2016-1709)

  • Google Chrome contains a flaw in web/ChromeClientImpl.cpp that is triggered when handling creation of new windows by deferred frames. This may allow a context-dependent attacker to bypass the same-origin policy. (CVE-2016-1710)

  • Google Chrome contains a flaw in core/loader/FrameLoader.cpp that is triggered when handling frame navigations during DocumentLoader detach. This may allow a context-dependent attacker to bypass the same-origin policy. (CVE-2016-1711)

  • Google Chrome contains a use-after-free error in the previousLinePosition() function in core/editing/VisibleUnits.cpp. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-5127)

  • Google V8 contains an unspecified flaw which may allow a context-dependent attacker to bypass the same-origin policy. No further details have been provided by the vendor. (CVE-2016-5128)

  • Google V8 contains a flaw that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and cause a denial of service in a process linked against the library or potentially execute arbitrary code. (CVE-2016-5129)

  • Google Chrome contains a flaw in the HistoryController::UpdateForCommit() function in content/renderer/history_controller.cc. The issue is triggered when handling two forward navigations that compete in different frames. This may allow a context-dependent attacker to perform URL spoofing attacks. (CVE-2016-5130)

  • Libxml2 contains a use-after-free error in the xmlXPtrRangeToFunction() function in xpointer.c. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-5131)

  • Google Chrome contains a flaw related to Service Workers that is triggered when handling subframes of an insecure context. This may allow a context-dependent attacker to perform a limited bypass of the same-origin policy. (CVE-2016-5132)

  • Google Chrome contains a flaw related to proxy authentication that is triggere when handling origins. This may allow a context-dependent attacker to spoof the proxy server origin. (CVE-2016-5133)

  • Google Chrome contains a flaw that is triggered as https:// URLs are not properly sanitized before being sent to PAC scripts. This may allow a context-dependent attacker to leak URLs. (CVE-2016-5134)

  • Google Chrome contains a flaw in html/parser/HTMLPreloadScanner.cpp related to the handling of referrer policies. This may allow a context-dependent attacker to bypass the content security policy (CSP). (CVE-2016-5135)

  • Google Chrome contains a use-after-free error in extensions/renderer/user_script_injector.cc that is triggered when handling UserScript pointers. This may allow a malicious extension to dereference already freed memory and potentially execute arbitrary code with elevated privileges. (CVE-2016-5136)

  • Google Chrome contains a flaw in the CSPSource::portMatches() function in frame/csp/CSPSource.cpp related to HSTS and CSP when handling HTTP vs HTTPS ports in source expressions. This may allow a context-dependent attacker to disclose browsing history information. (CVE-2016-5137)

  • Google Chrome contains a flaw in the LayoutBox::removeFloatingOrPositionedChildFromBlockLists() function in core/layout/LayoutBox.cpp that is triggered when handling LayoutView floats. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-1705)

  • Google Chrome contains a flaw in the Resource::canUseCacheValidator() function in core/fetch/Resource.cpp that is triggered when revalidating Resource with redirects. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)

  • Google Chrome contains a flaw in the Resource::willFollowRedirect() function in core/fetch/Resource.cpp that is triggered when handling redirect responses while revalidating resources. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)

  • Google Chrome contains a flaw in net/url_request/sdch_dictionary_fetcher.cc that is triggered when handling dictionary requests failing after receiving data. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)

  • Google Chrome contains a flaw in the ShapeResultSpacing::computeSpacing() function in platform/fonts/shaping/ShapeResultSpacing.cpp that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-1705)

  • Google Chrome contains a flaw in the Channel::Message::Deserialize() function in mojo/edk/system/channel.cc that is triggered when handling header sizes in channel messages. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-1705)

  • Google Chrome contains an unspecified flaw in Font::individualCharacterRanges() function in platform/fonts/Font.cpp, which may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)

  • Google WebRTC contains an out-of-bounds read flaw in the WebRtcIsacfix_PitchFilter() and WebRtcIsacfix_PitchFilterGains() functions in modules/audio_coding/codecs/isac/fix/source/pitch_filter.c that may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-1705)

  • Google Chrome contains a flaw in org/chromium/chrome/browser/toolbar/CustomTabToolbarAnimationDelegate.java that is due to the program failing to properly load security icons on custom HTTP connection tabs. This may allow a context-dependent attacker to spoof valid icons. (CVE-2016-1705)

  • Google Skia contains an integer overflow condition in the SkLinearGradient::LinearGradientContext::shade4_dx_clamp() function in effects/gradients/SkLinearGradient.cpp . The issue is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)

  • libvpx contains an invalid read flaw in the setup_frame_size_with_refs() function in vp9/decoder/vp9_decodeframe.c that may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.

  • Google Chrome contains an unspecified flaw in extensions that is triggered during the handling of NativeMessaging IDs. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)

  • Google Chrome contains an out-of-bounds read flaw in the HTMLMenuItemElement::defaultEventHandler() function in core/html/HTMLMenuItemElement.cpp that may allow a context-dependent attacker to potentially disclose memory contents. (CVE-2016-1705)

  • Google Chrome contains an unspecified flaw in the GURL::ReplaceComponents() function in url/gurl.cc that is triggered during inner URL creation. This may allow a context-dependent attacker to have an unspecified impact. No further details have been provided. (CVE-2016-1705)

  • Google V8 contains an unspecified flaw that may allow a context-dependent attacker to have an unspecified impact. No further details have been provided by the vendor. (CVE-2016-1705)

Binary data 802027.prm

References

Related

redhat 2
threatpost 1
suse 4
kaspersky 1
openvas 24
archlinux 3
nessus 31
chrome 1
freebsd 1
osv 3
ubuntu 2
debian 5
mageia 2
redhatcve 17
ubuntucve 18
debiancve 18
seebug 2
prion 18
cve 18
alpinelinux 2
veracode 2
cert 1
ibm 8
gentoo 1
rubygems 1
cloudfoundry 1
fedora 4
centos 1
amazon 2
oraclelinux 1
f5 1
altlinux 3
redhat
redhat
(RHSA-2016:1485) Important: chromium-browser security update
2016-07-26 05:05:36
(RHSA-2020:1190) Moderate: libxml2 security update
2020-03-31 09:30:25
threatpost
threatpost
Google Fixes 48 Bugs, Sandbox Escape, in Chrome
2016-07-21 17:04:50
suse
suse
Security update for Chromium (important)
2016-07-25 15:10:08
Security update for Chromium (important)
2016-07-25 15:08:48
Security update for Chromium (important)
2016-07-31 21:08:18
kaspersky
kaspersky
KLA10846 Multiple vulnerabilities in Google Chrome
2016-07-20 00:00:00
openvas
openvas
openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:1869-1)
2016-08-02 00:00:00
Google Chrome Security Updates (stable-channel-update-2016-07) - Linux
2016-07-22 00:00:00
Google Chrome Security Updates (stable-channel-update-2016-07) - Mac OS X
2016-07-22 00:00:00
archlinux
archlinux
chromium: multiple issues
2016-07-24 00:00:00
[ASA-201611-2] libxml2: arbitrary code execution
2016-11-01 00:00:00
[ASA-201612-18] qt5-webengine: multiple issues
2016-12-17 00:00:00
nessus
nessus
FreeBSD : chromium -- multiple vulnerabilities (6fae9fe1-5048-11e6-8aa7-3065ec8fd3ec)
2016-07-25 00:00:00
Google Chrome < 52.0.2743.82 Multiple Vulnerabilities
2016-07-29 00:00:00
openSUSE Security Update : Chromium (openSUSE-2016-900)
2016-07-26 00:00:00
chrome
chrome
Stable Channel Update
2016-07-20 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2016-07-20 00:00:00
osv
osv
chromium-browser - security update
2016-07-31 00:00:00
CVE-2016-5129
2016-07-23 19:59:00
libxml2 - security update
2016-10-31 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2016-08-05 00:00:00
libxml2 vulnerabilities
2017-03-16 00:00:00
debian
debian
[SECURITY] [DSA 3637-1] chromium-browser security update
2016-07-31 21:08:37
[SECURITY] [DSA 3637-1] chromium-browser security update
2016-07-31 21:08:37
[SECURITY] [DSA 3744-1] libxml2 security update
2016-12-23 18:31:42
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2016-08-03 13:57:01
Updated libxml2 & perl-XML-LibXML packages fix security vulnerabilities
2018-01-03 18:50:51
redhatcve
redhatcve
CVE-2016-5136
2016-07-21 08:19:31
CVE-2016-1706
2016-07-21 08:19:52
CVE-2016-5128
2016-07-21 08:18:30
ubuntucve
ubuntucve
CVE-2016-5136
2016-07-23 00:00:00
CVE-2016-5128
2016-07-23 00:00:00
CVE-2016-1707
2016-07-23 00:00:00
debiancve
debiancve
CVE-2016-5136
2016-07-23 19:59:00
CVE-2016-5132
2016-07-23 19:59:00
CVE-2016-1707
2016-07-23 19:59:00
seebug
seebug
Chrome Address Bar URL Spoofing on IOS
2016-10-11 00:00:00
Chrome Universal XSS via same document navigations (CVE-2016-1711)
2017-04-21 00:00:00
prion
prion
Design/Logic Flaw
2016-07-23 19:59:00
Code injection
2016-07-23 19:59:00
Information disclosure
2016-07-23 19:59:00
cve
cve
CVE-2016-5136
2016-07-23 19:59:00
CVE-2016-5132
2016-07-23 19:59:00
CVE-2016-5128
2016-07-23 19:59:00
alpinelinux
alpinelinux
CVE-2016-5129
2016-07-23 19:59:00
CVE-2016-5131
2016-07-23 19:59:00
veracode
veracode
Use-after Free
2020-04-01 00:39:15
Copy-Paste Vulnerability (CPV) Through Libxml2
2017-03-23 01:10:27
cert
cert
Proxy auto-config (PAC) files have access to full HTTPS URLs
2016-08-04 00:00:00
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to arbitrary code execution and denial of service due to CVE-2017-15412 and CVE-2016-5131
2022-11-07 16:09:57
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in libxml2 (CVE-2017-5130 CVE-2017-15412 CVE-2016-5131)
2023-12-07 22:31:02
Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerabilities in libxml/libxml2
2023-12-07 22:31:02
gentoo
gentoo
Chromium: Multiple vulnerabilities
2016-10-29 00:00:00
rubygems
rubygems
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
2017-03-10 21:00:00
cloudfoundry
cloudfoundry
USN-3235-1: libxml2 vulnerabilities | Cloud Foundry
2017-03-31 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: libxml2-2.9.7-1.fc26
2018-02-14 17:11:02
[SECURITY] Fedora 27 Update: libxml2-2.9.7-1.fc27
2018-01-30 18:12:24
[SECURITY] Fedora 25 Update: libxml2-2.9.4-2.fc25
2017-04-19 09:32:17
centos
centos
libxml2 security update
2020-04-08 18:42:56
amazon
amazon
Important: libxml2
2020-08-10 22:59:00
Important: libxml2
2020-07-21 16:34:00
oraclelinux
oraclelinux
libxml2 security update
2020-04-06 00:00:00
f5
f5
K76678525 : libxml2 vulnerabilities CVE-2015-8035 CVE-2016-5131 CVE-2017-15412 CVE-2017-18258 CVE-2018-14404 CVE-2018-14567
2022-02-15 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package libxml2 version 1:2.9.4.0.12.e905-alt1
2017-03-03 00:00:00
Security fix for the ALT Linux 8 package libxml2 version 1:2.9.4.0.12.e905-alt1
2017-03-07 00:00:00
Security fix for the ALT Linux 9 package libxml2 version 1:2.9.4.0.12.e905-alt1
2017-03-03 00:00:00
JSON
Related for 802027.PRM
redhat2threatpost1suse4kaspersky1openvas24archlinux3nessus31chrome1freebsd1osv3ubuntu2debian5mageia2redhatcve17ubuntucve18debiancve18seebug2prion18cve18alpinelinux2veracode2cert1ibm8gentoo1rubygems1cloudfoundry1fedora4centos1amazon2oraclelinux1f51altlinux3