The remote host is affected by the vulnerability described in GLSA-201610-09 (Chromium: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details.
Impact :
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround :
There is no known workaround at this time.
{"gentoo": [{"lastseen": "2022-01-17T19:06:22", "description": "### Background\n\nChromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. \n\n### Description\n\nMultiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-54.0.2840.59\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-29T00:00:00", "type": "gentoo", "title": "Chromium: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137", "CVE-2016-5138", "CVE-2016-5139", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145", "CVE-2016-5146", "CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167", "CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5177", "CVE-2016-5178", "CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194"], "modified": "2016-10-29T00:00:00", "id": "GLSA-201610-09", "href": "https://security.gentoo.org/glsa/201610-09", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-13T02:56:44", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: chromium-53.0.2785.143-1.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167", "CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5177", "CVE-2016-5178"], "modified": "2016-10-13T02:56:44", "id": "FEDORA:9564E60FAFF7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YPYK6KQMI3FVJGNDPMFT43OJ2UIC35YO/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-10T20:56:09", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: chromium-53.0.2785.101-1.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167"], "modified": "2016-09-10T20:56:09", "id": "FEDORA:0427F60776C9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GN6V44FJWP2TOSLGN4ITM6BUZGYN323J/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-13T18:23:58", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: chromium-53.0.2785.101-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167"], "modified": "2016-09-13T18:23:58", "id": "FEDORA:A3BAB60A587D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FKSQPLVSIIMPUHTNNAFKQYBZM4W7NP7U/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2016-11-19T21:31:03", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: chromium-54.0.2840.90-3.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "modified": "2016-11-19T21:31:03", "id": "FEDORA:0868860567DB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZM32UR4V5IFSGNQBN2DUQGRXXGZREMXQ/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Google's \"pnacl\" toolchain for native client support in Chromium. Depends on their older \"nacl\" toolchain, packaged separately. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2016-11-10T03:32:26", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: chromium-native_client-54.0.2840.59-1.20161013git090f907.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "modified": "2016-11-10T03:32:26", "id": "FEDORA:68F5B6074A4D", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2016-11-19T07:26:33", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: chromium-54.0.2840.90-3.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "modified": "2016-11-19T07:26:33", "id": "FEDORA:52D616079706", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7HASNN4PFSKUPILQR2OWWTPTFDPDSSX6/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2016-11-10T03:32:25", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: chromium-54.0.2840.90-3.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "modified": "2016-11-10T03:32:25", "id": "FEDORA:C0FA66075F19", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4RCWGAC7N3ZZKVVHENSTB63UGJVPFY3H/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Google's \"pnacl\" toolchain for native client support in Chromium. Depends on their older \"nacl\" toolchain, packaged separately. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2016-11-19T21:31:03", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: chromium-native_client-54.0.2840.59-1.20161013git090f907.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "modified": "2016-11-19T21:31:03", "id": "FEDORA:187F860567E5", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-08-12T19:41:52", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: chromium-52.0.2743.116-1.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5139", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145"], "modified": "2016-08-12T19:41:52", "id": "FEDORA:E587460A98E0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4KMX62M7UNRLWO4FEQ6YIMPMTKXXJV6A/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-22T07:45:57", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: chromium-53.0.2785.113-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175"], "modified": "2016-09-22T07:45:57", "id": "FEDORA:4E5BD60153FB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HDU4UH7URJKGOXWZD6PVKEVSSI4SSPQJ/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-16T23:22:07", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: chromium-53.0.2785.113-1.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175"], "modified": "2016-09-16T23:22:07", "id": "FEDORA:33F6A6062C72", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6LOPNOLUNTHMVCHW6LK3Y7PXMGNGE42B/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-09T03:03:04", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: chromium-53.0.2785.143-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5177", "CVE-2016-5178"], "modified": "2016-10-09T03:03:04", "id": "FEDORA:994C3603EB46", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UNUTOWCXLWVXOTGQUS53DSRVTO3J226Z/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:39:52", "description": "Security fix for CVE-2016-5177, CVE-2016-5178\n\nhttps://googlechromereleases.blogspot.com/2016/09/stable-channel-updat e-for-desktop_29.html\n\n----\n\nUpdate to 53.0.2785.116.\n\nhttps://chromium.googlesource.com/chromium/src/+log/53.0.2785.113..53.\n0.2785.116?pretty=fuller&n=10000\n\n----\n\nUpdate to 53.0.2785.113\n\nSecurity fix for CVE-2016-5170, CVE-2016-5171, CVE-2016-5172, CVE-2016-5173, CVE-2016-5174, CVE-2016-5175\n\n----\n\nStable update to 53.0.2785.101.\n\nSecurity fix for CVE-2016-5147, CVE-2016-5148, CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153, CVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157, CVE-2016-5158, CVE-2016-5159, CVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166, CVE-2016-5160, CVE-2016-5167\n\nAlso applies fix for chrome-remote-desktop where HOME env variable was not properly set via systemd service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-13T00:00:00", "type": "nessus", "title": "Fedora 23 : chromium (2016-2e50862950)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167", "CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5177", "CVE-2016-5178"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-2E50862950.NASL", "href": "https://www.tenable.com/plugins/nessus/94024", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-2e50862950.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94024);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\", \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\", \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\", \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5167\", \"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\", \"CVE-2016-5177\", \"CVE-2016-5178\");\n script_xref(name:\"FEDORA\", value:\"2016-2e50862950\");\n\n script_name(english:\"Fedora 23 : chromium (2016-2e50862950)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5177, CVE-2016-5178\n\nhttps://googlechromereleases.blogspot.com/2016/09/stable-channel-updat\ne-for-desktop_29.html\n\n----\n\nUpdate to 53.0.2785.116.\n\nhttps://chromium.googlesource.com/chromium/src/+log/53.0.2785.113..53.\n0.2785.116?pretty=fuller&n=10000\n\n----\n\nUpdate to 53.0.2785.113\n\nSecurity fix for CVE-2016-5170, CVE-2016-5171, CVE-2016-5172,\nCVE-2016-5173, CVE-2016-5174, CVE-2016-5175\n\n----\n\nStable update to 53.0.2785.101.\n\nSecurity fix for CVE-2016-5147, CVE-2016-5148, CVE-2016-5149,\nCVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153,\nCVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157,\nCVE-2016-5158, CVE-2016-5159, CVE-2016-5161, CVE-2016-5162,\nCVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166,\nCVE-2016-5160, CVE-2016-5167\n\nAlso applies fix for chrome-remote-desktop where HOME env variable was\nnot properly set via systemd service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e50862950\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"chromium-53.0.2785.143-1.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:18", "description": "Stable update to 53.0.2785.101.\n\nSecurity fix for CVE-2016-5147, CVE-2016-5148, CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153, CVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157, CVE-2016-5158, CVE-2016-5159, CVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166, CVE-2016-5160, CVE-2016-5167\n\nAlso applies fix for chrome-remote-desktop where HOME env variable was not properly set via systemd service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-15T00:00:00", "type": "nessus", "title": "Fedora 25 : chromium (2016-eec838a3a0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-EEC838A3A0.NASL", "href": "https://www.tenable.com/plugins/nessus/94877", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-eec838a3a0.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94877);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\", \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\", \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\", \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5167\");\n script_xref(name:\"FEDORA\", value:\"2016-eec838a3a0\");\n\n script_name(english:\"Fedora 25 : chromium (2016-eec838a3a0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stable update to 53.0.2785.101.\n\nSecurity fix for CVE-2016-5147, CVE-2016-5148, CVE-2016-5149,\nCVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153,\nCVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157,\nCVE-2016-5158, CVE-2016-5159, CVE-2016-5161, CVE-2016-5162,\nCVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166,\nCVE-2016-5160, CVE-2016-5167\n\nAlso applies fix for chrome-remote-desktop where HOME env variable was\nnot properly set via systemd service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-eec838a3a0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"chromium-53.0.2785.101-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T16:05:00", "description": "The version of Google Chrome installed on the remote Windows host is prior to 53.0.2785.89. It is, therefore, affected by multiple vulnerabilities :\n\n - Universal XSS in Blink. Credit to anonymous\n\n - Universal XSS in Blink. Credit to anonymous\n\n - Script injection in extensions. Credit to Max Justicz (http\n\n - Use after free in Blink. Credit to anonymous\n\n - Use after free in PDFium. Credit to anonymous\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Use after destruction in Blink. Credit to Atte Kettunen of OUSPG\n\n - Heap overflow in PDFium. Credit to anonymous\n\n - Address bar spoofing. Credit to anonymous\n\n - Use after free in event bindings. Credit to jinmo123\n\n - Heap overflow in PDFium. Credit to anonymous\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Type confusion in Blink. Credit to 62600BCA031B9EB5CB4A74ADDDD6771E working with Trend Micro's Zero Day Initiative\n\n - Extensions web accessible resources bypass. Credit to Nicolas Golubovic\n\n - Address bar spoofing. Credit to Rafay Baloch PTCL Etisalat (http\n\n - Universal XSS using DevTools. Credit to anonymous\n\n - Script injection in DevTools. Credit to Gregory Panakkal\n\n - SMB Relay Attack via Save Page As. Credit to Gregory Panakkal\n\n - Extensions web accessible resources bypass. Credit to @l33terally, FogMarks.com (@FogMarks)\n\n - Various fixes from internal audits, fuzzing and other initiatives.\n\nNote that Nessus has not tested for these issues but has instead relied only on the applications self-reported version number.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Chrome security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-02T00:00:00", "type": "nessus", "title": "Google Chrome < 53.0.2785.89 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_53_0_2785_89.NASL", "href": "https://www.tenable.com/plugins/nessus/93315", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93315);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2016-5147\",\n \"CVE-2016-5148\",\n \"CVE-2016-5149\",\n \"CVE-2016-5150\",\n \"CVE-2016-5151\",\n \"CVE-2016-5152\",\n \"CVE-2016-5153\",\n \"CVE-2016-5154\",\n \"CVE-2016-5155\",\n \"CVE-2016-5156\",\n \"CVE-2016-5157\",\n \"CVE-2016-5158\",\n \"CVE-2016-5159\",\n \"CVE-2016-5160\",\n \"CVE-2016-5161\",\n \"CVE-2016-5162\",\n \"CVE-2016-5163\",\n \"CVE-2016-5164\",\n \"CVE-2016-5165\",\n \"CVE-2016-5166\",\n \"CVE-2016-5167\"\n );\n\n script_name(english:\"Google Chrome < 53.0.2785.89 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 53.0.2785.89. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Universal XSS in Blink. Credit to anonymous\n\n - Universal XSS in Blink. Credit to anonymous\n\n - Script injection in extensions. Credit to Max Justicz\n (http\n\n - Use after free in Blink. Credit to anonymous\n\n - Use after free in PDFium. Credit to anonymous\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Use after destruction in Blink. Credit to Atte Kettunen\n of OUSPG\n\n - Heap overflow in PDFium. Credit to anonymous\n\n - Address bar spoofing. Credit to anonymous\n\n - Use after free in event bindings. Credit to jinmo123\n\n - Heap overflow in PDFium. Credit to anonymous\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Type confusion in Blink. Credit to\n 62600BCA031B9EB5CB4A74ADDDD6771E working with Trend\n Micro's Zero Day Initiative\n\n - Extensions web accessible resources bypass. Credit to\n Nicolas Golubovic\n\n - Address bar spoofing. Credit to Rafay Baloch PTCL\n Etisalat (http\n\n - Universal XSS using DevTools. Credit to anonymous\n\n - Script injection in DevTools. Credit to Gregory\n Panakkal\n\n - SMB Relay Attack via Save Page As. Credit to Gregory\n Panakkal\n\n - Extensions web accessible resources bypass. Credit to\n @l33terally, FogMarks.com (@FogMarks)\n\n - Various fixes from internal audits, fuzzing and other\n initiatives.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the applications self-reported version number.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Chrome security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f6e7512a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version to 53.0.2785.89 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5167\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'53.0.2785.89', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:25", "description": "Google Chrome Releases reports :\n\n33 security fixes in this release\n\nPlease reference CVE/URL list for details", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-15T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (769ba449-79e1-11e6-bf75-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "p-cpe:/a:freebsd:freebsd:chromium-npapi", "p-cpe:/a:freebsd:freebsd:chromium-pulse", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_769BA44979E111E6BF753065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/93495", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93495);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\", \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\", \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\", \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5167\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (769ba449-79e1-11e6-bf75-3065ec8fd3ec)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n33 security fixes in this release\n\nPlease reference CVE/URL list for details\"\n );\n # https://googlechromereleases.blogspot.nl/2016/08/stable-channel-update-for-desktop_31.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c5d87a48\"\n );\n # https://vuxml.freebsd.org/freebsd/769ba449-79e1-11e6-bf75-3065ec8fd3ec.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?540d9cb5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-npapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<53.0.2785.92\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-npapi<53.0.2785.92\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-pulse<53.0.2785.92\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:31", "description": "The version of Google Chrome installed on the remote Mac OS X host is prior to 53.0.2785.89. It is, therefore, affected by multiple vulnerabilities :\n\n - Universal XSS in Blink. Credit to anonymous\n\n - Universal XSS in Blink. Credit to anonymous\n\n - Script injection in extensions. Credit to Max Justicz (http\n\n - Use after free in Blink. Credit to anonymous\n\n - Use after free in PDFium. Credit to anonymous\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Use after destruction in Blink. Credit to Atte Kettunen of OUSPG\n\n - Heap overflow in PDFium. Credit to anonymous\n\n - Address bar spoofing. Credit to anonymous\n\n - Use after free in event bindings. Credit to jinmo123\n\n - Heap overflow in PDFium. Credit to anonymous\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Type confusion in Blink. Credit to 62600BCA031B9EB5CB4A74ADDDD6771E working with Trend Micro's Zero Day Initiative\n\n - Extensions web accessible resources bypass. Credit to Nicolas Golubovic\n\n - Address bar spoofing. Credit to Rafay Baloch PTCL Etisalat (http\n\n - Universal XSS using DevTools. Credit to anonymous\n\n - Script injection in DevTools. Credit to Gregory Panakkal\n\n - SMB Relay Attack via Save Page As. Credit to Gregory Panakkal\n\n - Extensions web accessible resources bypass. Credit to @l33terally, FogMarks.com (@FogMarks)\n\n - Various fixes from internal audits, fuzzing and other initiatives.\n\nNote that Nessus has not tested for these issues but has instead relied only on the applications self-reported version number.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Chrome security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-02T00:00:00", "type": "nessus", "title": "Google Chrome < 53.0.2785.89 Multiple Vulnerabilities (Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167"], "modified": "2019-11-14T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_53_0_2785_89.NASL", "href": "https://www.tenable.com/plugins/nessus/93316", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93316);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\n \"CVE-2016-5147\",\n \"CVE-2016-5148\",\n \"CVE-2016-5149\",\n \"CVE-2016-5150\",\n \"CVE-2016-5151\",\n \"CVE-2016-5152\",\n \"CVE-2016-5153\",\n \"CVE-2016-5154\",\n \"CVE-2016-5155\",\n \"CVE-2016-5156\",\n \"CVE-2016-5157\",\n \"CVE-2016-5158\",\n \"CVE-2016-5159\",\n \"CVE-2016-5160\",\n \"CVE-2016-5161\",\n \"CVE-2016-5162\",\n \"CVE-2016-5163\",\n \"CVE-2016-5164\",\n \"CVE-2016-5165\",\n \"CVE-2016-5166\",\n \"CVE-2016-5167\"\n );\n\n script_name(english:\"Google Chrome < 53.0.2785.89 Multiple Vulnerabilities (Mac OS X\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Mac OS X host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is\nprior to 53.0.2785.89. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Universal XSS in Blink. Credit to anonymous\n\n - Universal XSS in Blink. Credit to anonymous\n\n - Script injection in extensions. Credit to Max Justicz\n (http\n\n - Use after free in Blink. Credit to anonymous\n\n - Use after free in PDFium. Credit to anonymous\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Use after destruction in Blink. Credit to Atte Kettunen\n of OUSPG\n\n - Heap overflow in PDFium. Credit to anonymous\n\n - Address bar spoofing. Credit to anonymous\n\n - Use after free in event bindings. Credit to jinmo123\n\n - Heap overflow in PDFium. Credit to anonymous\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Heap overflow in PDFium. Credit to GiWan Go of Stealien\n\n - Type confusion in Blink. Credit to\n 62600BCA031B9EB5CB4A74ADDDD6771E working with Trend\n Micro's Zero Day Initiative\n\n - Extensions web accessible resources bypass. Credit to\n Nicolas Golubovic\n\n - Address bar spoofing. Credit to Rafay Baloch PTCL\n Etisalat (http\n\n - Universal XSS using DevTools. Credit to anonymous\n\n - Script injection in DevTools. Credit to Gregory\n Panakkal\n\n - SMB Relay Attack via Save Page As. Credit to Gregory\n Panakkal\n\n - Extensions web accessible resources bypass. Credit to\n @l33terally, FogMarks.com (@FogMarks)\n\n - Various fixes from internal audits, fuzzing and other\n initiatives.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the applications self-reported version number.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Chrome security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f6e7512a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version to 53.0.2785.89 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5167\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'53.0.2785.89', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:34", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\n - CVE-2016-5147 A cross-site scripting issue was discovered.\n\n - CVE-2016-5148 Another cross-site scripting issue was discovered.\n\n - CVE-2016-5149 Max Justicz discovered a script injection issue in extension handling.\n\n - CVE-2016-5150 A use-after-free issue was discovered in Blink/Webkit.\n\n - CVE-2016-5151 A use-after-free issue was discovered in the pdfium library.\n\n - CVE-2016-5152 GiWan Go discovered a heap overflow issue in the pdfium library.\n\n - CVE-2016-5153 Atte Kettunen discovered a use-after-destruction issue.\n\n - CVE-2016-5154 A heap overflow issue was discovered in the pdfium library.\n\n - CVE-2016-5155 An address bar spoofing issue was discovered.\n\n - CVE-2016-5156 jinmo123 discovered a use-after-free issue.\n\n - CVE-2016-5157 A heap overflow issue was discovered in the pdfium library.\n\n - CVE-2016-5158 GiWan Go discovered a heap overflow issue in the pdfium library.\n\n - CVE-2016-5159 GiWan Go discovered another heap overflow issue in the pdfium library.\n\n - CVE-2016-5160 @l33terally discovered an extensions resource bypass.\n\n - CVE-2016-5161 A type confusion issue was discovered.\n\n - CVE-2016-5162 Nicolas Golubovic discovered an extensions resource bypass.\n\n - CVE-2016-5163 Rafay Baloch discovered an address bar spoofing issue.\n\n - CVE-2016-5164 A cross-site scripting issue was discovered in the developer tools.\n\n - CVE-2016-5165 Gregory Panakkal discovered a script injection issue in the developer tools.\n\n - CVE-2016-5166 Gregory Panakkal discovered an issue with the Save Page As feature.\n\n - CVE-2016-5167 The chrome development team found and fixed various issues during internal auditing.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-06T00:00:00", "type": "nessus", "title": "Debian DSA-3660-1 : chromium-browser - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3660.NASL", "href": "https://www.tenable.com/plugins/nessus/93325", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3660. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93325);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\", \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\", \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\", \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5167\");\n script_xref(name:\"DSA\", value:\"3660\");\n\n script_name(english:\"Debian DSA-3660-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2016-5147\n A cross-site scripting issue was discovered.\n\n - CVE-2016-5148\n Another cross-site scripting issue was discovered.\n\n - CVE-2016-5149\n Max Justicz discovered a script injection issue in\n extension handling.\n\n - CVE-2016-5150\n A use-after-free issue was discovered in Blink/Webkit.\n\n - CVE-2016-5151\n A use-after-free issue was discovered in the pdfium\n library.\n\n - CVE-2016-5152\n GiWan Go discovered a heap overflow issue in the pdfium\n library.\n\n - CVE-2016-5153\n Atte Kettunen discovered a use-after-destruction issue.\n\n - CVE-2016-5154\n A heap overflow issue was discovered in the pdfium\n library.\n\n - CVE-2016-5155\n An address bar spoofing issue was discovered.\n\n - CVE-2016-5156\n jinmo123 discovered a use-after-free issue.\n\n - CVE-2016-5157\n A heap overflow issue was discovered in the pdfium\n library.\n\n - CVE-2016-5158\n GiWan Go discovered a heap overflow issue in the pdfium\n library.\n\n - CVE-2016-5159\n GiWan Go discovered another heap overflow issue in the\n pdfium library.\n\n - CVE-2016-5160\n @l33terally discovered an extensions resource bypass.\n\n - CVE-2016-5161\n A type confusion issue was discovered.\n\n - CVE-2016-5162\n Nicolas Golubovic discovered an extensions resource\n bypass.\n\n - CVE-2016-5163\n Rafay Baloch discovered an address bar spoofing issue.\n\n - CVE-2016-5164\n A cross-site scripting issue was discovered in the\n developer tools.\n\n - CVE-2016-5165\n Gregory Panakkal discovered a script injection issue in\n the developer tools.\n\n - CVE-2016-5166\n Gregory Panakkal discovered an issue with the Save Page\n As feature.\n\n - CVE-2016-5167\n The chrome development team found and fixed various\n issues during internal auditing.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5148\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5149\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5156\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5164\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5167\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3660\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 53.0.2785.89-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"chromedriver\", reference:\"53.0.2785.89-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium\", reference:\"53.0.2785.89-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-dbg\", reference:\"53.0.2785.89-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-inspector\", reference:\"53.0.2785.89-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-l10n\", reference:\"53.0.2785.89-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:17", "description": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 53.0.2785.89.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5147, CVE-2016-5148, CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153, CVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157, CVE-2016-5158, CVE-2016-5159, CVE-2016-5167, CVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166, CVE-2016-5160)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-13T00:00:00", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2016:1854)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167"], "modified": "2020-05-29T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser", "p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2016-1854.NASL", "href": "https://www.tenable.com/plugins/nessus/93452", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:1854. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93452);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\", \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\", \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\", \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5167\");\n script_xref(name:\"RHSA\", value:\"2016:1854\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2016:1854)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 53.0.2785.89.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web\ncontent. A web page containing malicious content could cause Chromium\nto crash, execute arbitrary code, or disclose sensitive information\nwhen visited by the victim. (CVE-2016-5147, CVE-2016-5148,\nCVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152,\nCVE-2016-5153, CVE-2016-5154, CVE-2016-5155, CVE-2016-5156,\nCVE-2016-5157, CVE-2016-5158, CVE-2016-5159, CVE-2016-5167,\nCVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164,\nCVE-2016-5165, CVE-2016-5166, CVE-2016-5160)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:1854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5148\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5149\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5156\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5164\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5167\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:1854\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-53.0.2785.89-3.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-53.0.2785.89-3.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-53.0.2785.89-3.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-53.0.2785.89-3.el6\", allowmaj:TRUE)) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:19", "description": "Stable update to 53.0.2785.101.\n\nSecurity fix for CVE-2016-5147, CVE-2016-5148, CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153, CVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157, CVE-2016-5158, CVE-2016-5159, CVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166, CVE-2016-5160, CVE-2016-5167\n\nAlso applies fix for chrome-remote-desktop where HOME env variable was not properly set via systemd service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-12T00:00:00", "type": "nessus", "title": "Fedora 24 : chromium (2016-bf8c64a060)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-BF8C64A060.NASL", "href": "https://www.tenable.com/plugins/nessus/93426", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-bf8c64a060.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93426);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\", \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\", \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\", \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5167\");\n script_xref(name:\"FEDORA\", value:\"2016-bf8c64a060\");\n\n script_name(english:\"Fedora 24 : chromium (2016-bf8c64a060)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stable update to 53.0.2785.101.\n\nSecurity fix for CVE-2016-5147, CVE-2016-5148, CVE-2016-5149,\nCVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153,\nCVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157,\nCVE-2016-5158, CVE-2016-5159, CVE-2016-5161, CVE-2016-5162,\nCVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166,\nCVE-2016-5160, CVE-2016-5167\n\nAlso applies fix for chrome-remote-desktop where HOME env variable was\nnot properly set via systemd service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf8c64a060\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"chromium-53.0.2785.101-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:18", "description": "Chromium was updated to 53.0.2785.89 to fix a number of security issues.\n\nThe following vulnerabilities were fixed: (boo#996648)\n\n - CVE-2016-5147: Universal XSS in Blink.\n\n - CVE-2016-5148: Universal XSS in Blink.\n\n - CVE-2016-5149: Script injection in extensions.\n\n - CVE-2016-5150: Use after free in Blink.\n\n - CVE-2016-5151: Use after free in PDFium.\n\n - CVE-2016-5152: Heap overflow in PDFium.\n\n - CVE-2016-5153: Use after destruction in Blink.\n\n - CVE-2016-5154: Heap overflow in PDFium.\n\n - CVE-2016-5155: Address bar spoofing.\n\n - CVE-2016-5156: Use after free in event bindings.\n\n - CVE-2016-5157: Heap overflow in PDFium.\n\n - CVE-2016-5158: Heap overflow in PDFium.\n\n - CVE-2016-5159: Heap overflow in PDFium.\n\n - CVE-2016-5161: Type confusion in Blink.\n\n - CVE-2016-5162: Extensions web accessible resources bypass.\n\n - CVE-2016-5163: Address bar spoofing.\n\n - CVE-2016-5164: Universal XSS using DevTools.\n\n - CVE-2016-5165: Script injection in DevTools.\n\n - CVE-2016-5166: SMB Relay Attack via Save Page As.\n\n - CVE-2016-5160: Extensions web accessible resources bypass.\n\nA number of tracked build system fixes are included. (boo#996032, boo#99606, boo#995932)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2016-2250)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-2250.NASL", "href": "https://www.tenable.com/plugins/nessus/93394", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-2250.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93394);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\", \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\", \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\", \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2016-2250)\");\n script_summary(english:\"Check for the openSUSE-2016-2250 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 53.0.2785.89 to fix a number of security\nissues.\n\nThe following vulnerabilities were fixed: (boo#996648)\n\n - CVE-2016-5147: Universal XSS in Blink.\n\n - CVE-2016-5148: Universal XSS in Blink.\n\n - CVE-2016-5149: Script injection in extensions.\n\n - CVE-2016-5150: Use after free in Blink.\n\n - CVE-2016-5151: Use after free in PDFium.\n\n - CVE-2016-5152: Heap overflow in PDFium.\n\n - CVE-2016-5153: Use after destruction in Blink.\n\n - CVE-2016-5154: Heap overflow in PDFium.\n\n - CVE-2016-5155: Address bar spoofing.\n\n - CVE-2016-5156: Use after free in event bindings.\n\n - CVE-2016-5157: Heap overflow in PDFium.\n\n - CVE-2016-5158: Heap overflow in PDFium.\n\n - CVE-2016-5159: Heap overflow in PDFium.\n\n - CVE-2016-5161: Type confusion in Blink.\n\n - CVE-2016-5162: Extensions web accessible resources\n bypass.\n\n - CVE-2016-5163: Address bar spoofing.\n\n - CVE-2016-5164: Universal XSS using DevTools.\n\n - CVE-2016-5165: Script injection in DevTools.\n\n - CVE-2016-5166: SMB Relay Attack via Save Page As.\n\n - CVE-2016-5160: Extensions web accessible resources\n bypass.\n\nA number of tracked build system fixes are included. (boo#996032,\nboo#99606, boo#995932)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=995932\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=996032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=99606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=996648\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromedriver-53.0.2785.89-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromedriver-debuginfo-53.0.2785.89-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-53.0.2785.89-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-debuginfo-53.0.2785.89-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-desktop-gnome-53.0.2785.89-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-desktop-kde-53.0.2785.89-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-ffmpegsumo-53.0.2785.89-68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-ffmpegsumo-debuginfo-53.0.2785.89-68.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:31", "description": "Chromium was updated to 53.0.2785.101 to fix a number of security issues and bugs.\n\nThe following vulnerabilities were fixed: (boo#996648)\n\n - CVE-2016-5147: Universal XSS in Blink.\n\n - CVE-2016-5148: Universal XSS in Blink.\n\n - CVE-2016-5149: Script injection in extensions.\n\n - CVE-2016-5150: Use after free in Blink.\n\n - CVE-2016-5151: Use after free in PDFium.\n\n - CVE-2016-5152: Heap overflow in PDFium.\n\n - CVE-2016-5153: Use after destruction in Blink.\n\n - CVE-2016-5154: Heap overflow in PDFium.\n\n - CVE-2016-5155: Address bar spoofing.\n\n - CVE-2016-5156: Use after free in event bindings.\n\n - CVE-2016-5157: Heap overflow in PDFium.\n\n - CVE-2016-5158: Heap overflow in PDFium.\n\n - CVE-2016-5159: Heap overflow in PDFium.\n\n - CVE-2016-5161: Type confusion in Blink.\n\n - CVE-2016-5162: Extensions web accessible resources bypass.\n\n - CVE-2016-5163: Address bar spoofing.\n\n - CVE-2016-5164: Universal XSS using DevTools.\n\n - CVE-2016-5165: Script injection in DevTools.\n\n - CVE-2016-5166: SMB Relay Attack via Save Page As.\n\n - CVE-2016-5160: Extensions web accessible resources bypass. The following upstream fixes are included :\n\n - SPDY crasher fixes\n\n - Disable NV12 DXGI video on AMD\n\n - Forward --password-store switch to os_crypt\n\n - Tell the kernel to discard USB requests when they time out.\n\n - disallow WKBackForwardListItem navigations for pushState pages\n\n - arc: bluetooth: Fix advertised uuid\n\n - fix conflicting PendingIntent for stop button and swipe away\n\nA number of tracked build system fixes are included. (boo#996032, boo#99606, boo#995932)\n\nThe following tracked regression fix is included: - Re-enable widevine plugin (boo#998328)\n\nrpmlint and rpmlint-mini were updated to work around a memory exhaustion problem with this package on 32 bit (boo#969732).", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2016-1080)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5157", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "p-cpe:/a:novell:opensuse:rpmlint", "p-cpe:/a:novell:opensuse:rpmlint-mini", "p-cpe:/a:novell:opensuse:rpmlint-mini-debuginfo", "p-cpe:/a:novell:opensuse:rpmlint-mini-debugsource", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-1080.NASL", "href": "https://www.tenable.com/plugins/nessus/93499", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1080.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93499);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\", \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\", \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\", \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2016-1080)\");\n script_summary(english:\"Check for the openSUSE-2016-1080 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 53.0.2785.101 to fix a number of security\nissues and bugs.\n\nThe following vulnerabilities were fixed: (boo#996648)\n\n - CVE-2016-5147: Universal XSS in Blink.\n\n - CVE-2016-5148: Universal XSS in Blink.\n\n - CVE-2016-5149: Script injection in extensions.\n\n - CVE-2016-5150: Use after free in Blink.\n\n - CVE-2016-5151: Use after free in PDFium.\n\n - CVE-2016-5152: Heap overflow in PDFium.\n\n - CVE-2016-5153: Use after destruction in Blink.\n\n - CVE-2016-5154: Heap overflow in PDFium.\n\n - CVE-2016-5155: Address bar spoofing.\n\n - CVE-2016-5156: Use after free in event bindings.\n\n - CVE-2016-5157: Heap overflow in PDFium.\n\n - CVE-2016-5158: Heap overflow in PDFium.\n\n - CVE-2016-5159: Heap overflow in PDFium.\n\n - CVE-2016-5161: Type confusion in Blink.\n\n - CVE-2016-5162: Extensions web accessible resources\n bypass.\n\n - CVE-2016-5163: Address bar spoofing.\n\n - CVE-2016-5164: Universal XSS using DevTools.\n\n - CVE-2016-5165: Script injection in DevTools.\n\n - CVE-2016-5166: SMB Relay Attack via Save Page As.\n\n - CVE-2016-5160: Extensions web accessible resources\n bypass. The following upstream fixes are included :\n\n - SPDY crasher fixes\n\n - Disable NV12 DXGI video on AMD\n\n - Forward --password-store switch to os_crypt\n\n - Tell the kernel to discard USB requests when they time\n out.\n\n - disallow WKBackForwardListItem navigations for pushState\n pages\n\n - arc: bluetooth: Fix advertised uuid\n\n - fix conflicting PendingIntent for stop button and swipe\n away\n\nA number of tracked build system fixes are included. (boo#996032,\nboo#99606, boo#995932)\n\nThe following tracked regression fix is included: - Re-enable widevine\nplugin (boo#998328)\n\nrpmlint and rpmlint-mini were updated to work around a memory\nexhaustion problem with this package on 32 bit (boo#969732).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=995932\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=996032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=99606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=996648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=998328\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpmlint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpmlint-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpmlint-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpmlint-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-53.0.2785.101-120.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-debuginfo-53.0.2785.101-120.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-53.0.2785.101-120.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debuginfo-53.0.2785.101-120.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-gnome-53.0.2785.101-120.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-kde-53.0.2785.101-120.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-53.0.2785.101-120.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-debuginfo-53.0.2785.101-120.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"rpmlint-1.5-39.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"rpmlint-mini-1.5-8.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"rpmlint-mini-debuginfo-1.5-8.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"rpmlint-mini-debugsource-1.5-8.7.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:18", "description": "An issue was discovered in Blink involving the provisional URL for an initially empty document. An attacker could potentially exploit this to spoof the currently displayed URL. (CVE-2016-5141)\n\nA use-after-free was discovered in the WebCrypto implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code.\n(CVE-2016-5142)\n\nIt was discovered that the devtools subsystem in Blink mishandles various parameters. An attacker could exploit this to bypass intended access restrictions. (CVE-2016-5143, CVE-2016-5144)\n\nIt was discovered that Blink does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-5145)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash, or execute arbitrary code.\n(CVE-2016-5146, CVE-2016-5167)\n\nIt was discovered that Blink mishandles deferred page loads. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2016-5147)\n\nAn issue was discovered in Blink related to widget updates. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2016-5148)\n\nA use-after-free was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5150)\n\nA use-after-free was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5153)\n\nIt was discovered that Chromium does not correctly validate access to the initial document. An attacker could potentially exploit this to spoof the currently displayed URL. (CVE-2016-5155)\n\nA use-after-free was discovered in the event bindings in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5156)\n\nA type confusion bug was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5161)\n\nAn issue was discovered with the devtools implementation. An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2016-5164)\n\nAn issue was discovered with the devtools implementation. An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2016-5165).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-15T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS : oxide-qt vulnerabilities (USN-3058-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145", "CVE-2016-5146", "CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5150", "CVE-2016-5153", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5161", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5167"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3058-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93509", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3058-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93509);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5145\", \"CVE-2016-5146\", \"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5150\", \"CVE-2016-5153\", \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5161\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5167\");\n script_xref(name:\"USN\", value:\"3058-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS : oxide-qt vulnerabilities (USN-3058-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An issue was discovered in Blink involving the provisional URL for an\ninitially empty document. An attacker could potentially exploit this\nto spoof the currently displayed URL. (CVE-2016-5141)\n\nA use-after-free was discovered in the WebCrypto implementation in\nBlink. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service via application crash, or execute arbitrary code.\n(CVE-2016-5142)\n\nIt was discovered that the devtools subsystem in Blink mishandles\nvarious parameters. An attacker could exploit this to bypass intended\naccess restrictions. (CVE-2016-5143, CVE-2016-5144)\n\nIt was discovered that Blink does not ensure that a taint property is\npreserved after a structure-clone operation on an ImageBitmap object\nderived from a cross-origin image. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to bypass same origin restrictions. (CVE-2016-5145)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash, or execute arbitrary code.\n(CVE-2016-5146, CVE-2016-5167)\n\nIt was discovered that Blink mishandles deferred page loads. If a user\nwere tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to conduct cross-site scripting (XSS)\nattacks. (CVE-2016-5147)\n\nAn issue was discovered in Blink related to widget updates. If a user\nwere tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to conduct cross-site scripting (XSS)\nattacks. (CVE-2016-5148)\n\nA use-after-free was discovered in Blink. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application crash, or\nexecute arbitrary code. (CVE-2016-5150)\n\nA use-after-free was discovered in Blink. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application crash, or\nexecute arbitrary code. (CVE-2016-5153)\n\nIt was discovered that Chromium does not correctly validate access to\nthe initial document. An attacker could potentially exploit this to\nspoof the currently displayed URL. (CVE-2016-5155)\n\nA use-after-free was discovered in the event bindings in Blink. If a\nuser were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to cause a denial of service\nvia application crash, or execute arbitrary code. (CVE-2016-5156)\n\nA type confusion bug was discovered in Blink. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code. (CVE-2016-5161)\n\nAn issue was discovered with the devtools implementation. An attacker\ncould potentially exploit this to conduct cross-site scripting (XSS)\nattacks. (CVE-2016-5164)\n\nAn issue was discovered with the devtools implementation. An attacker\ncould potentially exploit this to conduct cross-site scripting (XSS)\nattacks. (CVE-2016-5165).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3058-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected liboxideqtcore0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.17.7-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.17.7-0ubuntu0.16.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liboxideqtcore0\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:16", "description": "Google Chrome Releases reports :\n\n21 security fixes in this release, including :\n\n- [645211] High CVE-2016-5181: Universal XSS in Blink. Credit to Anonymous\n\n- [638615] High CVE-2016-5182: Heap overflow in Blink. Credit to Giwan Go of STEALIEN\n\n- [645122] High CVE-2016-5183: Use after free in PDFium. Credit to Anonymous\n\n- [630654] High CVE-2016-5184: Use after free in PDFium. Credit to Anonymous\n\n- [621360] High CVE-2016-5185: Use after free in Blink. Credit to cloudfuzzer\n\n- [639702] High CVE-2016-5187: URL spoofing. Credit to Luan Herrera\n\n- [565760] Medium CVE-2016-5188: UI spoofing. Credit to Luan Herrera\n\n- [633885] Medium CVE-2016-5192: Cross-origin bypass in Blink. Credit to haojunhou@gmail.com\n\n- [646278] Medium CVE-2016-5189: URL spoofing. Credit to xisigr of Tencent's Xuanwu Lab\n\n- [644963] Medium CVE-2016-5186: Out of bounds read in DevTools.\nCredit to Abdulrahman Alqabandi (@qab)\n\n- [639126] Medium CVE-2016-5191: Universal XSS in Bookmarks. Credit to Gareth Hughes\n\n- [642067] Medium CVE-2016-5190: Use after free in Internals. Credit to Atte Kettunen of OUSPG\n\n- [639658] Low CVE-2016-5193: Scheme bypass. Credit to Yuyang ZHOU (martinzhou96)\n\n- [654782] CVE-2016-5194: Various fixes from internal audits, fuzzing and other initiatives", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-01T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (9118961b-9fa5-11e6-a265-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "p-cpe:/a:freebsd:freebsd:chromium-npapi", "p-cpe:/a:freebsd:freebsd:chromium-pulse", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_9118961B9FA511E6A2653065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/94450", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94450);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5189\", \"CVE-2016-5190\", \"CVE-2016-5191\", \"CVE-2016-5192\", \"CVE-2016-5193\", \"CVE-2016-5194\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (9118961b-9fa5-11e6-a265-3065ec8fd3ec)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n21 security fixes in this release, including :\n\n- [645211] High CVE-2016-5181: Universal XSS in Blink. Credit to\nAnonymous\n\n- [638615] High CVE-2016-5182: Heap overflow in Blink. Credit to Giwan\nGo of STEALIEN\n\n- [645122] High CVE-2016-5183: Use after free in PDFium. Credit to\nAnonymous\n\n- [630654] High CVE-2016-5184: Use after free in PDFium. Credit to\nAnonymous\n\n- [621360] High CVE-2016-5185: Use after free in Blink. Credit to\ncloudfuzzer\n\n- [639702] High CVE-2016-5187: URL spoofing. Credit to Luan Herrera\n\n- [565760] Medium CVE-2016-5188: UI spoofing. Credit to Luan Herrera\n\n- [633885] Medium CVE-2016-5192: Cross-origin bypass in Blink. Credit\nto haojunhou@gmail.com\n\n- [646278] Medium CVE-2016-5189: URL spoofing. Credit to xisigr of\nTencent's Xuanwu Lab\n\n- [644963] Medium CVE-2016-5186: Out of bounds read in DevTools.\nCredit to Abdulrahman Alqabandi (@qab)\n\n- [639126] Medium CVE-2016-5191: Universal XSS in Bookmarks. Credit to\nGareth Hughes\n\n- [642067] Medium CVE-2016-5190: Use after free in Internals. Credit\nto Atte Kettunen of OUSPG\n\n- [639658] Low CVE-2016-5193: Scheme bypass. Credit to Yuyang ZHOU\n(martinzhou96)\n\n- [654782] CVE-2016-5194: Various fixes from internal audits, fuzzing\nand other initiatives\"\n );\n # https://googlechromereleases.blogspot.nl/2016/10/stable-channel-update-for-desktop.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c9e51c7d\"\n );\n # https://vuxml.freebsd.org/freebsd/9118961b-9fa5-11e6-a265-3065ec8fd3ec.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42812ef8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-npapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<54.0.2840.59\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-npapi<54.0.2840.59\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-pulse<54.0.2840.59\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:39:31", "description": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 54.0.2840.59.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5194, CVE-2016-5186, CVE-2016-5188, CVE-2016-5189, CVE-2016-5190, CVE-2016-5191, CVE-2016-5192, CVE-2016-5193)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-18T00:00:00", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2016:2067)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194"], "modified": "2020-05-29T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser", "p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2016-2067.NASL", "href": "https://www.tenable.com/plugins/nessus/94103", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2067. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94103);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5189\", \"CVE-2016-5190\", \"CVE-2016-5191\", \"CVE-2016-5192\", \"CVE-2016-5193\", \"CVE-2016-5194\");\n script_xref(name:\"RHSA\", value:\"2016:2067\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2016:2067)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 54.0.2840.59.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web\ncontent. A web page containing malicious content could cause Chromium\nto crash, execute arbitrary code, or disclose sensitive information\nwhen visited by the victim. (CVE-2016-5181, CVE-2016-5182,\nCVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-5187,\nCVE-2016-5194, CVE-2016-5186, CVE-2016-5188, CVE-2016-5189,\nCVE-2016-5190, CVE-2016-5191, CVE-2016-5192, CVE-2016-5193)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:2067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5181\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5194\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:2067\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-54.0.2840.59-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-54.0.2840.59-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-54.0.2840.59-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-54.0.2840.59-1.el6\", allowmaj:TRUE)) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:39:14", "description": "The version of Google Chrome installed on the remote macOS or Mac OS X host is prior to 54.0.2840.59. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple cross-site scripting vulnerabilities exists in the Blink and Bookmarks components due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2016-5181, CVE-2016-5191)\n\n - A heap-based buffer overflow condition exists in Blink due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2016-5182)\n\n - Multiple use-after-free errors exist in PDFium that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5183, CVE-2016-5184)\n\n - A use-after-free error exists in Blink that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5185)\n\n - An out-of-bounds read error exists in the DevTools component that allows an unauthenticated, remote attacker to disclose memory contents. (CVE-2016-5186)\n\n - Multiple unspecified flaws exist that allow an unauthenticated, remote attacker to spoof URLs.\n (CVE-2016-5187, CVE-2016-5189)\n\n - An unspecified flaw exists related to the display of drop-down menus that allows an unauthenticated, remote attacker to disguise user interface elements and conduct spoofing attacks. (CVE-2016-5188)\n\n - A use-after-free error exists in the Internals component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5190)\n\n - An unspecified flaw exists in Blink that allows an unauthenticated, remote attacker to bypass Cross-Origin Resource Sharing (CORS) restrictions. (CVE-2016-5192)\n\n - An unspecified flaw exists that allows an unauthenticated, remote attacker to bypass schemes.\n (CVE-2016-5193)\n\n - Multiple unspecified flaws exist in the Skia component that allow an unauthenticated, remote attacker to impact integrity. (CVE-2016-5194)\n\n - A flaw exists in FrameView.cpp due to improper handling of orthogonal writing mode roots with floating siblings.\n An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2016-5194)\n\n - A flaw exists in permission_prompt_impl.cc due to improper handling of permission bubbles. An unauthenticated, remote attacker can exploit this, via a specially crafted website performing timing attacks, to obtain unintended permissions. (CVE-2016-5194)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-19T00:00:00", "type": "nessus", "title": "Google Chrome < 54.0.2840.59 Multiple Vulnerabilities (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_54_0_2840_59.NASL", "href": "https://www.tenable.com/plugins/nessus/94137", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94137);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2016-5181\",\n \"CVE-2016-5182\",\n \"CVE-2016-5183\",\n \"CVE-2016-5184\",\n \"CVE-2016-5185\",\n \"CVE-2016-5186\",\n \"CVE-2016-5187\",\n \"CVE-2016-5188\",\n \"CVE-2016-5189\",\n \"CVE-2016-5190\",\n \"CVE-2016-5191\",\n \"CVE-2016-5192\",\n \"CVE-2016-5193\",\n \"CVE-2016-5194\"\n );\n script_bugtraq_id(93528);\n\n script_name(english:\"Google Chrome < 54.0.2840.59 Multiple Vulnerabilities (macOS)\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS or Mac OS X\nhost is prior to 54.0.2840.59. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple cross-site scripting vulnerabilities exists in\n the Blink and Bookmarks components due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit these, via a specially\n crafted request, to execute arbitrary script code in a\n user's browser session. (CVE-2016-5181, CVE-2016-5191)\n\n - A heap-based buffer overflow condition exists in Blink\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2016-5182)\n\n - Multiple use-after-free errors exist in PDFium that\n allow an unauthenticated, remote attacker to execute\n arbitrary code. (CVE-2016-5183, CVE-2016-5184)\n\n - A use-after-free error exists in Blink that allows an\n unauthenticated, remote attacker to execute arbitrary\n code. (CVE-2016-5185)\n\n - An out-of-bounds read error exists in the DevTools\n component that allows an unauthenticated, remote\n attacker to disclose memory contents. (CVE-2016-5186)\n\n - Multiple unspecified flaws exist that allow an\n unauthenticated, remote attacker to spoof URLs.\n (CVE-2016-5187, CVE-2016-5189)\n\n - An unspecified flaw exists related to the display of\n drop-down menus that allows an unauthenticated, remote\n attacker to disguise user interface elements and conduct\n spoofing attacks. (CVE-2016-5188)\n\n - A use-after-free error exists in the Internals component\n that allows an unauthenticated, remote attacker to\n execute arbitrary code. (CVE-2016-5190)\n\n - An unspecified flaw exists in Blink that allows an\n unauthenticated, remote attacker to bypass Cross-Origin\n Resource Sharing (CORS) restrictions. (CVE-2016-5192)\n\n - An unspecified flaw exists that allows an\n unauthenticated, remote attacker to bypass schemes.\n (CVE-2016-5193)\n\n - Multiple unspecified flaws exist in the Skia component\n that allow an unauthenticated, remote attacker to impact\n integrity. (CVE-2016-5194)\n\n - A flaw exists in FrameView.cpp due to improper handling\n of orthogonal writing mode roots with floating siblings.\n An unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2016-5194)\n\n - A flaw exists in permission_prompt_impl.cc due to\n improper handling of permission bubbles. An\n unauthenticated, remote attacker can exploit this, via a\n specially crafted website performing timing attacks, to\n obtain unintended permissions. (CVE-2016-5194)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://googlechromereleases.blogspot.ca/2016/10/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?97775924\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 54.0.2840.59 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5194\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'54.0.2840.59', severity:SECURITY_HOLE, xss:TRUE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T16:06:30", "description": "The version of Google Chrome installed on the remote Windows host is prior to 54.0.2840.59. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple cross-site scripting vulnerabilities exists in the Blink and Bookmarks components due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2016-5181, CVE-2016-5191)\n\n - A heap-based buffer overflow condition exists in Blink due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2016-5182)\n\n - Multiple use-after-free errors exist in PDFium that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5183, CVE-2016-5184)\n\n - A use-after-free error exists in Blink that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5185)\n\n - An out-of-bounds read error exists in the DevTools component that allows an unauthenticated, remote attacker to disclose memory contents. (CVE-2016-5186)\n\n - Multiple unspecified flaws exist that allow an unauthenticated, remote attacker to spoof URLs.\n (CVE-2016-5187, CVE-2016-5189)\n\n - An unspecified flaw exists related to the display of drop-down menus that allows an unauthenticated, remote attacker to disguise user interface elements and conduct spoofing attacks. (CVE-2016-5188)\n\n - A use-after-free error exists in the Internals component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5190)\n\n - An unspecified flaw exists in Blink that allows an unauthenticated, remote attacker to bypass Cross-Origin Resource Sharing (CORS) restrictions. (CVE-2016-5192)\n\n - An unspecified flaw exists that allows an unauthenticated, remote attacker to bypass schemes.\n (CVE-2016-5193)\n\n - Multiple unspecified flaws exist in the Skia component that allow an unauthenticated, remote attacker to impact integrity. (CVE-2016-5194)\n\n - A flaw exists in FrameView.cpp due to improper handling of orthogonal writing mode roots with floating siblings.\n An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2016-5194)\n\n - A flaw exists in permission_prompt_impl.cc due to improper handling of permission bubbles. An unauthenticated, remote attacker can exploit this, via a specially crafted website performing timing attacks, to obtain unintended permissions. (CVE-2016-5194)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-19T00:00:00", "type": "nessus", "title": "Google Chrome < 54.0.2840.59 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_54_0_2840_59.NASL", "href": "https://www.tenable.com/plugins/nessus/94136", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94136);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2016-5181\",\n \"CVE-2016-5182\",\n \"CVE-2016-5183\",\n \"CVE-2016-5184\",\n \"CVE-2016-5185\",\n \"CVE-2016-5186\",\n \"CVE-2016-5187\",\n \"CVE-2016-5188\",\n \"CVE-2016-5189\",\n \"CVE-2016-5190\",\n \"CVE-2016-5191\",\n \"CVE-2016-5192\",\n \"CVE-2016-5193\",\n \"CVE-2016-5194\"\n );\n script_bugtraq_id(93528);\n\n script_name(english:\"Google Chrome < 54.0.2840.59 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 54.0.2840.59. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple cross-site scripting vulnerabilities exists in\n the Blink and Bookmarks components due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit these, via a specially\n crafted request, to execute arbitrary script code in a\n user's browser session. (CVE-2016-5181, CVE-2016-5191)\n\n - A heap-based buffer overflow condition exists in Blink\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2016-5182)\n\n - Multiple use-after-free errors exist in PDFium that\n allow an unauthenticated, remote attacker to execute\n arbitrary code. (CVE-2016-5183, CVE-2016-5184)\n\n - A use-after-free error exists in Blink that allows an\n unauthenticated, remote attacker to execute arbitrary\n code. (CVE-2016-5185)\n\n - An out-of-bounds read error exists in the DevTools\n component that allows an unauthenticated, remote\n attacker to disclose memory contents. (CVE-2016-5186)\n\n - Multiple unspecified flaws exist that allow an\n unauthenticated, remote attacker to spoof URLs.\n (CVE-2016-5187, CVE-2016-5189)\n\n - An unspecified flaw exists related to the display of\n drop-down menus that allows an unauthenticated, remote\n attacker to disguise user interface elements and conduct\n spoofing attacks. (CVE-2016-5188)\n\n - A use-after-free error exists in the Internals component\n that allows an unauthenticated, remote attacker to\n execute arbitrary code. (CVE-2016-5190)\n\n - An unspecified flaw exists in Blink that allows an\n unauthenticated, remote attacker to bypass Cross-Origin\n Resource Sharing (CORS) restrictions. (CVE-2016-5192)\n\n - An unspecified flaw exists that allows an\n unauthenticated, remote attacker to bypass schemes.\n (CVE-2016-5193)\n\n - Multiple unspecified flaws exist in the Skia component\n that allow an unauthenticated, remote attacker to impact\n integrity. (CVE-2016-5194)\n\n - A flaw exists in FrameView.cpp due to improper handling\n of orthogonal writing mode roots with floating siblings.\n An unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2016-5194)\n\n - A flaw exists in permission_prompt_impl.cc due to\n improper handling of permission bubbles. An\n unauthenticated, remote attacker can exploit this, via a\n specially crafted website performing timing attacks, to\n obtain unintended permissions. (CVE-2016-5194)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://googlechromereleases.blogspot.ca/2016/10/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?97775924\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 54.0.2840.59 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5194\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'54.0.2840.59', severity:SECURITY_HOLE, xss:TRUE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:39:46", "description": "The version of Google Chrome installed on the remote host is prior to 53.0.2785.89, and is affected by multiple vulnerabilities :\n\n - An unspecified use-after-free error may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n - An unspecified use-after-free error in 'Blink' may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n - An unspecified flaw exists in 'Extensions' that may allow a context-dependent attacker to inject scripts. No further details have been provided by the vendor.\n - A flaw in 'Blink' allows a universal cross-site scripting (XSS) attack. This flaw exists because the program does not validate input before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.\n - A flaw in 'Blink' allows a universal XSS attack. This flaw exists because the program does not validate input before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.\n - An unspecified flaw in 'Extensions' may allow a context-dependent attacker to bypass web accessible resources. No further details have been provided by the vendor.\n - A flaw exists related to honoring of the 'web_accessible_resources' extension manifest field used to restrict web pages from accessing Extension resources. This may allow a context-dependent attacker to bypass intended restrictions.\n - An unspecified flaw may allow a context-dependent attacker to spoof the address bar. No further details have been provided by the vendor.\n - A flaw in 'DevTools' allows a universal XSS attack. This flaw exists because the program does not validate input before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.\n - A use-after-free error in 'Event Bindings' may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n - An overflow condition is triggered as certain input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, resulting in a denial of service in a process linked against the library or potentially allowing the execution of arbitrary code.\n - An overflow condition is triggered as certain input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, resulting in a denial of service in a process linked against the library or potentially allowing the execution of arbitrary code.\n - An unspecified use-after-destruction error in 'Blink' may allow a context-dependent attacker to have an unspecified impact. No further details have been provided.\n - An unspecified flaw related to the usage of 'Save Page As' may allow a context-dependent attacker to conduct an SMB relay attack.", "cvss3": {"score": null, "vector": null}, "published": "2016-09-30T00:00:00", "type": "nessus", "title": "Google Chrome < 53.0.2785.89 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5147", "CVE-2016-5148", "CVE-2016-5149", "CVE-2016-5150", "CVE-2016-5151", "CVE-2016-5152", "CVE-2016-5153", "CVE-2016-5154", "CVE-2016-5155", "CVE-2016-5156", "CVE-2016-5160", "CVE-2016-5161", "CVE-2016-5162", "CVE-2016-5163", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5166", "CVE-2016-5167", "CVE-2016-7395"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "9594.PASL", "href": "https://www.tenable.com/plugins/nnm/9594", "sourceData": "Binary data 9594.pasl", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:26", "description": "Chromium was updated to 54.0.2840.59 to fix security issues and bugs.\n\nThe following security issues are fixed (bnc#1004465) :\n\n - CVE-2016-5181: Universal XSS in Blink\n\n - CVE-2016-5182: Heap overflow in Blink\n\n - CVE-2016-5183: Use after free in PDFium\n\n - CVE-2016-5184: Use after free in PDFium\n\n - CVE-2016-5185: Use after free in Blink\n\n - CVE-2016-5187: URL spoofing\n\n - CVE-2016-5188: UI spoofing\n\n - CVE-2016-5192: Cross-origin bypass in Blink\n\n - CVE-2016-5189: URL spoofing\n\n - CVE-2016-5186: Out of bounds read in DevTools\n\n - CVE-2016-5191: Universal XSS in Bookmarks\n\n - CVE-2016-5190: Use after free in Internals\n\n - CVE-2016-5193: Scheme bypass\n\nThe following bugs were fixed :\n\n - bnc#1000019: display issues in full screen mode, add\n --ui-disable-partial-swap to the launcher\n\nThe following packaging changes are included :\n\n - The desktop sub-packages are no obsolete\n\n - The package now uses the system variants of some bundled libraries\n\n - The hangouts extension is now built", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-10-25T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2016-2597)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-2597.NASL", "href": "https://www.tenable.com/plugins/nessus/94246", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-2597.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94246);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5189\", \"CVE-2016-5190\", \"CVE-2016-5191\", \"CVE-2016-5192\", \"CVE-2016-5193\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2016-2597)\");\n script_summary(english:\"Check for the openSUSE-2016-2597 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 54.0.2840.59 to fix security issues and bugs.\n\nThe following security issues are fixed (bnc#1004465) :\n\n - CVE-2016-5181: Universal XSS in Blink\n\n - CVE-2016-5182: Heap overflow in Blink\n\n - CVE-2016-5183: Use after free in PDFium\n\n - CVE-2016-5184: Use after free in PDFium\n\n - CVE-2016-5185: Use after free in Blink\n\n - CVE-2016-5187: URL spoofing\n\n - CVE-2016-5188: UI spoofing\n\n - CVE-2016-5192: Cross-origin bypass in Blink\n\n - CVE-2016-5189: URL spoofing\n\n - CVE-2016-5186: Out of bounds read in DevTools\n\n - CVE-2016-5191: Universal XSS in Bookmarks\n\n - CVE-2016-5190: Use after free in Internals\n\n - CVE-2016-5193: Scheme bypass\n\nThe following bugs were fixed :\n\n - bnc#1000019: display issues in full screen mode, add\n --ui-disable-partial-swap to the launcher\n\nThe following packaging changes are included :\n\n - The desktop sub-packages are no obsolete\n\n - The package now uses the system variants of some bundled\n libraries\n\n - The hangouts extension is now built\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000019\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1004465\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-54.0.2840.59-131.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-debuginfo-54.0.2840.59-131.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-54.0.2840.59-131.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debuginfo-54.0.2840.59-131.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debugsource-54.0.2840.59-131.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-54.0.2840.59-131.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-debuginfo-54.0.2840.59-131.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromedriver-54.0.2840.59-82.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromedriver-debuginfo-54.0.2840.59-82.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-54.0.2840.59-82.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-debuginfo-54.0.2840.59-82.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-debugsource-54.0.2840.59-82.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-ffmpegsumo-54.0.2840.59-82.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-ffmpegsumo-debuginfo-54.0.2840.59-82.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:45", "description": "The version of Google Chrome installed on the remote host is prior to 54.0.2840.59, and is affected by multiple vulnerabilities :\n\n - A use-after-free error in Internals may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n - An unspecified flaw may allow a context-dependent attacker to bypass schemes. No further details have been provided.\n - An unspecified flaw may allow a context-dependent attacker to spoof URLs. No further details have been provided.\n - A flaw in Bookmarks allows a universal cross-site scripting (XSS) attack. This flaw exists because the program does not validate input before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.\n - An unspecified flaw in Blink may allow a context-dependent attacker to bypass Cross-Origin Resource Sharing (CORS) restrictions. No further details have been provided.\n - An unspecified flaw may allow a context-dependent attacker to spoof URLs. No further details have been provided.\n - A flaw in Blink allows a universal XSS attack. This flaw exists because the program does not validate input before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.\n - A use-after-free error in Blink may allow a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code. No further details have been provided.\n - An overflow condition exists in Blink. The issue is triggered as certain input is not properly validated. This may allow a context-dependent buffer overflow, potentially allowing the execution of arbitrary code.\n - A flaw in the display of drop-down menus may allow a context-dependent attacker to disguise user interface elements and conduct spoofing attacks.\n - An out-of-bounds read flaw exists in DevTools. This may allow a context-dependent attacker to potentially disclose memory contents.\n - An unspecified flaw may allow a context-dependent attacker to have an unspecified, high severity impact. No further details have been provided by the vendor.\n - An unspecified flaw may allow a context-dependent attacker to have an unspecified, medium severity impact. No further details have been provided by the vendor.\n - An unspecified flaw exists in the 'SkConic::chopIntoQuadsPOW2()' function in 'core/SkGeometry.cpp' that may allow a context-dependent attacker to have an unspecified, high severity impact.\n - An unspecified flaw exists in the 'SkConic::chopIntoQuadsPOW2()' function in 'core/SkGeometry.cpp'. This that may allow a context-dependent attacker to have an unspecified, medium severity impact.\n - A flaw exists in the 'FrameView::layoutOrthogonalWritingModeRoots()' function in 'frame/FrameView.cpp'. The issue is triggered when handling orthogonal writing mode roots with floating siblings. This may allow a context-dependent attacker to potentially execute arbitrary code.\n - A flaw exists in 'ui/views/website_settings/permission_prompt_impl.cc'. The issue is triggered when handling permission bubbles, as the default action is to accept them. With a specially crafted website performing timing attacks, a context-dependent attacker can obtain unintended permissions.\n - An unspecified flaw may allow a context-dependent attacker to have an unspecified, medium severity impact. No further details have been provided by the vendor.", "cvss3": {"score": null, "vector": null}, "published": "2016-10-17T00:00:00", "type": "nessus", "title": "Google Chrome < 54.0.2840.59 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "9687.PASL", "href": "https://www.tenable.com/plugins/nnm/9687", "sourceData": "Binary data 9687.pasl", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-02T17:00:53", "description": "Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188, CVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191, CVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-10T00:00:00", "type": "nessus", "title": "Fedora 24 : 1:chromium-native_client / chromium (2016-c671aae490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "modified": "2022-06-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:chromium-native_client", "p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-C671AAE490.NASL", "href": "https://www.tenable.com/plugins/nessus/94661", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-c671aae490.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94661);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/08\");\n\n script_cve_id(\n \"CVE-2016-5181\",\n \"CVE-2016-5182\",\n \"CVE-2016-5183\",\n \"CVE-2016-5184\",\n \"CVE-2016-5185\",\n \"CVE-2016-5186\",\n \"CVE-2016-5187\",\n \"CVE-2016-5188\",\n \"CVE-2016-5189\",\n \"CVE-2016-5190\",\n \"CVE-2016-5191\",\n \"CVE-2016-5192\",\n \"CVE-2016-5193\",\n \"CVE-2016-5194\",\n \"CVE-2016-5198\"\n );\n script_xref(name:\"FEDORA\", value:\"2016-c671aae490\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/22\");\n\n script_name(english:\"Fedora 24 : 1:chromium-native_client / chromium (2016-c671aae490)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183,\nCVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188,\nCVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191,\nCVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-c671aae490\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected 1:chromium-native_client and / or chromium\npackages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:chromium-native_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"chromium-native_client-54.0.2840.59-1.20161013git090f907.fc24\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"chromium-54.0.2840.90-3.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:chromium-native_client / chromium\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-02T17:00:53", "description": "Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188, CVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191, CVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-21T00:00:00", "type": "nessus", "title": "Fedora 25 : 1:chromium-native_client / chromium (2016-35049d9d97)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "modified": "2022-06-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:chromium-native_client", "p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-35049D9D97.NASL", "href": "https://www.tenable.com/plugins/nessus/94996", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-35049d9d97.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94996);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/08\");\n\n script_cve_id(\n \"CVE-2016-5181\",\n \"CVE-2016-5182\",\n \"CVE-2016-5183\",\n \"CVE-2016-5184\",\n \"CVE-2016-5185\",\n \"CVE-2016-5186\",\n \"CVE-2016-5187\",\n \"CVE-2016-5188\",\n \"CVE-2016-5189\",\n \"CVE-2016-5190\",\n \"CVE-2016-5191\",\n \"CVE-2016-5192\",\n \"CVE-2016-5193\",\n \"CVE-2016-5194\",\n \"CVE-2016-5198\"\n );\n script_xref(name:\"FEDORA\", value:\"2016-35049d9d97\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/22\");\n\n script_name(english:\"Fedora 25 : 1:chromium-native_client / chromium (2016-35049d9d97)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183,\nCVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188,\nCVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191,\nCVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-35049d9d97\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected 1:chromium-native_client and / or chromium\npackages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:chromium-native_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"chromium-native_client-54.0.2840.59-1.20161013git090f907.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"chromium-54.0.2840.90-3.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:chromium-native_client / chromium\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-02T17:03:15", "description": "Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188, CVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191, CVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-21T00:00:00", "type": "nessus", "title": "Fedora 23 : chromium (2016-012de4c97e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "modified": "2022-06-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-012DE4C97E.NASL", "href": "https://www.tenable.com/plugins/nessus/94987", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-012de4c97e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94987);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/08\");\n\n script_cve_id(\n \"CVE-2016-5181\",\n \"CVE-2016-5182\",\n \"CVE-2016-5183\",\n \"CVE-2016-5184\",\n \"CVE-2016-5185\",\n \"CVE-2016-5186\",\n \"CVE-2016-5187\",\n \"CVE-2016-5188\",\n \"CVE-2016-5189\",\n \"CVE-2016-5190\",\n \"CVE-2016-5191\",\n \"CVE-2016-5192\",\n \"CVE-2016-5193\",\n \"CVE-2016-5194\",\n \"CVE-2016-5198\"\n );\n script_xref(name:\"FEDORA\", value:\"2016-012de4c97e\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/22\");\n\n script_name(english:\"Fedora 23 : chromium (2016-012de4c97e)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183,\nCVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188,\nCVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191,\nCVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-012de4c97e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromium package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"chromium-54.0.2840.90-3.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:41:02", "description": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 52.0.2743.116.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5146, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-08-09T00:00:00", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2016:1580)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5139", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145", "CVE-2016-5146"], "modified": "2020-05-29T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser", "p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2016-1580.NASL", "href": "https://www.tenable.com/plugins/nessus/92814", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:1580. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92814);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2016-5139\", \"CVE-2016-5140\", \"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5145\", \"CVE-2016-5146\");\n script_xref(name:\"RHSA\", value:\"2016:1580\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2016:1580)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 52.0.2743.116.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web\ncontent. A web page containing malicious content could cause Chromium\nto crash, execute arbitrary code, or disclose sensitive information\nwhen visited by the victim. (CVE-2016-5139, CVE-2016-5140,\nCVE-2016-5141, CVE-2016-5142, CVE-2016-5146, CVE-2016-5143,\nCVE-2016-5144, CVE-2016-5145)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:1580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5140\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5144\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5146\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:1580\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-52.0.2743.116-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-52.0.2743.116-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-52.0.2743.116-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-52.0.2743.116-1.el6\", allowmaj:TRUE)) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:31", "description": "Google Chrome Releases reports :\n\n10 security fixes in this release, including :\n\n- [629542] High CVE-2016-5141 Address bar spoofing. Credit to anonymous\n\n- [626948] High CVE-2016-5142 Use-after-free in Blink. Credit to anonymous\n\n- [625541] High CVE-2016-5139 Heap overflow in pdfium. Credit to GiWan Go of Stealien\n\n- [619405] High CVE-2016-5140 Heap overflow in pdfium. Credit to Ke Liu of Tencent's Xuanwu LAB\n\n- [623406] Medium CVE-2016-5145 Same origin bypass for images in Blink. Credit to anonymous\n\n- [619414] Medium CVE-2016-5143 Parameter sanitization failure in DevTools. Credit to Gregory Panakkal\n\n- [618333] Medium CVE-2016-5144 Parameter sanitization failure in DevTools. Credit to Gregory Panakkal\n\n- [633486] CVE-2016-5146: Various fixes from internal audits, fuzzing and other initiatives.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-15T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (958b9cee-79da-11e6-bf75-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5139", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145", "CVE-2016-5146"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "p-cpe:/a:freebsd:freebsd:chromium-npapi", "p-cpe:/a:freebsd:freebsd:chromium-pulse", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_958B9CEE79DA11E6BF753065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/93497", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93497);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-5139\", \"CVE-2016-5140\", \"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5145\", \"CVE-2016-5146\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (958b9cee-79da-11e6-bf75-3065ec8fd3ec)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n10 security fixes in this release, including :\n\n- [629542] High CVE-2016-5141 Address bar spoofing. Credit to\nanonymous\n\n- [626948] High CVE-2016-5142 Use-after-free in Blink. Credit to\nanonymous\n\n- [625541] High CVE-2016-5139 Heap overflow in pdfium. Credit to GiWan\nGo of Stealien\n\n- [619405] High CVE-2016-5140 Heap overflow in pdfium. Credit to Ke\nLiu of Tencent's Xuanwu LAB\n\n- [623406] Medium CVE-2016-5145 Same origin bypass for images in\nBlink. Credit to anonymous\n\n- [619414] Medium CVE-2016-5143 Parameter sanitization failure in\nDevTools. Credit to Gregory Panakkal\n\n- [618333] Medium CVE-2016-5144 Parameter sanitization failure in\nDevTools. Credit to Gregory Panakkal\n\n- [633486] CVE-2016-5146: Various fixes from internal audits, fuzzing\nand other initiatives.\"\n );\n # https://googlechromereleases.blogspot.nl/2016/08/stable-channel-update-for-desktop.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a6d822c\"\n );\n # https://vuxml.freebsd.org/freebsd/958b9cee-79da-11e6-bf75-3065ec8fd3ec.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?be76e227\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-npapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<52.0.2743.116\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-npapi<52.0.2743.116\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-pulse<52.0.2743.116\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T14:20:28", "description": "Chromium was updated to 52.0.2743.116 to fix the following security issues: (boo#992305)\n\n - CVE-2016-5141: Address bar spoofing (boo#992314)\n\n - CVE-2016-5142: Use-after-free in Blink (boo#992313)\n\n - CVE-2016-5139: Heap overflow in pdfium (boo#992311)\n\n - CVE-2016-5140: Heap overflow in pdfium (boo#992310)\n\n - CVE-2016-5145: Same origin bypass for images in Blink (boo#992320)\n\n - CVE-2016-5143: Parameter sanitization failure in DevTools (boo#992319)\n\n - CVE-2016-5144: Parameter sanitization failure in DevTools (boo#992315)\n\n - CVE-2016-5146: Various fixes from internal audits, fuzzing and other initiatives (boo#992309)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-08-08T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2016-950)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5139", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145", "CVE-2016-5146"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-950.NASL", "href": "https://www.tenable.com/plugins/nessus/92778", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-950.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92778);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5139\", \"CVE-2016-5140\", \"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5145\", \"CVE-2016-5146\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2016-950)\");\n script_summary(english:\"Check for the openSUSE-2016-950 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 52.0.2743.116 to fix the following security\nissues: (boo#992305)\n\n - CVE-2016-5141: Address bar spoofing (boo#992314)\n\n - CVE-2016-5142: Use-after-free in Blink (boo#992313)\n\n - CVE-2016-5139: Heap overflow in pdfium (boo#992311)\n\n - CVE-2016-5140: Heap overflow in pdfium (boo#992310)\n\n - CVE-2016-5145: Same origin bypass for images in Blink\n (boo#992320)\n\n - CVE-2016-5143: Parameter sanitization failure in\n DevTools (boo#992319)\n\n - CVE-2016-5144: Parameter sanitization failure in\n DevTools (boo#992315)\n\n - CVE-2016-5146: Various fixes from internal audits,\n fuzzing and other initiatives (boo#992309)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=992305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=992309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=992310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=992311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=992313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=992314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=992315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=992319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=992320\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-52.0.2743.116-114.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-52.0.2743.116-114.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-gnome-52.0.2743.116-114.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-kde-52.0.2743.116-114.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-52.0.2743.116-114.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromedriver-52.0.2743.116-64.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-52.0.2743.116-64.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-desktop-gnome-52.0.2743.116-64.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-desktop-kde-52.0.2743.116-64.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-ffmpegsumo-52.0.2743.116-64.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromium / chromium-desktop-gnome / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T14:20:01", "description": "The version of Google Chrome installed on the remote Windows host is prior to 52.0.2743.116. It is, therefore, affected by multiple vulnerabilities :\n\n - An overflow condition exists in PDFium due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.\n (CVE-2016-5139)\n\n - An overflow condition exists in OpenJPEG due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.\n (CVE-2016-5140)\n\n - A flaw exists that is triggered when nested message loops access documents without generating a notification. An attacker can exploit this to spoof the address bar. (CVE-2016-5141)\n\n - A use-after-free error exists that allows an attacker to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-5142)\n\n - A flaw exists in the sanitizeRemoteFrontendUrl() function in devtools.js due to a failure to properly sanitize input parameters. An attacker can exploit this to have an unspecified impact. (CVE-2016-5143)\n\n - A flaw exists in the loadScriptsPromise() function in Runtime.js due to a failure to properly sanitize input parameters. An attacker can exploit this to have an unspecified impact. (CVE-2016-5144)\n\n - A flaw exists due to improper handling of specially crafted images. An attacker can exploit this to bypass the same-origin policy. (CVE-2016-5145)\n\n - Multiple unspecified high and medium severity vulnerabilities exist, including an overflow condition in WebRTC due to improper validation user-supplied input when handling RTP packets. An attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-5146)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-08-08T00:00:00", "type": "nessus", "title": "Google Chrome < 52.0.2743.116 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5139", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145", "CVE-2016-5146"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_52_0_2743_116.NASL", "href": "https://www.tenable.com/plugins/nessus/92791", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92791);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2016-5139\",\n \"CVE-2016-5140\",\n \"CVE-2016-5141\",\n \"CVE-2016-5142\",\n \"CVE-2016-5143\",\n \"CVE-2016-5144\",\n \"CVE-2016-5145\",\n \"CVE-2016-5146\"\n );\n script_bugtraq_id(92276);\n\n script_name(english:\"Google Chrome < 52.0.2743.116 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 52.0.2743.116. It is, therefore, affected by multiple\nvulnerabilities :\n\n - An overflow condition exists in PDFium due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a heap-based\n buffer overflow, resulting in a denial of service \n condition or the execution of arbitrary code.\n (CVE-2016-5139)\n\n - An overflow condition exists in OpenJPEG due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a heap-based\n buffer overflow, resulting in a denial of service \n condition or the execution of arbitrary code.\n (CVE-2016-5140)\n\n - A flaw exists that is triggered when nested message\n loops access documents without generating a\n notification. An attacker can exploit this to spoof the\n address bar. (CVE-2016-5141)\n\n - A use-after-free error exists that allows an attacker to\n dereference already freed memory, resulting in the\n execution of arbitrary code. (CVE-2016-5142)\n\n - A flaw exists in the sanitizeRemoteFrontendUrl()\n function in devtools.js due to a failure to properly\n sanitize input parameters. An attacker can exploit this\n to have an unspecified impact. (CVE-2016-5143)\n\n - A flaw exists in the loadScriptsPromise() function in\n Runtime.js due to a failure to properly sanitize input\n parameters. An attacker can exploit this to have an\n unspecified impact. (CVE-2016-5144)\n\n - A flaw exists due to improper handling of specially\n crafted images. An attacker can exploit this to bypass\n the same-origin policy. (CVE-2016-5145)\n\n - Multiple unspecified high and medium severity\n vulnerabilities exist, including an overflow condition\n in WebRTC due to improper validation user-supplied input\n when handling RTP packets. An attacker can exploit this\n to cause a denial of service condition or the execution\n of arbitrary code. (CVE-2016-5146)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?81b23127\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 52.0.2743.116 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5146\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'52.0.2743.116', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T14:20:05", "description": "The version of Google Chrome installed on the remote Mac OS X host is prior to 52.0.2743.116. It is, therefore, affected by multiple vulnerabilities :\n\n - An overflow condition exists in PDFium due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.\n (CVE-2016-5139)\n\n - An overflow condition exists in OpenJPEG due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.\n (CVE-2016-5140)\n\n - A flaw exists that is triggered when nested message loops access documents without generating a notification. An attacker can exploit this to spoof the address bar. (CVE-2016-5141)\n\n - A use-after-free error exists that allows an attacker to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-5142)\n\n - A flaw exists in the sanitizeRemoteFrontendUrl() function in devtools.js due to a failure to properly sanitize input parameters. An attacker can exploit this to have an unspecified impact. (CVE-2016-5143)\n\n - A flaw exists in the loadScriptsPromise() function in Runtime.js due to a failure to properly sanitize input parameters. An attacker can exploit this to have an unspecified impact. (CVE-2016-5144)\n\n - A flaw exists due to improper handling of specially crafted images. An attacker can exploit this to bypass the same-origin policy. (CVE-2016-5145)\n\n - Multiple unspecified high and medium severity vulnerabilities exist, including an overflow condition in WebRTC due to improper validation user-supplied input when handling RTP packets. An attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-5146)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-08-08T00:00:00", "type": "nessus", "title": "Google Chrome < 52.0.2743.116 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5139", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145", "CVE-2016-5146"], "modified": "2019-11-14T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_52_0_2743_116.NASL", "href": "https://www.tenable.com/plugins/nessus/92792", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92792);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\n \"CVE-2016-5139\",\n \"CVE-2016-5140\",\n \"CVE-2016-5141\",\n \"CVE-2016-5142\",\n \"CVE-2016-5143\",\n \"CVE-2016-5144\",\n \"CVE-2016-5145\",\n \"CVE-2016-5146\"\n );\n script_bugtraq_id(92276);\n\n script_name(english:\"Google Chrome < 52.0.2743.116 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Mac OS X host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is\nprior to 52.0.2743.116. It is, therefore, affected by multiple\nvulnerabilities :\n\n - An overflow condition exists in PDFium due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a heap-based\n buffer overflow, resulting in a denial of service \n condition or the execution of arbitrary code.\n (CVE-2016-5139)\n\n - An overflow condition exists in OpenJPEG due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a heap-based\n buffer overflow, resulting in a denial of service \n condition or the execution of arbitrary code.\n (CVE-2016-5140)\n\n - A flaw exists that is triggered when nested message\n loops access documents without generating a\n notification. An attacker can exploit this to spoof the\n address bar. (CVE-2016-5141)\n\n - A use-after-free error exists that allows an attacker to\n dereference already freed memory, resulting in the\n execution of arbitrary code. (CVE-2016-5142)\n\n - A flaw exists in the sanitizeRemoteFrontendUrl()\n function in devtools.js due to a failure to properly\n sanitize input parameters. An attacker can exploit this\n to have an unspecified impact. (CVE-2016-5143)\n\n - A flaw exists in the loadScriptsPromise() function in\n Runtime.js due to a failure to properly sanitize input\n parameters. An attacker can exploit this to have an\n unspecified impact. (CVE-2016-5144)\n\n - A flaw exists due to improper handling of specially\n crafted images. An attacker can exploit this to bypass\n the same-origin policy. (CVE-2016-5145)\n\n - Multiple unspecified high and medium severity\n vulnerabilities exist, including an overflow condition\n in WebRTC due to improper validation user-supplied input\n when handling RTP packets. An attacker can exploit this\n to cause a denial of service condition or the execution\n of arbitrary code. (CVE-2016-5146)\n\nNote that Nessus has not tested for these issues but has instead \nrelied only on the application's self-reported version number.\");\n # https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?81b23127\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 52.0.2743.116 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5146\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'52.0.2743.116', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:35", "description": "It was discovered that a long running unload handler could cause an incognito profile to be reused in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information.\n(CVE-2016-1586)\n\nMultiple security vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting (XSS) attacks, spoof an application's URL bar, obtain sensitive information, cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5181, CVE-2016-5182, CVE-2016-5185, CVE-2016-5186, CVE-2016-5187, CVE-2016-5188, CVE-2016-5189, CVE-2016-5192, CVE-2016-5194).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-03T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : oxide-qt vulnerabilities (USN-3113-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1586", "CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5192", "CVE-2016-5194"], "modified": "2019-11-22T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3113-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94508", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3113-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94508);\n script_version(\"2.13\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\"CVE-2016-1586\", \"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5185\", \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5189\", \"CVE-2016-5192\", \"CVE-2016-5194\");\n script_xref(name:\"USN\", value:\"3113-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : oxide-qt vulnerabilities (USN-3113-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a long running unload handler could cause an\nincognito profile to be reused in some circumstances. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to obtain sensitive information.\n(CVE-2016-1586)\n\nMultiple security vulnerabilities were discovered in Chromium. If a\nuser were tricked in to opening a specially crafted website, an\nattacker could potentially exploit these to conduct cross-site\nscripting (XSS) attacks, spoof an application's URL bar, obtain\nsensitive information, cause a denial of service via application\ncrash, or execute arbitrary code. (CVE-2016-5181, CVE-2016-5182,\nCVE-2016-5185, CVE-2016-5186, CVE-2016-5187, CVE-2016-5188,\nCVE-2016-5189, CVE-2016-5192, CVE-2016-5194).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3113-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected liboxideqtcore0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.18.3-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.18.3-0ubuntu0.16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"liboxideqtcore0\", pkgver:\"1.18.3-0ubuntu0.16.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liboxideqtcore0\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:20:48", "description": "On 2016-08-04 Google released Chrome 52.0.2743.116 which fixes at least 8 security issues: CVE-2016-5141, CVE-2016-5142, CVE-2016-5139, CVE-2016-5140, CVE-2016-5145, CVE-2016-5143 and CVE-2016-5144. \n\nAdditionally, this update :\n\n - Splits libmedia and libffmpeg into the libs-media subpackage, so that it can be replaced by non-Fedora repos to provide additional codecs.\n\n - Enables gtk3 support\n\n - Adds additional ICU Text codec aliases (from openSUSE via Russian Fedora)\n\n - Uses PIE in the Linux sandbox (from openSUSE via Russian Fedora)\n\n - Enables ARM CPU detection for webrtc (from archlinux via Russian Fedora)\n\n - Does not force -m32 in icu compile on ARM (from archlinux via Russian Fedora)\n\n - Enables fpic on linux\n\n - Enables hidpi\n\n - Enables touch_ui\n\n - Adds chromedriver subpackage (from Russian Fedora)\n\n - Sets default master_preferences location to /etc/chromium (and includes master_preferences file)\n\n - Creates PepperFlash directory where plugin needs to live if user has it\n\n - Improves translations in chromium-browser.desktop (from Russian Fedora)\n\n - Improves translation in Appinfo xml file (thanks to Richard Hughes)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-08-15T00:00:00", "type": "nessus", "title": "Fedora 24 : chromium (2016-e9798eaaa3)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5139", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-E9798EAAA3.NASL", "href": "https://www.tenable.com/plugins/nessus/92962", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-e9798eaaa3.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92962);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5139\", \"CVE-2016-5140\", \"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5145\");\n script_xref(name:\"FEDORA\", value:\"2016-e9798eaaa3\");\n\n script_name(english:\"Fedora 24 : chromium (2016-e9798eaaa3)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"On 2016-08-04 Google released Chrome 52.0.2743.116 which fixes at\nleast 8 security issues: CVE-2016-5141, CVE-2016-5142, CVE-2016-5139,\nCVE-2016-5140, CVE-2016-5145, CVE-2016-5143 and CVE-2016-5144. \n\nAdditionally, this update :\n\n - Splits libmedia and libffmpeg into the libs-media\n subpackage, so that it can be replaced by non-Fedora\n repos to provide additional codecs.\n\n - Enables gtk3 support\n\n - Adds additional ICU Text codec aliases (from openSUSE\n via Russian Fedora)\n\n - Uses PIE in the Linux sandbox (from openSUSE via Russian\n Fedora)\n\n - Enables ARM CPU detection for webrtc (from archlinux via\n Russian Fedora)\n\n - Does not force -m32 in icu compile on ARM (from\n archlinux via Russian Fedora)\n\n - Enables fpic on linux\n\n - Enables hidpi\n\n - Enables touch_ui\n\n - Adds chromedriver subpackage (from Russian Fedora)\n\n - Sets default master_preferences location to\n /etc/chromium (and includes master_preferences file)\n\n - Creates PepperFlash directory where plugin needs to live\n if user has it\n\n - Improves translations in chromium-browser.desktop (from\n Russian Fedora)\n\n - Improves translation in Appinfo xml file (thanks to\n Richard Hughes)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-e9798eaaa3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"chromium-52.0.2743.116-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T14:20:12", "description": "Several vulnerabilites have been discovered in the chromium web browser.\n\n - CVE-2016-5139 GiWan Go discovered a use-after-free issue in the pdfium library.\n\n - CVE-2016-5140 Ke Liu discovered a use-after-free issue in the pdfium library.\n\n - CVE-2016-5141 Sergey Glazunov discovered a URL spoofing issue.\n\n - CVE-2016-5142 Sergey Glazunov discovered a use-after-free issue.\n\n - CVE-2016-5143 Gregory Panakkal discovered an issue in the developer tools.\n\n - CVE-2016-5144 Gregory Panakkal discovered another issue in the developer tools.\n\n - CVE-2016-5146 The chrome development team found and fixed various issues during internal auditing.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-08-15T00:00:00", "type": "nessus", "title": "Debian DSA-3645-1 : chromium-browser - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5139", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5146"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3645.NASL", "href": "https://www.tenable.com/plugins/nessus/92956", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3645. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92956);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5139\", \"CVE-2016-5140\", \"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5143\", \"CVE-2016-5144\");\n script_xref(name:\"DSA\", value:\"3645\");\n\n script_name(english:\"Debian DSA-3645-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilites have been discovered in the chromium web\nbrowser.\n\n - CVE-2016-5139\n GiWan Go discovered a use-after-free issue in the pdfium\n library.\n\n - CVE-2016-5140\n Ke Liu discovered a use-after-free issue in the pdfium\n library.\n\n - CVE-2016-5141\n Sergey Glazunov discovered a URL spoofing issue.\n\n - CVE-2016-5142\n Sergey Glazunov discovered a use-after-free issue.\n\n - CVE-2016-5143\n Gregory Panakkal discovered an issue in the developer\n tools.\n\n - CVE-2016-5144\n Gregory Panakkal discovered another issue in the\n developer tools.\n\n - CVE-2016-5146\n The chrome development team found and fixed various\n issues during internal auditing.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5140\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5144\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5146\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3645\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 52.0.2743.116-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"chromedriver\", reference:\"52.0.2743.116-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium\", reference:\"52.0.2743.116-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-dbg\", reference:\"52.0.2743.116-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-inspector\", reference:\"52.0.2743.116-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-l10n\", reference:\"52.0.2743.116-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:04", "description": "Update to 53.0.2785.113\n\nSecurity fix for CVE-2016-5170, CVE-2016-5171, CVE-2016-5172, CVE-2016-5173, CVE-2016-5174, CVE-2016-5175\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-19T00:00:00", "type": "nessus", "title": "Fedora 24 : chromium (2016-b15185b72a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-B15185B72A.NASL", "href": "https://www.tenable.com/plugins/nessus/93578", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-b15185b72a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93578);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\");\n script_xref(name:\"FEDORA\", value:\"2016-b15185b72a\");\n\n script_name(english:\"Fedora 24 : chromium (2016-b15185b72a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 53.0.2785.113\n\nSecurity fix for CVE-2016-5170, CVE-2016-5171, CVE-2016-5172,\nCVE-2016-5173, CVE-2016-5174, CVE-2016-5175\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-b15185b72a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"chromium-53.0.2785.113-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:19", "description": "Chromium was updated to 53.0.2785.113 to fix a number of security issues and bugs.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2016-5170: Use after free in Blink\n\n - CVE-2016-5171: Use after free in Blink\n\n - CVE-2016-5172: Arbitrary Memory Read in v8\n\n - CVE-2016-5173: Extension resource access\n\n - CVE-2016-5174: Popup not correctly suppressed\n\n - CVE-2016-5175: Various fixes from internal audits, fuzzing and other initiatives.\n\nThe following upstream fixes are included :\n\n - SPDY crasher fixes\n\n - Disable NV12 DXGI video on AMD\n\n - Forward --password-store switch to os_crypt\n\n - Tell the kernel to discard USB requests when they time out.\n\n - disallow WKBackForwardListItem navigations for pushState pages\n\n - arc: bluetooth: Fix advertised uuid\n\n - fix conflicting PendingIntent for stop button and swipe away\n\nThe widevine plugin was re-enabled (boo#998328).", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-2016-1084)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1084.NASL", "href": "https://www.tenable.com/plugins/nessus/93554", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1084.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93554);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2016-1084)\");\n script_summary(english:\"Check for the openSUSE-2016-1084 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 53.0.2785.113 to fix a number of security\nissues and bugs.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2016-5170: Use after free in Blink\n\n - CVE-2016-5171: Use after free in Blink\n\n - CVE-2016-5172: Arbitrary Memory Read in v8\n\n - CVE-2016-5173: Extension resource access\n\n - CVE-2016-5174: Popup not correctly suppressed\n\n - CVE-2016-5175: Various fixes from internal audits,\n fuzzing and other initiatives.\n\nThe following upstream fixes are included :\n\n - SPDY crasher fixes\n\n - Disable NV12 DXGI video on AMD\n\n - Forward --password-store switch to os_crypt\n\n - Tell the kernel to discard USB requests when they time\n out.\n\n - disallow WKBackForwardListItem navigations for pushState\n pages\n\n - arc: bluetooth: Fix advertised uuid\n\n - fix conflicting PendingIntent for stop button and swipe\n away\n\nThe widevine plugin was re-enabled (boo#998328).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=998328\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=998743\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromedriver-53.0.2785.113-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromedriver-debuginfo-53.0.2785.113-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-53.0.2785.113-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-debuginfo-53.0.2785.113-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-desktop-gnome-53.0.2785.113-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-desktop-kde-53.0.2785.113-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-ffmpegsumo-53.0.2785.113-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-ffmpegsumo-debuginfo-53.0.2785.113-74.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:53", "description": "Chromium was updated to 53.0.2785.113 to fix a number of security issues and bugs.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2016-5170: Use after free in Blink\n\n - CVE-2016-5171: Use after free in Blink\n\n - CVE-2016-5172: Arbitrary Memory Read in v8\n\n - CVE-2016-5173: Extension resource access\n\n - CVE-2016-5174: Popup not correctly suppressed\n\n - CVE-2016-5175: Various fixes from internal audits, fuzzing and other initiatives", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-2016-1085)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-1085.NASL", "href": "https://www.tenable.com/plugins/nessus/93595", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1085.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93595);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2016-1085)\");\n script_summary(english:\"Check for the openSUSE-2016-1085 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 53.0.2785.113 to fix a number of security\nissues and bugs.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2016-5170: Use after free in Blink\n\n - CVE-2016-5171: Use after free in Blink\n\n - CVE-2016-5172: Arbitrary Memory Read in v8\n\n - CVE-2016-5173: Extension resource access\n\n - CVE-2016-5174: Popup not correctly suppressed\n\n - CVE-2016-5175: Various fixes from internal audits,\n fuzzing and other initiatives\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=998743\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-53.0.2785.113-123.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-debuginfo-53.0.2785.113-123.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-53.0.2785.113-123.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debuginfo-53.0.2785.113-123.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-gnome-53.0.2785.113-123.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-kde-53.0.2785.113-123.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-53.0.2785.113-123.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-debuginfo-53.0.2785.113-123.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:21", "description": "Update to 53.0.2785.113\n\nSecurity fix for CVE-2016-5170, CVE-2016-5171, CVE-2016-5172, CVE-2016-5173, CVE-2016-5174, CVE-2016-5175\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-15T00:00:00", "type": "nessus", "title": "Fedora 25 : chromium (2016-03b199bec6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-03B199BEC6.NASL", "href": "https://www.tenable.com/plugins/nessus/94769", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-03b199bec6.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94769);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\");\n script_xref(name:\"FEDORA\", value:\"2016-03b199bec6\");\n\n script_name(english:\"Fedora 25 : chromium (2016-03b199bec6)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 53.0.2785.113\n\nSecurity fix for CVE-2016-5170, CVE-2016-5171, CVE-2016-5172,\nCVE-2016-5173, CVE-2016-5174, CVE-2016-5175\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-03b199bec6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"chromium-53.0.2785.113-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:04", "description": "Google Chrome Releases reports :\n\nSeveral security fixes in this release, including :\n\n- [641101] High CVE-2016-5170: Use after free in Blink.Credit to Anonymous\n\n- [643357] High CVE-2016-5171: Use after free in Blink. Credit to Anonymous\n\n- [616386] Medium CVE-2016-5172: Arbitrary Memory Read in v8. Credit to Choongwoo Han\n\n- [468931] Medium CVE-2016-5173: Extension resource access. Credit to Anonymous\n\n- [579934] Medium CVE-2016-5174: Popup not correctly suppressed.\nCredit to Andrey Kovalev (@L1kvID) Yandex Security Team\n\n- [646394] CVE-2016-5175: Various fixes from internal audits, fuzzing and other initiatives.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-19T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (653a8059-7c49-11e6-9242-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "p-cpe:/a:freebsd:freebsd:chromium-npapi", "p-cpe:/a:freebsd:freebsd:chromium-pulse", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_653A80597C4911E692423065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/93581", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93581);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (653a8059-7c49-11e6-9242-3065ec8fd3ec)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\nSeveral security fixes in this release, including :\n\n- [641101] High CVE-2016-5170: Use after free in Blink.Credit to\nAnonymous\n\n- [643357] High CVE-2016-5171: Use after free in Blink. Credit to\nAnonymous\n\n- [616386] Medium CVE-2016-5172: Arbitrary Memory Read in v8. Credit\nto Choongwoo Han\n\n- [468931] Medium CVE-2016-5173: Extension resource access. Credit to\nAnonymous\n\n- [579934] Medium CVE-2016-5174: Popup not correctly suppressed.\nCredit to Andrey Kovalev (@L1kvID) Yandex Security Team\n\n- [646394] CVE-2016-5175: Various fixes from internal audits, fuzzing\nand other initiatives.\"\n );\n # https://googlechromereleases.blogspot.nl/2016/09/stable-channel-update-for-desktop_13.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?567afb05\"\n );\n # https://vuxml.freebsd.org/freebsd/653a8059-7c49-11e6-9242-3065ec8fd3ec.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?edb43cc6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-npapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<53.0.2785.113\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-npapi<53.0.2785.113\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-pulse<53.0.2785.113\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:14", "description": "The version of Google Chrome installed on the remote host is prior to 52.0.2743.116, and is affected by multiple vulnerabilities :\n\n - An unspecified issue exists, which may allow a context-dependent attacker to have an unspecified high severity impact. No further details have been provided.\n - An unspecified issue exists, which may allow a context-dependent attacker to have an unspecified medium severity impact. No further details have been provided.)\n - A flaw exists that is triggered during the handling of specially crafted images. This may allow a context-dependent attacker to bypass the same-origin policy.(\n - A flaw exists that is triggered as nested message loops might access documents and not generate a notification. This may allow a context-dependent attacker to spoof the address bar.\n - An unspecified use-after-free error exists that may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.(\n - A flaw exists in the 'sanitizeRemoteFrontendUrl()' function in 'devtools/front_end/devtools.js' that is triggered by a failure to properly sanitize input parameters. This may allow a context-dependent attacker to have an unspecified impact.\n - A flaw exists in the 'loadScriptsPromise()' function in 'devtools/front_end/Runtime.js' that is triggered by a failure to properly sanitize input parameters. This may allow a context-dependent attacker to have an unspecified impact.\n - An overflow condition is triggered as user-supplied input is not properly validated when handling RTP packets. This may allow a context-dependent attacker to cause a buffer overflow, resulting in a denial of service in a process linked against the library or potentially allowing the execution of arbitrary code.", "cvss3": {"score": null, "vector": null}, "published": "2016-09-02T00:00:00", "type": "nessus", "title": "Google Chrome < 52.0.2743.116 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145", "CVE-2016-5146"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "9490.PASL", "href": "https://www.tenable.com/plugins/nnm/9490", "sourceData": "Binary data 9490.pasl", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:27", "description": "The version of Google Chrome installed on the remote Mac OS X host is prior to 53.0.2785.113. It is, therefore, affected by multiple vulnerabilities :\n\n - A use-after-free error exists in the file bindings/modules/v8/V8BindingForModules.cpp that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5170)\n\n - A use-after-free error exists in Blink that is related to window constructors being callable. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2016-5171)\n\n - An arbitrary memory read error exists in V8 that allows an unauthenticated, remote attacker to disclose sensitive memory information. (CVE-2016-5172)\n\n - A flaw exists due to improper handling of specially crafted web pages. An unauthenticated, remote attacker can exploit this to load JavaScript extension resources, which may then be used to perform unauthorized actions.\n (CVE-2016-5173)\n\n - A flaw exists that is triggered when in fullscreen mode, in file ui/cocoa/browser_window_controller_private.mm, that results in a failure to suppress popups.\n (CVE-2016-5174)\n\n - An unspecified flaw exists that allows an attacker to impact confidentiality, integrity, and availability.\n (CVE-2016-5175)\n\n - A flaw exists due to improper handling of IPC messages for dead routing IDs. An authenticated, remote attacker can exploit this to execute arbitrary code.\n (CVE-2016-5175)\n\n - An unspecified flaw exists that allows an unauthenticated, remote attacker to bypass the SafeBrowsing protection mechanism. (CVE-2016-5176)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-14T00:00:00", "type": "nessus", "title": "Google Chrome < 53.0.2785.113 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5176"], "modified": "2019-11-14T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_53_0_2785_113.NASL", "href": "https://www.tenable.com/plugins/nessus/93477", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93477);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\n \"CVE-2016-5170\",\n \"CVE-2016-5171\",\n \"CVE-2016-5172\",\n \"CVE-2016-5173\",\n \"CVE-2016-5174\",\n \"CVE-2016-5175\",\n \"CVE-2016-5176\"\n );\n script_bugtraq_id(92942);\n\n script_name(english:\"Google Chrome < 53.0.2785.113 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Mac OS X host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is\nprior to 53.0.2785.113. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A use-after-free error exists in the file\n bindings/modules/v8/V8BindingForModules.cpp that allows\n an unauthenticated, remote attacker to execute arbitrary\n code. (CVE-2016-5170)\n\n - A use-after-free error exists in Blink that is related\n to window constructors being callable. An\n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2016-5171)\n\n - An arbitrary memory read error exists in V8 that allows\n an unauthenticated, remote attacker to disclose\n sensitive memory information. (CVE-2016-5172)\n\n - A flaw exists due to improper handling of specially\n crafted web pages. An unauthenticated, remote attacker\n can exploit this to load JavaScript extension resources,\n which may then be used to perform unauthorized actions.\n (CVE-2016-5173)\n\n - A flaw exists that is triggered when in fullscreen mode,\n in file ui/cocoa/browser_window_controller_private.mm,\n that results in a failure to suppress popups.\n (CVE-2016-5174)\n\n - An unspecified flaw exists that allows an attacker to\n impact confidentiality, integrity, and availability.\n (CVE-2016-5175)\n\n - A flaw exists due to improper handling of IPC messages\n for dead routing IDs. An authenticated, remote attacker\n can exploit this to execute arbitrary code.\n (CVE-2016-5175)\n\n - An unspecified flaw exists that allows an\n unauthenticated, remote attacker to bypass the\n SafeBrowsing protection mechanism. (CVE-2016-5176)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d15fba3d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 53.0.2785.113 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5175\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'53.0.2785.113', severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:31", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\n - CVE-2016-5170 A use-after-free issue was discovered in Blink/Webkit.\n\n - CVE-2016-5171 Another use-after-free issue was discovered in Blink/Webkit.\n\n - CVE-2016-5172 Choongwoo Han discovered an information leak in the v8 JavaScript library.\n\n - CVE-2016-5173 A resource bypass issue was discovered in extensions.\n\n - CVE-2016-5174 Andrey Kovalev discoved a way to bypass the popup blocker.\n\n - CVE-2016-5175 The chrome development team found and fixed various issues during internal auditing.\n\n - CVE-2016-7395 An uninitialized memory read issue was discovered in the skia library.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-16T00:00:00", "type": "nessus", "title": "Debian DSA-3667-1 : chromium-browser - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-7395"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3667.NASL", "href": "https://www.tenable.com/plugins/nessus/93546", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3667. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93546);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\", \"CVE-2016-7395\");\n script_xref(name:\"DSA\", value:\"3667\");\n\n script_name(english:\"Debian DSA-3667-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2016-5170\n A use-after-free issue was discovered in Blink/Webkit.\n\n - CVE-2016-5171\n Another use-after-free issue was discovered in\n Blink/Webkit.\n\n - CVE-2016-5172\n Choongwoo Han discovered an information leak in the v8\n JavaScript library.\n\n - CVE-2016-5173\n A resource bypass issue was discovered in extensions.\n\n - CVE-2016-5174\n Andrey Kovalev discoved a way to bypass the popup\n blocker.\n\n - CVE-2016-5175\n The chrome development team found and fixed various\n issues during internal auditing.\n\n - CVE-2016-7395\n An uninitialized memory read issue was discovered in the\n skia library.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5174\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-7395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3667\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 53.0.2785.113-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"chromedriver\", reference:\"53.0.2785.113-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium\", reference:\"53.0.2785.113-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-dbg\", reference:\"53.0.2785.113-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-inspector\", reference:\"53.0.2785.113-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-l10n\", reference:\"53.0.2785.113-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T16:03:38", "description": "The version of Google Chrome installed on the remote Windows host is prior to 53.0.2785.113. It is, therefore, affected by multiple vulnerabilities :\n\n - A use-after-free error exists in the file bindings/modules/v8/V8BindingForModules.cpp that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5170)\n\n - A use-after-free error exists in Blink that is related to window constructors being callable. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2016-5171)\n\n - An arbitrary memory read error exists in V8 that allows an unauthenticated, remote attacker to disclose sensitive memory information. (CVE-2016-5172)\n\n - A flaw exists due to improper handling of specially crafted web pages. An unauthenticated, remote attacker can exploit this to load JavaScript extension resources, which may then be used to perform unauthorized actions.\n (CVE-2016-5173)\n\n - A flaw exists that is triggered when in fullscreen mode, in file ui/cocoa/browser_window_controller_private.mm, that results in a failure to suppress popups.\n (CVE-2016-5174)\n\n - An unspecified flaw exists that allows an attacker to impact confidentiality, integrity, and availability.\n (CVE-2016-5175)\n\n - A flaw exists due to improper handling of IPC messages for dead routing IDs. An authenticated, remote attacker can exploit this to execute arbitrary code.\n (CVE-2016-5175)\n\n - An unspecified flaw exists that allows an unauthenticated, remote attacker to bypass the SafeBrowsing protection mechanism. (CVE-2016-5176)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-14T00:00:00", "type": "nessus", "title": "Google Chrome < 53.0.2785.113 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5176"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_53_0_2785_113.NASL", "href": "https://www.tenable.com/plugins/nessus/93476", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93476);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2016-5170\",\n \"CVE-2016-5171\",\n \"CVE-2016-5172\",\n \"CVE-2016-5173\",\n \"CVE-2016-5174\",\n \"CVE-2016-5175\",\n \"CVE-2016-5176\"\n );\n script_bugtraq_id(92942);\n\n script_name(english:\"Google Chrome < 53.0.2785.113 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 53.0.2785.113. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A use-after-free error exists in the file\n bindings/modules/v8/V8BindingForModules.cpp that allows\n an unauthenticated, remote attacker to execute arbitrary\n code. (CVE-2016-5170)\n\n - A use-after-free error exists in Blink that is related\n to window constructors being callable. An\n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2016-5171)\n\n - An arbitrary memory read error exists in V8 that allows\n an unauthenticated, remote attacker to disclose\n sensitive memory information. (CVE-2016-5172)\n\n - A flaw exists due to improper handling of specially\n crafted web pages. An unauthenticated, remote attacker\n can exploit this to load JavaScript extension resources,\n which may then be used to perform unauthorized actions.\n (CVE-2016-5173)\n\n - A flaw exists that is triggered when in fullscreen mode,\n in file ui/cocoa/browser_window_controller_private.mm,\n that results in a failure to suppress popups.\n (CVE-2016-5174)\n\n - An unspecified flaw exists that allows an attacker to\n impact confidentiality, integrity, and availability.\n (CVE-2016-5175)\n\n - A flaw exists due to improper handling of IPC messages\n for dead routing IDs. An authenticated, remote attacker\n can exploit this to execute arbitrary code.\n (CVE-2016-5175)\n\n - An unspecified flaw exists that allows an\n unauthenticated, remote attacker to bypass the\n SafeBrowsing protection mechanism. (CVE-2016-5176)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number\");\n # https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d15fba3d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 53.0.2785.113 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5175\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'53.0.2785.113', severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:07", "description": "A use-after-free was discovered in the V8 bindings in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5170)\n\nA use-after-free was discovered in the V8 bindings in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5171)\n\nAn issue was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to ontain sensitive information from arbitrary memory locations.\n(CVE-2016-5172)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash, or execute arbitrary code.\n(CVE-2016-5175, CVE-2016-5178)\n\nA use-after-free was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5177)\n\nIt was discovered that Chromium does not ensure the recipient of a certain IPC message is a valid RenderFrame or RenderWidget. An attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitary code. (CVE-2016-7549).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-10T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS : oxide-qt vulnerabilities (USN-3091-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5175", "CVE-2016-5177", "CVE-2016-5178", "CVE-2016-7549"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3091-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93938", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3091-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93938);\n script_version(\"2.11\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5175\", \"CVE-2016-5177\", \"CVE-2016-5178\", \"CVE-2016-7549\");\n script_xref(name:\"USN\", value:\"3091-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS : oxide-qt vulnerabilities (USN-3091-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free was discovered in the V8 bindings in Blink. If a user\nwere tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code. (CVE-2016-5170)\n\nA use-after-free was discovered in the V8 bindings in Blink. If a user\nwere tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code. (CVE-2016-5171)\n\nAn issue was discovered in V8. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this\nto ontain sensitive information from arbitrary memory locations.\n(CVE-2016-5172)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash, or execute arbitrary code.\n(CVE-2016-5175, CVE-2016-5178)\n\nA use-after-free was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application crash, or\nexecute arbitrary code. (CVE-2016-5177)\n\nIt was discovered that Chromium does not ensure the recipient of a\ncertain IPC message is a valid RenderFrame or RenderWidget. An\nattacker could potentially exploit this to cause a denial of service\nvia application crash, or execute arbitary code. (CVE-2016-7549).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3091-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected liboxideqtcore0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.17.9-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.17.9-0ubuntu0.16.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liboxideqtcore0\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-29T14:44:08", "description": "Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service (application crash) or execute arbitrary code.\n(CVE-2016-1705)\n\nIt was discovered that the PPAPI implementation does not validate the origin of IPC messages to the plugin broker process. A remote attacker could potentially exploit this to bypass sandbox protection mechanisms. (CVE-2016-1706)\n\nIt was discovered that Blink does not prevent window creation by a deferred frame. A remote attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-1710)\n\nIt was discovered that Blink does not disable frame navigation during a detach operation on a DocumentLoader object. A remote attacker could potentially exploit this to bypass same origin restrictions.\n(CVE-2016-1711)\n\nA use-after-free was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer process crash, or execute arbitrary code. (CVE-2016-5127)\n\nIt was discovered that objects.cc in V8 does not prevent API interceptors from modifying a store target without setting a property.\nA remote attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-5128)\n\nA memory corruption was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer process crash, or execute arbitrary code. (CVE-2016-5129)\n\nA security issue was discovered in Chromium. A remote attacker could potentially exploit this to spoof the currently displayed URL.\n(CVE-2016-5130)\n\nA use-after-free was discovered in libxml. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer process crash, or execute arbitrary code. (CVE-2016-5131)\n\nThe Service Workers implementation in Chromium does not properly implement the Secure Contexts specification during decisions about whether to control a subframe. A remote attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-5132)\n\nIt was discovered that Chromium mishandles origin information during proxy authentication. A man-in-the-middle attacker could potentially exploit this to spoof a proxy authentication login prompt.\n(CVE-2016-5133)\n\nIt was discovered that the Proxy Auto-Config (PAC) feature in Chromium does not ensure that URL information is restricted to a scheme, host and port. A remote attacker could potentially exploit this to obtain sensitive information. (CVE-2016-5134)\n\nIt was discovered that Blink does not consider referrer-policy information inside an HTML document during a preload request. A remote attacker could potentially exploit this to bypass Content Security Policy (CSP) protections. (CVE-2016-5135)\n\nIt was discovered that the Content Security Policy (CSP) implementation in Blink does not apply http :80 policies to https :443 URLs. A remote attacker could potentially exploit this to determine whether a specific HSTS website has been visited by reading a CSP report. (CVE-2016-5137).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-08-08T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS : oxide-qt vulnerabilities (USN-3041-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5137"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3041-1.NASL", "href": "https://www.tenable.com/plugins/nessus/92784", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3041-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92784);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2016-1705\", \"CVE-2016-1706\", \"CVE-2016-1710\", \"CVE-2016-1711\", \"CVE-2016-5127\", \"CVE-2016-5128\", \"CVE-2016-5129\", \"CVE-2016-5130\", \"CVE-2016-5131\", \"CVE-2016-5132\", \"CVE-2016-5133\", \"CVE-2016-5134\", \"CVE-2016-5135\", \"CVE-2016-5137\");\n script_xref(name:\"USN\", value:\"3041-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS : oxide-qt vulnerabilities (USN-3041-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service (application crash) or execute arbitrary code.\n(CVE-2016-1705)\n\nIt was discovered that the PPAPI implementation does not validate the\norigin of IPC messages to the plugin broker process. A remote attacker\ncould potentially exploit this to bypass sandbox protection\nmechanisms. (CVE-2016-1706)\n\nIt was discovered that Blink does not prevent window creation by a\ndeferred frame. A remote attacker could potentially exploit this to\nbypass same origin restrictions. (CVE-2016-1710)\n\nIt was discovered that Blink does not disable frame navigation during\na detach operation on a DocumentLoader object. A remote attacker could\npotentially exploit this to bypass same origin restrictions.\n(CVE-2016-1711)\n\nA use-after-free was discovered in Blink. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer process crash,\nor execute arbitrary code. (CVE-2016-5127)\n\nIt was discovered that objects.cc in V8 does not prevent API\ninterceptors from modifying a store target without setting a property.\nA remote attacker could potentially exploit this to bypass same origin\nrestrictions. (CVE-2016-5128)\n\nA memory corruption was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer process crash,\nor execute arbitrary code. (CVE-2016-5129)\n\nA security issue was discovered in Chromium. A remote attacker could\npotentially exploit this to spoof the currently displayed URL.\n(CVE-2016-5130)\n\nA use-after-free was discovered in libxml. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer process crash,\nor execute arbitrary code. (CVE-2016-5131)\n\nThe Service Workers implementation in Chromium does not properly\nimplement the Secure Contexts specification during decisions about\nwhether to control a subframe. A remote attacker could potentially\nexploit this to bypass same origin restrictions. (CVE-2016-5132)\n\nIt was discovered that Chromium mishandles origin information during\nproxy authentication. A man-in-the-middle attacker could potentially\nexploit this to spoof a proxy authentication login prompt.\n(CVE-2016-5133)\n\nIt was discovered that the Proxy Auto-Config (PAC) feature in Chromium\ndoes not ensure that URL information is restricted to a scheme, host\nand port. A remote attacker could potentially exploit this to obtain\nsensitive information. (CVE-2016-5134)\n\nIt was discovered that Blink does not consider referrer-policy\ninformation inside an HTML document during a preload request. A remote\nattacker could potentially exploit this to bypass Content Security\nPolicy (CSP) protections. (CVE-2016-5135)\n\nIt was discovered that the Content Security Policy (CSP)\nimplementation in Blink does not apply http :80 policies to https :443\nURLs. A remote attacker could potentially exploit this to determine\nwhether a specific HSTS website has been visited by reading a CSP\nreport. (CVE-2016-5137).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3041-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected liboxideqtcore0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.16.5-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.16.5-0ubuntu0.16.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liboxideqtcore0\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:40:12", "description": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 53.0.2785.113.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5170, CVE-2016-5171, CVE-2016-5175, CVE-2016-5172, CVE-2016-5173, CVE-2016-5174)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-19T00:00:00", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2016:1905)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5176", "CVE-2016-7549"], "modified": "2020-05-29T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser", "p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2016-1905.NASL", "href": "https://www.tenable.com/plugins/nessus/93586", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:1905. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93586);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\", \"CVE-2016-5176\", \"CVE-2016-7549\");\n script_xref(name:\"RHSA\", value:\"2016:1905\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2016:1905)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 53.0.2785.113.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web\ncontent. A web page containing malicious content could cause Chromium\nto crash, execute arbitrary code, or disclose sensitive information\nwhen visited by the victim. (CVE-2016-5170, CVE-2016-5171,\nCVE-2016-5175, CVE-2016-5172, CVE-2016-5173, CVE-2016-5174)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:1905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5174\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7549\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:1905\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-53.0.2785.113-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-53.0.2785.113-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-53.0.2785.113-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-53.0.2785.113-1.el6\", allowmaj:TRUE)) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:46", "description": "The version of Google Chrome installed on the remote host is prior to 53.0.2785.113, and is affected by multiple vulnerabilities :\n\n - A use-after-free error in 'bindings/modules/v8/V8BindingForModules.cpp' may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n - A use-after-free error exists in Blink related to window constructors being callable. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n - An unspecified flaw may allow a context-dependent attacker to disclose potentially sensitive information in memory. No further details have been provided.\n - A flaw is triggered when handling a specially crafted web page. This may allow a context-dependent attacker to load extension JavaScript resources, which they may leverage to perform unauthorized actions.\n - A flaw exists in 'ui/cocoa/browser_window_controller_private.mm' that is triggered when in fullscreen mode. This may cause popups to not be properly suppressed.\n - An unspecified flaw may allow a context-dependent attacker to have an unspecified high severity impact. No further details have been provided by the vendor.\n - A flaw is triggered when handling IPC messages for dead routing IDs. This may allow a context-dependent attacker to potentially execute arbitrary code.\n - An unspecified flaw exists in 'content/child/blob_storage/blob_transport_controller.cc' related to improper shared memory mapping. This may allow a context-dependent attacker to have an unspecified impact.\n - An unspecified flaw exists in the Safe Browsing feature that is triggered when validating URLs. This may allow a context-dependent attacker to bypass intended restrictions.\n - An unspecified flaw may allow a context-dependent attacker to bypass SafeBrowsing. No further details have been provided.", "cvss3": {"score": null, "vector": null}, "published": "2016-10-17T00:00:00", "type": "nessus", "title": "Google Chrome < 53.0.2785.113 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5173", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5176", "CVE-2016-7549"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "9595.PASL", "href": "https://www.tenable.com/plugins/nnm/9595", "sourceData": "Binary data 9595.pasl", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:26:51", "description": "Google Chrome Releases reports :\n\n48 security fixes in this release, including :\n\n- [610600] High CVE-2016-1706: Sandbox escape in PPAPI. Credit to Pinkie Pie xisigr of Tencent's Xuanwu Lab\n\n- [613949] High CVE-2016-1708: Use-after-free in Extensions. Credit to Adam Varsan\n\n- [614934] High CVE-2016-1709: Heap-buffer-overflow in sfntly. Credit to ChenQin of Topsec Security Team\n\n- [616907] High CVE-2016-1710: Same-origin bypass in Blink. Credit to Mariusz Mlynski\n\n- [617495] High CVE-2016-1711: Same-origin bypass in Blink. Credit to Mariusz Mlynski\n\n- [618237] High CVE-2016-5127: Use-after-free in Blink. Credit to cloudfuzzer\n\n- [619166] High CVE-2016-5128: Same-origin bypass in V8. Credit to Anonymous\n\n- [620553] High CVE-2016-5129: Memory corruption in V8. Credit to Jeonghoon Shin\n\n- [623319] High CVE-2016-5130: URL spoofing. Credit to Wadih Matar\n\n- [623378] High CVE-2016-5131: Use-after-free in libxml. Credit to Nick Wellnhofer\n\n- [607543] Medium CVE-2016-5132: Limited same-origin bypass in Service Workers. Credit to Ben Kelly\n\n- [613626] Medium CVE-2016-5133: Origin confusion in proxy authentication. Credit to Patch Eudor\n\n- [593759] Medium CVE-2016-5134: URL leakage via PAC script. Credit to Paul Stone\n\n- [605451] Medium CVE-2016-5135: Content-Security-Policy bypass.\nCredit to kingxwy\n\n- [625393] Medium CVE-2016-5136: Use after free in extensions. Credit to Rob Wu\n\n- [625945] Medium CVE-2016-5137: History sniffing with HSTS and CSP.\nCredit to Xiaoyin Liu\n\n- [629852] CVE-2016-1705: Various fixes from internal audits, fuzzing and other initiatives.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-07-25T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (6fae9fe1-5048-11e6-8aa7-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1708", "CVE-2016-1709", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "p-cpe:/a:freebsd:freebsd:chromium-npapi", "p-cpe:/a:freebsd:freebsd:chromium-pulse", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_6FAE9FE1504811E68AA73065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/92537", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92537);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-1705\", \"CVE-2016-1706\", \"CVE-2016-1708\", \"CVE-2016-1709\", \"CVE-2016-1710\", \"CVE-2016-1711\", \"CVE-2016-5127\", \"CVE-2016-5128\", \"CVE-2016-5129\", \"CVE-2016-5130\", \"CVE-2016-5131\", \"CVE-2016-5132\", \"CVE-2016-5133\", \"CVE-2016-5134\", \"CVE-2016-5135\", \"CVE-2016-5136\", \"CVE-2016-5137\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (6fae9fe1-5048-11e6-8aa7-3065ec8fd3ec)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n48 security fixes in this release, including :\n\n- [610600] High CVE-2016-1706: Sandbox escape in PPAPI. Credit to\nPinkie Pie xisigr of Tencent's Xuanwu Lab\n\n- [613949] High CVE-2016-1708: Use-after-free in Extensions. Credit to\nAdam Varsan\n\n- [614934] High CVE-2016-1709: Heap-buffer-overflow in sfntly. Credit\nto ChenQin of Topsec Security Team\n\n- [616907] High CVE-2016-1710: Same-origin bypass in Blink. Credit to\nMariusz Mlynski\n\n- [617495] High CVE-2016-1711: Same-origin bypass in Blink. Credit to\nMariusz Mlynski\n\n- [618237] High CVE-2016-5127: Use-after-free in Blink. Credit to\ncloudfuzzer\n\n- [619166] High CVE-2016-5128: Same-origin bypass in V8. Credit to\nAnonymous\n\n- [620553] High CVE-2016-5129: Memory corruption in V8. Credit to\nJeonghoon Shin\n\n- [623319] High CVE-2016-5130: URL spoofing. Credit to Wadih Matar\n\n- [623378] High CVE-2016-5131: Use-after-free in libxml. Credit to\nNick Wellnhofer\n\n- [607543] Medium CVE-2016-5132: Limited same-origin bypass in Service\nWorkers. Credit to Ben Kelly\n\n- [613626] Medium CVE-2016-5133: Origin confusion in proxy\nauthentication. Credit to Patch Eudor\n\n- [593759] Medium CVE-2016-5134: URL leakage via PAC script. Credit to\nPaul Stone\n\n- [605451] Medium CVE-2016-5135: Content-Security-Policy bypass.\nCredit to kingxwy\n\n- [625393] Medium CVE-2016-5136: Use after free in extensions. Credit\nto Rob Wu\n\n- [625945] Medium CVE-2016-5137: History sniffing with HSTS and CSP.\nCredit to Xiaoyin Liu\n\n- [629852] CVE-2016-1705: Various fixes from internal audits, fuzzing\nand other initiatives.\"\n );\n # https://googlechromereleases.blogspot.nl/2016/07/stable-channel-update.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3f4bd83a\"\n );\n # https://vuxml.freebsd.org/freebsd/6fae9fe1-5048-11e6-8aa7-3065ec8fd3ec.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e67e600e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-npapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<52.0.2743.82\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-npapi<52.0.2743.82\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-pulse<52.0.2743.82\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:20:21", "description": "The version of Google Chrome installed on the remote Mac OS X host is prior to 52.0.2743.82. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple unspecified vulnerabilities exist that allow a remote attacker to cause a denial of service condition or possibly have other impact via unknown vectors.\n (CVE-2016-1705)\n\n - A sandbox protection bypass vulnerability exists in PPAPI due to a failure to validate the origin of IPC messages to the plugin broker process. An unauthenticated, remote attacker can exploit this to bypass the sandbox. (CVE-2016-1706)\n\n - A use-after-free error exists in Extensions due to a failure to consider object lifetimes during progress observation. An unauthenticated, remote attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code.\n (CVE-2016-1708)\n\n - An array indexing error exists in the ByteArray::Get() function in data/byte_array.cc due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.\n (CVE-2016-1709)\n\n - A same-origin bypass vulnerability exists in Blink due to a failure to prevent window creation by a deferred frame. A remote attacker can exploit this to bypass the same-origin policy. (CVE-2016-1710)\n\n - A same-origin bypass vulnerability exists in Blink due to a failure to disable frame navigation during a detach operation on a DocumentLoader object. A remote attacker can exploit this to bypass the same-origin policy.\n (CVE-2016-1711)\n\n - A use-after-free error exists in Blink in the previousLinePosition() function. An unauthenticated, remote attacker can exploit this, via crafted JavaScript code involving an @import at-rule in a Cascading Style Sheets (CSS) token sequence in conjunction with a rel=import attribute of a LINK element, to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-5127)\n\n - A same-origin bypass vulnerability exists in Google V8 due to a failure to prevent API interceptors from modifying a store target without setting a property. A remote attacker can exploit this to bypass the same-origin policy. (CVE-2016-5128)\n\n - A flaw exists in V8 due to improper processing of left-trimmed objects. An unauthenticated, remote attacker can exploit this, via crafted JavaScript code, to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-5129)\n\n - A flaw exists that is triggered when handling two forward navigations that compete in different frames. A remote attacker can exploit this to conduct a URL spoofing attack. (CVE-2016-5130)\n\n - A use-after-free error exists in libxml2 in the xmlXPtrRangeToFunction() function. An unauthenticated, remote attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-5131)\n\n - A same-origin bypass vulnerability exists in the Service Workers subsystem due to a failure to properly implement the Secure Contexts specification during decisions about whether to control a subframe. A remote attacker can exploit this to bypass the same-origin policy.\n (CVE-2016-5132)\n\n - A flaw exists in the handling of origin information during proxy authentication that allows a man-in-the-middle attacker to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server data stream. (CVE-2016-5133)\n\n - A validation flaw exists in the Proxy Auto-Config (PAC) feature due to a failure to ensure that URL information is restricted to a scheme, host, and port. A remote attacker can exploit this to disclose credentials by operating a server with a PAC script. (CVE-2016-5134)\n\n - A cross-origin bypass vulnerability exists in Blink due to a failure to consider referrer-policy information inside an HTML document during a preload request. A remote attacker can exploit this to bypass the Content Security Policy (CSP) protection mechanism.\n (CVE-2016-5135)\n\n - A use-after-free error exists in Extensions that allows a remote attacker to dereference already freed memory, resulting in the execution of arbitrary code with elevated privileges. (CVE-2016-5136)\n\n - An information disclosure vulnerability exists in Blink when handling HTTP vs HTTPs ports in source expressions.\n An unauthenticated, remote attacker can exploit this to determine whether a specific HTTP Strict Transport Security (HSTS) web site has been visited by reading a CSP report. (CVE-2016-5137)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-07-29T00:00:00", "type": "nessus", "title": "Google Chrome < 52.0.2743.82 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1708", "CVE-2016-1709", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_52_0_2743_82.NASL", "href": "https://www.tenable.com/plugins/nessus/92629", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92629);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2016-1705\",\n \"CVE-2016-1706\",\n \"CVE-2016-1708\",\n \"CVE-2016-1709\",\n \"CVE-2016-1710\",\n \"CVE-2016-1711\",\n \"CVE-2016-5127\",\n \"CVE-2016-5128\",\n \"CVE-2016-5129\",\n \"CVE-2016-5130\",\n \"CVE-2016-5131\",\n \"CVE-2016-5132\",\n \"CVE-2016-5133\",\n \"CVE-2016-5134\",\n \"CVE-2016-5135\",\n \"CVE-2016-5136\",\n \"CVE-2016-5137\"\n );\n script_bugtraq_id(92053);\n\n script_name(english:\"Google Chrome < 52.0.2743.82 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Mac OS X host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is\nprior to 52.0.2743.82. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple unspecified vulnerabilities exist that allow a\n remote attacker to cause a denial of service condition\n or possibly have other impact via unknown vectors.\n (CVE-2016-1705)\n\n - A sandbox protection bypass vulnerability exists in\n PPAPI due to a failure to validate the origin of IPC\n messages to the plugin broker process. An\n unauthenticated, remote attacker can exploit this to\n bypass the sandbox. (CVE-2016-1706)\n\n - A use-after-free error exists in Extensions due to a\n failure to consider object lifetimes during progress\n observation. An unauthenticated, remote attacker can\n exploit this to dereference already freed memory,\n resulting in the execution of arbitrary code.\n (CVE-2016-1708)\n\n - An array indexing error exists in the ByteArray::Get()\n function in data/byte_array.cc due to improper \n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a heap-based\n buffer overflow, resulting in a denial of service\n condition or the execution of arbitrary code.\n (CVE-2016-1709)\n\n - A same-origin bypass vulnerability exists in Blink due\n to a failure to prevent window creation by a deferred\n frame. A remote attacker can exploit this to bypass the\n same-origin policy. (CVE-2016-1710)\n\n - A same-origin bypass vulnerability exists in Blink due\n to a failure to disable frame navigation during a detach\n operation on a DocumentLoader object. A remote attacker\n can exploit this to bypass the same-origin policy.\n (CVE-2016-1711)\n\n - A use-after-free error exists in Blink in the\n previousLinePosition() function. An unauthenticated,\n remote attacker can exploit this, via crafted JavaScript\n code involving an @import at-rule in a Cascading Style\n Sheets (CSS) token sequence in conjunction with a\n rel=import attribute of a LINK element, to cause a\n denial of service condition or the execution of\n arbitrary code. (CVE-2016-5127)\n\n - A same-origin bypass vulnerability exists in Google V8\n due to a failure to prevent API interceptors from\n modifying a store target without setting a property. A\n remote attacker can exploit this to bypass the\n same-origin policy. (CVE-2016-5128)\n\n - A flaw exists in V8 due to improper processing of\n left-trimmed objects. An unauthenticated, remote\n attacker can exploit this, via crafted JavaScript code,\n to cause a denial of service condition or the execution\n of arbitrary code. (CVE-2016-5129)\n\n - A flaw exists that is triggered when handling two\n forward navigations that compete in different frames. A\n remote attacker can exploit this to conduct a URL\n spoofing attack. (CVE-2016-5130)\n\n - A use-after-free error exists in libxml2 in the\n xmlXPtrRangeToFunction() function. An unauthenticated,\n remote attacker can exploit this to dereference already\n freed memory, resulting in the execution of arbitrary\n code. (CVE-2016-5131)\n\n - A same-origin bypass vulnerability exists in the Service\n Workers subsystem due to a failure to properly implement\n the Secure Contexts specification during decisions about\n whether to control a subframe. A remote attacker can\n exploit this to bypass the same-origin policy.\n (CVE-2016-5132)\n\n - A flaw exists in the handling of origin information\n during proxy authentication that allows a\n man-in-the-middle attacker to spoof a\n proxy-authentication login prompt or trigger incorrect\n credential storage by modifying the client-server data\n stream. (CVE-2016-5133)\n\n - A validation flaw exists in the Proxy Auto-Config (PAC)\n feature due to a failure to ensure that URL information\n is restricted to a scheme, host, and port. A remote\n attacker can exploit this to disclose credentials by\n operating a server with a PAC script. (CVE-2016-5134)\n\n - A cross-origin bypass vulnerability exists in Blink due\n to a failure to consider referrer-policy information\n inside an HTML document during a preload request. A\n remote attacker can exploit this to bypass the Content\n Security Policy (CSP) protection mechanism.\n (CVE-2016-5135)\n\n - A use-after-free error exists in Extensions that allows\n a remote attacker to dereference already freed memory,\n resulting in the execution of arbitrary code with\n elevated privileges. (CVE-2016-5136)\n\n - An information disclosure vulnerability exists in Blink\n when handling HTTP vs HTTPs ports in source expressions.\n An unauthenticated, remote attacker can exploit this to\n determine whether a specific HTTP Strict Transport\n Security (HSTS) web site has been visited by reading a\n CSP report. (CVE-2016-5137)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7c7c32d0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 52.0.2743.82 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\",value:\"local\");\n script_set_attribute(attribute:\"cpe\",value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'52.0.2743.82', severity:SECURITY_HOLE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:18:45", "description": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 52.0.2743.82.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-1706, CVE-2016-1708, CVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137, CVE-2016-1705)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-07-26T00:00:00", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2016:1485)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1708", "CVE-2016-1709", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137"], "modified": "2020-05-29T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser", "p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2016-1485.NASL", "href": "https://www.tenable.com/plugins/nessus/92552", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:1485. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92552);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2016-1705\", \"CVE-2016-1706\", \"CVE-2016-1708\", \"CVE-2016-1709\", \"CVE-2016-1710\", \"CVE-2016-1711\", \"CVE-2016-5127\", \"CVE-2016-5128\", \"CVE-2016-5129\", \"CVE-2016-5130\", \"CVE-2016-5131\", \"CVE-2016-5132\", \"CVE-2016-5133\", \"CVE-2016-5134\", \"CVE-2016-5135\", \"CVE-2016-5136\", \"CVE-2016-5137\");\n script_xref(name:\"RHSA\", value:\"2016:1485\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2016:1485)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 52.0.2743.82.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web\ncontent. A web page containing malicious content could cause Chromium\nto crash, execute arbitrary code, or disclose sensitive information\nwhen visited by the victim. (CVE-2016-1706, CVE-2016-1708,\nCVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127,\nCVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131,\nCVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135,\nCVE-2016-5136, CVE-2016-5137, CVE-2016-1705)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:1485\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5128\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5129\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5130\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5132\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5133\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5137\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:1485\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-52.0.2743.82-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-52.0.2743.82-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-52.0.2743.82-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-52.0.2743.82-1.el6\", allowmaj:TRUE)) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:19:47", "description": "The version of Google Chrome installed on the remote Windows host is prior to 52.0.2743.82. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple unspecified vulnerabilities exist that allow a remote attacker to cause a denial of service condition or possibly have other impact via unknown vectors.\n (CVE-2016-1705)\n\n - A sandbox protection bypass vulnerability exists in PPAPI due to a failure to validate the origin of IPC messages to the plugin broker process. An unauthenticated, remote attacker can exploit this to bypass the sandbox. (CVE-2016-1706)\n\n - A use-after-free error exists in Extensions due to a failure to consider object lifetimes during progress observation. An unauthenticated, remote attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code.\n (CVE-2016-1708)\n\n - An array indexing error exists in the ByteArray::Get() function in data/byte_array.cc due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.\n (CVE-2016-1709)\n\n - A same-origin bypass vulnerability exists in Blink due to a failure to prevent window creation by a deferred frame. A remote attacker can exploit this to bypass the same-origin policy. (CVE-2016-1710)\n\n - A same-origin bypass vulnerability exists in Blink due to a failure to disable frame navigation during a detach operation on a DocumentLoader object. A remote attacker can exploit this to bypass the same-origin policy.\n (CVE-2016-1711)\n\n - A use-after-free error exists in Blink in the previousLinePosition() function. An unauthenticated, remote attacker can exploit this, via crafted JavaScript code involving an @import at-rule in a Cascading Style Sheets (CSS) token sequence in conjunction with a rel=import attribute of a LINK element, to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-5127)\n\n - A same-origin bypass vulnerability exists in Google V8 due to a failure to prevent API interceptors from modifying a store target without setting a property. A remote attacker can exploit this to bypass the same-origin policy. (CVE-2016-5128)\n\n - A flaw exists in V8 due to improper processing of left-trimmed objects. An unauthenticated, remote attacker can exploit this, via crafted JavaScript code, to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-5129)\n\n - A flaw exists that is triggered when handling two forward navigations that compete in different frames. A remote attacker can exploit this to conduct a URL spoofing attack. (CVE-2016-5130)\n\n - A use-after-free error exists in libxml2 in the xmlXPtrRangeToFunction() function. An unauthenticated, remote attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-5131)\n\n - A same-origin bypass vulnerability exists in the Service Workers subsystem due to a failure to properly implement the Secure Contexts specification during decisions about whether to control a subframe. A remote attacker can exploit this to bypass the same-origin policy.\n (CVE-2016-5132)\n\n - A flaw exists in the handling of origin information during proxy authentication that allows a man-in-the-middle attacker to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server data stream. (CVE-2016-5133)\n\n - A validation flaw exists in the Proxy Auto-Config (PAC) feature due to a failure to ensure that URL information is restricted to a scheme, host, and port. A remote attacker can exploit this to disclose credentials by operating a server with a PAC script. (CVE-2016-5134)\n\n - A cross-origin bypass vulnerability exists in Blink due to a failure to consider referrer-policy information inside an HTML document during a preload request. A remote attacker can exploit this to bypass the Content Security Policy (CSP) protection mechanism.\n (CVE-2016-5135)\n\n - A use-after-free error exists in Extensions that allows a remote attacker to dereference already freed memory, resulting in the execution of arbitrary code with elevated privileges. (CVE-2016-5136)\n\n - An information disclosure vulnerability exists in Blink when handling HTTP vs HTTPs ports in source expressions.\n An unauthenticated, remote attacker can exploit this to determine whether a specific HTTP Strict Transport Security (HSTS) web site has been visited by reading a CSP report. (CVE-2016-5137)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-07-29T00:00:00", "type": "nessus", "title": "Google Chrome < 52.0.2743.82 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1708", "CVE-2016-1709", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_52_0_2743_82.NASL", "href": "https://www.tenable.com/plugins/nessus/92628", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92628);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2016-1705\",\n \"CVE-2016-1706\",\n \"CVE-2016-1708\",\n \"CVE-2016-1709\",\n \"CVE-2016-1710\",\n \"CVE-2016-1711\",\n \"CVE-2016-5127\",\n \"CVE-2016-5128\",\n \"CVE-2016-5129\",\n \"CVE-2016-5130\",\n \"CVE-2016-5131\",\n \"CVE-2016-5132\",\n \"CVE-2016-5133\",\n \"CVE-2016-5134\",\n \"CVE-2016-5135\",\n \"CVE-2016-5136\",\n \"CVE-2016-5137\"\n );\n script_bugtraq_id(92053);\n\n script_name(english:\"Google Chrome < 52.0.2743.82 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 52.0.2743.82. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple unspecified vulnerabilities exist that allow a\n remote attacker to cause a denial of service condition\n or possibly have other impact via unknown vectors.\n (CVE-2016-1705)\n\n - A sandbox protection bypass vulnerability exists in\n PPAPI due to a failure to validate the origin of IPC\n messages to the plugin broker process. An\n unauthenticated, remote attacker can exploit this to\n bypass the sandbox. (CVE-2016-1706)\n\n - A use-after-free error exists in Extensions due to a\n failure to consider object lifetimes during progress\n observation. An unauthenticated, remote attacker can\n exploit this to dereference already freed memory,\n resulting in the execution of arbitrary code.\n (CVE-2016-1708)\n\n - An array indexing error exists in the ByteArray::Get()\n function in data/byte_array.cc due to improper \n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a heap-based\n buffer overflow, resulting in a denial of service\n condition or the execution of arbitrary code.\n (CVE-2016-1709)\n\n - A same-origin bypass vulnerability exists in Blink due\n to a failure to prevent window creation by a deferred\n frame. A remote attacker can exploit this to bypass the\n same-origin policy. (CVE-2016-1710)\n\n - A same-origin bypass vulnerability exists in Blink due\n to a failure to disable frame navigation during a detach\n operation on a DocumentLoader object. A remote attacker\n can exploit this to bypass the same-origin policy.\n (CVE-2016-1711)\n\n - A use-after-free error exists in Blink in the\n previousLinePosition() function. An unauthenticated,\n remote attacker can exploit this, via crafted JavaScript\n code involving an @import at-rule in a Cascading Style\n Sheets (CSS) token sequence in conjunction with a\n rel=import attribute of a LINK element, to cause a\n denial of service condition or the execution of\n arbitrary code. (CVE-2016-5127)\n\n - A same-origin bypass vulnerability exists in Google V8\n due to a failure to prevent API interceptors from\n modifying a store target without setting a property. A\n remote attacker can exploit this to bypass the\n same-origin policy. (CVE-2016-5128)\n\n - A flaw exists in V8 due to improper processing of\n left-trimmed objects. An unauthenticated, remote\n attacker can exploit this, via crafted JavaScript code,\n to cause a denial of service condition or the execution\n of arbitrary code. (CVE-2016-5129)\n\n - A flaw exists that is triggered when handling two\n forward navigations that compete in different frames. A\n remote attacker can exploit this to conduct a URL\n spoofing attack. (CVE-2016-5130)\n\n - A use-after-free error exists in libxml2 in the\n xmlXPtrRangeToFunction() function. An unauthenticated,\n remote attacker can exploit this to dereference already\n freed memory, resulting in the execution of arbitrary\n code. (CVE-2016-5131)\n\n - A same-origin bypass vulnerability exists in the Service\n Workers subsystem due to a failure to properly implement\n the Secure Contexts specification during decisions about\n whether to control a subframe. A remote attacker can\n exploit this to bypass the same-origin policy.\n (CVE-2016-5132)\n\n - A flaw exists in the handling of origin information\n during proxy authentication that allows a\n man-in-the-middle attacker to spoof a\n proxy-authentication login prompt or trigger incorrect\n credential storage by modifying the client-server data\n stream. (CVE-2016-5133)\n\n - A validation flaw exists in the Proxy Auto-Config (PAC)\n feature due to a failure to ensure that URL information\n is restricted to a scheme, host, and port. A remote\n attacker can exploit this to disclose credentials by\n operating a server with a PAC script. (CVE-2016-5134)\n\n - A cross-origin bypass vulnerability exists in Blink due\n to a failure to consider referrer-policy information\n inside an HTML document during a preload request. A\n remote attacker can exploit this to bypass the Content\n Security Policy (CSP) protection mechanism.\n (CVE-2016-5135)\n\n - A use-after-free error exists in Extensions that allows\n a remote attacker to dereference already freed memory,\n resulting in the execution of arbitrary code with\n elevated privileges. (CVE-2016-5136)\n\n - An information disclosure vulnerability exists in Blink\n when handling HTTP vs HTTPs ports in source expressions.\n An unauthenticated, remote attacker can exploit this to\n determine whether a specific HTTP Strict Transport\n Security (HSTS) web site has been visited by reading a\n CSP report. (CVE-2016-5137)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7c7c32d0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 52.0.2743.82 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'52.0.2743.82', severity:SECURITY_HOLE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:40:14", "description": "The specific version of Chrome that the system is running is reportedly affected by the following vulnerabilities:\n\n- Google Chrome contains a flaw in PPAPI that is triggered when handling certain messages not sent by the browser in the plugin broker process. This may allow a context-dependent attacker to bypass the sandbox. (CVE-2016-1706)\n\n- Google Chrome for iOS contains a flaw in web/web_state/ui/crw_web_controller.mm that is triggered when handling invalid URLs. This may allow a context-dependent attacker to conduct URL spoofing attacks. (CVE-2016-1707)\n\n- Google Chrome contains a use-after-free error related to extensions that may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n (CVE-2016-1708)\n\n- Google sfntly contains an array indexing error in the ByteArray::Get() function in data/byte_array.cc that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, crashing a process linked against the library or potentially allowing the execution of arbitrary code. (CVE-2016-1709)\n\n- Google Chrome contains a flaw in web/ChromeClientImpl.cpp that is triggered when handling creation of new windows by deferred frames. This may allow a context-dependent attacker to bypass the same-origin policy. (CVE-2016-1710)\n\n- Google Chrome contains a flaw in core/loader/FrameLoader.cpp that is triggered when handling frame navigations during DocumentLoader detach. This may allow a context-dependent attacker to bypass the same-origin policy. (CVE-2016-1711)\n\n- Google Chrome contains a use-after-free error in the previousLinePosition() function in core/editing/VisibleUnits.cpp. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-5127)\n\n- Google V8 contains an unspecified flaw which may allow a context-dependent attacker to bypass the same-origin policy. No further details have been provided by the vendor. (CVE-2016-5128)\n\n- Google V8 contains a flaw that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and cause a denial of service in a process linked against the library or potentially execute arbitrary code. (CVE-2016-5129)\n\n- Google Chrome contains a flaw in the HistoryController::UpdateForCommit() function in content/renderer/history_controller.cc. The issue is triggered when handling two forward navigations that compete in different frames. This may allow a context-dependent attacker to perform URL spoofing attacks. (CVE-2016-5130)\n\n- Libxml2 contains a use-after-free error in the xmlXPtrRangeToFunction() function in xpointer.c. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-5131)\n\n- Google Chrome contains a flaw related to Service Workers that is triggered when handling subframes of an insecure context. This may allow a context-dependent attacker to perform a limited bypass of the same-origin policy. (CVE-2016-5132)\n\n- Google Chrome contains a flaw related to proxy authentication that is triggere when handling origins. This may allow a context-dependent attacker to spoof the proxy server origin. (CVE-2016-5133)\n\n- Google Chrome contains a flaw that is triggered as https:// URLs are not properly sanitized before being sent to PAC scripts. This may allow a context-dependent attacker to leak URLs. (CVE-2016-5134)\n\n- Google Chrome contains a flaw in html/parser/HTMLPreloadScanner.cpp related to the handling of referrer policies. This may allow a context-dependent attacker to bypass the content security policy (CSP). (CVE-2016-5135)\n\n- Google Chrome contains a use-after-free error in extensions/renderer/user_script_injector.cc that is triggered when handling UserScript pointers. This may allow a malicious extension to dereference already freed memory and potentially execute arbitrary code with elevated privileges. (CVE-2016-5136)\n\n- Google Chrome contains a flaw in the CSPSource::portMatches() function in frame/csp/CSPSource.cpp related to HSTS and CSP when handling HTTP vs HTTPS ports in source expressions. This may allow a context-dependent attacker to disclose browsing history information. (CVE-2016-5137)\n\n- Google Chrome contains a flaw in the LayoutBox::removeFloatingOrPositionedChildFromBlockLists() function in core/layout/LayoutBox.cpp that is triggered when handling LayoutView floats. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-1705)\n\n- Google Chrome contains a flaw in the Resource::canUseCacheValidator() function in core/fetch/Resource.cpp that is triggered when revalidating Resource with redirects. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)\n\n- Google Chrome contains a flaw in the Resource::willFollowRedirect() function in core/fetch/Resource.cpp that is triggered when handling redirect responses while revalidating resources. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)\n\n- Google Chrome contains a flaw in net/url_request/sdch_dictionary_fetcher.cc that is triggered when handling dictionary requests failing after receiving data. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)\n\n- Google Chrome contains a flaw in the ShapeResultSpacing::computeSpacing() function in platform/fonts/shaping/ShapeResultSpacing.cpp that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-1705)\n\n- Google Chrome contains a flaw in the Channel::Message::Deserialize() function in mojo/edk/system/channel.cc that is triggered when handling header sizes in channel messages. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-1705)\n\n- Google Chrome contains an unspecified flaw in Font::individualCharacterRanges() function in platform/fonts/Font.cpp, which may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)\n\n- Google WebRTC contains an out-of-bounds read flaw in the WebRtcIsacfix_PitchFilter() and WebRtcIsacfix_PitchFilterGains() functions in modules/audio_coding/codecs/isac/fix/source/pitch_filter.c that may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-1705)\n\n- Google Chrome contains a flaw in org/chromium/chrome/browser/toolbar/CustomTabToolbarAnimationDelegate.java that is due to the program failing to properly load security icons on custom HTTP connection tabs. This may allow a context-dependent attacker to spoof valid icons. (CVE-2016-1705)\n\n- Google Skia contains an integer overflow condition in the SkLinearGradient::LinearGradientContext::shade4_dx_clamp() function in effects/gradients/SkLinearGradient.cpp . The issue is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)\n\n- libvpx contains an invalid read flaw in the setup_frame_size_with_refs() function in vp9/decoder/vp9_decodeframe.c that may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.\n\n- Google Chrome contains an unspecified flaw in extensions that is triggered during the handling of NativeMessaging IDs. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1705)\n\n- Google Chrome contains an out-of-bounds read flaw in the HTMLMenuItemElement::defaultEventHandler() function in core/html/HTMLMenuItemElement.cpp that may allow a context-dependent attacker to potentially disclose memory contents. (CVE-2016-1705)\n\n- Google Chrome contains an unspecified flaw in the GURL::ReplaceComponents() function in url/gurl.cc that is triggered during inner URL creation. This may allow a context-dependent attacker to have an unspecified impact. No further details have been provided. (CVE-2016-1705)\n\n- Google V8 contains an unspecified flaw that may allow a context-dependent attacker to have an unspecified impact. No further details have been provided by the vendor. (CVE-2016-1705)\n", "cvss3": {"score": null, "vector": null}, "published": "2016-09-06T00:00:00", "type": "nessus", "title": "Chrome < 52.0.2743.82 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5131", "CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1708", "CVE-2016-1709", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137", "CVE-2016-1707"], "modified": "2016-09-06T00:00:00", "cpe": [], "id": "802027.PRM", "href": "https://www.tenable.com/plugins/lce/802027", "sourceData": "Binary data 802027.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:19:25", "description": "Chromium was updated to 52.0.2743.82 to fix the following security issues (boo#989901) :\n\n - CVE-2016-1706: Sandbox escape in PPAPI\n\n - CVE-2016-1707: URL spoofing on iOS\n\n - CVE-2016-1708: Use-after-free in Extensions\n\n - CVE-2016-1709: Heap-buffer-overflow in sfntly\n\n - CVE-2016-1710: Same-origin bypass in Blink\n\n - CVE-2016-1711: Same-origin bypass in Blink\n\n - CVE-2016-5127: Use-after-free in Blink\n\n - CVE-2016-5128: Same-origin bypass in V8\n\n - CVE-2016-5129: Memory corruption in V8\n\n - CVE-2016-5130: URL spoofing\n\n - CVE-2016-5131: Use-after-free in libxml\n\n - CVE-2016-5132: Limited same-origin bypass in Service Workers\n\n - CVE-2016-5133: Origin confusion in proxy authentication\n\n - CVE-2016-5134: URL leakage via PAC script\n\n - CVE-2016-5135: Content-Security-Policy bypass\n\n - CVE-2016-5136: Use after free in extensions\n\n - CVE-2016-5137: History sniffing with HSTS and CSP\n\n - CVE-2016-1705: Various fixes from internal audits, fuzzing and other initiatives", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-07-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2016-901)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1707", "CVE-2016-1708", "CVE-2016-1709", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-901.NASL", "href": "https://www.tenable.com/plugins/nessus/92551", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-901.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92551);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1705\", \"CVE-2016-1706\", \"CVE-2016-1707\", \"CVE-2016-1708\", \"CVE-2016-1709\", \"CVE-2016-1710\", \"CVE-2016-1711\", \"CVE-2016-5127\", \"CVE-2016-5128\", \"CVE-2016-5129\", \"CVE-2016-5130\", \"CVE-2016-5131\", \"CVE-2016-5132\", \"CVE-2016-5133\", \"CVE-2016-5134\", \"CVE-2016-5135\", \"CVE-2016-5136\", \"CVE-2016-5137\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2016-901)\");\n script_summary(english:\"Check for the openSUSE-2016-901 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 52.0.2743.82 to fix the following security\nissues (boo#989901) :\n\n - CVE-2016-1706: Sandbox escape in PPAPI\n\n - CVE-2016-1707: URL spoofing on iOS\n\n - CVE-2016-1708: Use-after-free in Extensions\n\n - CVE-2016-1709: Heap-buffer-overflow in sfntly\n\n - CVE-2016-1710: Same-origin bypass in Blink\n\n - CVE-2016-1711: Same-origin bypass in Blink\n\n - CVE-2016-5127: Use-after-free in Blink\n\n - CVE-2016-5128: Same-origin bypass in V8\n\n - CVE-2016-5129: Memory corruption in V8\n\n - CVE-2016-5130: URL spoofing\n\n - CVE-2016-5131: Use-after-free in libxml\n\n - CVE-2016-5132: Limited same-origin bypass in Service\n Workers\n\n - CVE-2016-5133: Origin confusion in proxy authentication\n\n - CVE-2016-5134: URL leakage via PAC script\n\n - CVE-2016-5135: Content-Security-Policy bypass\n\n - CVE-2016-5136: Use after free in extensions\n\n - CVE-2016-5137: History sniffing with HSTS and CSP\n\n - CVE-2016-1705: Various fixes from internal audits,\n fuzzing and other initiatives\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=989901\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-52.0.2743.82-111.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-52.0.2743.82-111.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-gnome-52.0.2743.82-111.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-kde-52.0.2743.82-111.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-52.0.2743.82-111.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"chromedriver-debuginfo-52.0.2743.82-111.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"chromium-debuginfo-52.0.2743.82-111.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"chromium-debugsource-52.0.2743.82-111.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"chromium-ffmpegsumo-debuginfo-52.0.2743.82-111.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromium / chromium-desktop-gnome / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:18:45", "description": "Chromium was updated to 52.0.2743.82 to fix the following security issues (boo#989901) :\n\n - CVE-2016-1706: Sandbox escape in PPAPI\n\n - CVE-2016-1707: URL spoofing on iOS\n\n - CVE-2016-1708: Use-after-free in Extensions\n\n - CVE-2016-1709: Heap-buffer-overflow in sfntly\n\n - CVE-2016-1710: Same-origin bypass in Blink\n\n - CVE-2016-1711: Same-origin bypass in Blink\n\n - CVE-2016-5127: Use-after-free in Blink\n\n - CVE-2016-5128: Same-origin bypass in V8\n\n - CVE-2016-5129: Memory corruption in V8\n\n - CVE-2016-5130: URL spoofing\n\n - CVE-2016-5131: Use-after-free in libxml\n\n - CVE-2016-5132: Limited same-origin bypass in Service Workers\n\n - CVE-2016-5133: Origin confusion in proxy authentication\n\n - CVE-2016-5134: URL leakage via PAC script\n\n - CVE-2016-5135: Content-Security-Policy bypass\n\n - CVE-2016-5136: Use after free in extensions\n\n - CVE-2016-5137: History sniffing with HSTS and CSP\n\n - CVE-2016-1705: Various fixes from internal audits, fuzzing and other initiatives", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-07-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2016-900)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1707", "CVE-2016-1708", "CVE-2016-1709", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-900.NASL", "href": "https://www.tenable.com/plugins/nessus/92550", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-900.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92550);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1705\", \"CVE-2016-1706\", \"CVE-2016-1707\", \"CVE-2016-1708\", \"CVE-2016-1709\", \"CVE-2016-1710\", \"CVE-2016-1711\", \"CVE-2016-5127\", \"CVE-2016-5128\", \"CVE-2016-5129\", \"CVE-2016-5130\", \"CVE-2016-5131\", \"CVE-2016-5132\", \"CVE-2016-5133\", \"CVE-2016-5134\", \"CVE-2016-5135\", \"CVE-2016-5136\", \"CVE-2016-5137\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2016-900)\");\n script_summary(english:\"Check for the openSUSE-2016-900 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 52.0.2743.82 to fix the following security\nissues (boo#989901) :\n\n - CVE-2016-1706: Sandbox escape in PPAPI\n\n - CVE-2016-1707: URL spoofing on iOS\n\n - CVE-2016-1708: Use-after-free in Extensions\n\n - CVE-2016-1709: Heap-buffer-overflow in sfntly\n\n - CVE-2016-1710: Same-origin bypass in Blink\n\n - CVE-2016-1711: Same-origin bypass in Blink\n\n - CVE-2016-5127: Use-after-free in Blink\n\n - CVE-2016-5128: Same-origin bypass in V8\n\n - CVE-2016-5129: Memory corruption in V8\n\n - CVE-2016-5130: URL spoofing\n\n - CVE-2016-5131: Use-after-free in libxml\n\n - CVE-2016-5132: Limited same-origin bypass in Service\n Workers\n\n - CVE-2016-5133: Origin confusion in proxy authentication\n\n - CVE-2016-5134: URL leakage via PAC script\n\n - CVE-2016-5135: Content-Security-Policy bypass\n\n - CVE-2016-5136: Use after free in extensions\n\n - CVE-2016-5137: History sniffing with HSTS and CSP\n\n - CVE-2016-1705: Various fixes from internal audits,\n fuzzing and other initiatives\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=989901\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromedriver-52.0.2743.82-61.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-52.0.2743.82-61.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-desktop-gnome-52.0.2743.82-61.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-desktop-kde-52.0.2743.82-61.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"chromium-ffmpegsumo-52.0.2743.82-61.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromium / chromium-desktop-gnome / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:18:45", "description": "Chromium was updated to 52.0.2743.82 to fix the following security issues (boo#989901) :\n\n - CVE-2016-1706: Sandbox escape in PPAPI\n\n - CVE-2016-1707: URL spoofing on iOS\n\n - CVE-2016-1708: Use-after-free in Extensions\n\n - CVE-2016-1709: Heap-buffer-overflow in sfntly\n\n - CVE-2016-1710: Same-origin bypass in Blink\n\n - CVE-2016-1711: Same-origin bypass in Blink\n\n - CVE-2016-5127: Use-after-free in Blink\n\n - CVE-2016-5128: Same-origin bypass in V8\n\n - CVE-2016-5129: Memory corruption in V8\n\n - CVE-2016-5130: URL spoofing\n\n - CVE-2016-5131: Use-after-free in libxml\n\n - CVE-2016-5132: Limited same-origin bypass in Service Workers\n\n - CVE-2016-5133: Origin confusion in proxy authentication\n\n - CVE-2016-5134: URL leakage via PAC script\n\n - CVE-2016-5135: Content-Security-Policy bypass\n\n - CVE-2016-5136: Use after free in extensions\n\n - CVE-2016-5137: History sniffing with HSTS and CSP\n\n - CVE-2016-1705: Various fixes from internal audits, fuzzing and other initiatives", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-08-01T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2016-919)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1707", "CVE-2016-1708", "CVE-2016-1709", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2016-919.NASL", "href": "https://www.tenable.com/plugins/nessus/92655", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-919.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92655);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1705\", \"CVE-2016-1706\", \"CVE-2016-1707\", \"CVE-2016-1708\", \"CVE-2016-1709\", \"CVE-2016-1710\", \"CVE-2016-1711\", \"CVE-2016-5127\", \"CVE-2016-5128\", \"CVE-2016-5129\", \"CVE-2016-5130\", \"CVE-2016-5131\", \"CVE-2016-5132\", \"CVE-2016-5133\", \"CVE-2016-5134\", \"CVE-2016-5135\", \"CVE-2016-5136\", \"CVE-2016-5137\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2016-919)\");\n script_summary(english:\"Check for the openSUSE-2016-919 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to 52.0.2743.82 to fix the following security\nissues (boo#989901) :\n\n - CVE-2016-1706: Sandbox escape in PPAPI\n\n - CVE-2016-1707: URL spoofing on iOS\n\n - CVE-2016-1708: Use-after-free in Extensions\n\n - CVE-2016-1709: Heap-buffer-overflow in sfntly\n\n - CVE-2016-1710: Same-origin bypass in Blink\n\n - CVE-2016-1711: Same-origin bypass in Blink\n\n - CVE-2016-5127: Use-after-free in Blink\n\n - CVE-2016-5128: Same-origin bypass in V8\n\n - CVE-2016-5129: Memory corruption in V8\n\n - CVE-2016-5130: URL spoofing\n\n - CVE-2016-5131: Use-after-free in libxml\n\n - CVE-2016-5132: Limited same-origin bypass in Service\n Workers\n\n - CVE-2016-5133: Origin confusion in proxy authentication\n\n - CVE-2016-5134: URL leakage via PAC script\n\n - CVE-2016-5135: Content-Security-Policy bypass\n\n - CVE-2016-5136: Use after free in extensions\n\n - CVE-2016-5137: History sniffing with HSTS and CSP\n\n - CVE-2016-1705: Various fixes from internal audits,\n fuzzing and other initiatives\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=989901\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-52.0.2743.82-150.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-debuginfo-52.0.2743.82-150.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-52.0.2743.82-150.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debuginfo-52.0.2743.82-150.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debugsource-52.0.2743.82-150.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-gnome-52.0.2743.82-150.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-kde-52.0.2743.82-150.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-52.0.2743.82-150.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-debuginfo-52.0.2743.82-150.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-29T14:44:08", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\n - CVE-2016-1704 The chrome development team found and fixed various issues during internal auditing.\n\n - CVE-2016-1705 The chrome development team found and fixed various issues during internal auditing.\n\n - CVE-2016-1706 Pinkie Pie discovered a way to escape the Pepper Plugin API sandbox.\n\n - CVE-2016-1707 xisigr discovered a URL spoofing issue.\n\n - CVE-2016-1708 Adam Varsan discovered a use-after-free issue.\n\n - CVE-2016-1709 ChenQin discovered a buffer overflow issue in the sfntly library.\n\n - CVE-2016-1710 Mariusz Mlynski discovered a same-origin bypass.\n\n - CVE-2016-1711 Mariusz Mlynski discovered another same-origin bypass.\n\n - CVE-2016-5127 cloudfuzzer discovered a use-after-free issue.\n\n - CVE-2016-5128 A same-origin bypass issue was discovered in the v8 JavaScript library.\n\n - CVE-2016-5129 Jeonghoon Shin discovered a memory corruption issue in the v8 JavaScript library.\n\n - CVE-2016-5130 Widih Matar discovered a URL spoofing issue.\n\n - CVE-2016-5131 Nick Wellnhofer discovered a use-after-free issue in the libxml2 library.\n\n - CVE-2016-5132 Ben Kelly discovered a same-origin bypass.\n\n - CVE-2016-5133 Patch Eudor discovered an issue in proxy authentication.\n\n - CVE-2016-5134 Paul Stone discovered an information leak in the Proxy Auto-Config feature.\n\n - CVE-2016-5135 ShenYeYinJiu discovered a way to bypass the Content Security Policy.\n\n - CVE-2016-5136 Rob Wu discovered a use-after-free issue.\n\n - CVE-2016-5137 Xiaoyin Liu discovered a way to discover whether an HSTS website had been visited.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-08-02T00:00:00", "type": "nessus", "title": "Debian DSA-3637-1 : chromium-browser - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1704", "CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1707", "CVE-2016-1708", "CVE-2016-1709", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3637.NASL", "href": "https://www.tenable.com/plugins/nessus/92666", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3637. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92666);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1704\", \"CVE-2016-1705\", \"CVE-2016-1706\", \"CVE-2016-1707\", \"CVE-2016-1708\", \"CVE-2016-1709\", \"CVE-2016-1710\", \"CVE-2016-1711\", \"CVE-2016-5127\", \"CVE-2016-5128\", \"CVE-2016-5129\", \"CVE-2016-5130\", \"CVE-2016-5131\", \"CVE-2016-5132\", \"CVE-2016-5133\", \"CVE-2016-5134\", \"CVE-2016-5135\", \"CVE-2016-5136\", \"CVE-2016-5137\");\n script_xref(name:\"DSA\", value:\"3637\");\n\n script_name(english:\"Debian DSA-3637-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2016-1704\n The chrome development team found and fixed various\n issues during internal auditing.\n\n - CVE-2016-1705\n The chrome development team found and fixed various\n issues during internal auditing.\n\n - CVE-2016-1706\n Pinkie Pie discovered a way to escape the Pepper Plugin\n API sandbox.\n\n - CVE-2016-1707\n xisigr discovered a URL spoofing issue.\n\n - CVE-2016-1708\n Adam Varsan discovered a use-after-free issue.\n\n - CVE-2016-1709\n ChenQin discovered a buffer overflow issue in the sfntly\n library.\n\n - CVE-2016-1710\n Mariusz Mlynski discovered a same-origin bypass.\n\n - CVE-2016-1711\n Mariusz Mlynski discovered another same-origin bypass.\n\n - CVE-2016-5127\n cloudfuzzer discovered a use-after-free issue.\n\n - CVE-2016-5128\n A same-origin bypass issue was discovered in the v8\n JavaScript library.\n\n - CVE-2016-5129\n Jeonghoon Shin discovered a memory corruption issue in\n the v8 JavaScript library.\n\n - CVE-2016-5130\n Widih Matar discovered a URL spoofing issue.\n\n - CVE-2016-5131\n Nick Wellnhofer discovered a use-after-free issue in the\n libxml2 library.\n\n - CVE-2016-5132\n Ben Kelly discovered a same-origin bypass.\n\n - CVE-2016-5133\n Patch Eudor discovered an issue in proxy authentication.\n\n - CVE-2016-5134\n Paul Stone discovered an information leak in the Proxy\n Auto-Config feature.\n\n - CVE-2016-5135\n ShenYeYinJiu discovered a way to bypass the Content\n Security Policy.\n\n - CVE-2016-5136\n Rob Wu discovered a use-after-free issue.\n\n - CVE-2016-5137\n Xiaoyin Liu discovered a way to discover whether an HSTS\n website had been visited.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-1704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-1705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-1706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-1707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-1708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-1709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-1710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-1711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5128\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5129\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5130\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5132\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5133\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3637\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 52.0.2743.82-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"chromedriver\", reference:\"52.0.2743.82-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium\", reference:\"52.0.2743.82-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-dbg\", reference:\"52.0.2743.82-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-inspector\", reference:\"52.0.2743.82-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-l10n\", reference:\"52.0.2743.82-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-17T14:23:10", "description": "The version of Google Chrome installed on the remote host is prior to 52.0.2743.82, and is affected by multiple vulnerabilities :\n\n - An out-of-bounds read flaw in the 'xmlParseEndTag2()' function in 'parser.c' is triggered when parsing an end tag. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.\n - An out-of-bounds read flaw in the 'xmlNextChar()' function in 'parserInternals.c' is triggered when parsing characters in an XML file. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.\n - An overflow condition in the 'htmlParseName()' and 'htmlParseNameComplex()' functions of 'HTMLparser.c' is triggered as user-supplied input is not properly validated when parsing characters in a range. With a specially crafted file, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.\n - An integer overflow condition in the 'xmlParse3986Port()' function in 'uri.c' is triggered as user-supplied input is not properly validated when handling port numbers in the URL. This may allow a context-dependent attacker to have an unspecified impact.\n - An out-of-bounds under-read flaw in the 'xmlParseConditionalSections()' and 'xmlParseElementDecl()' functions in 'parser.c' may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.\n - A format string flaw in multiple functionalities is triggered as string format specifiers (e.g. %s and %x) are not properly used. This may allow a context-dependent attacker to potentially execute arbitrary code or cause a denial of service in a process linked against the library.\n - An out-of-bounds read flaw in the 'PairPosFormat1::sanitize()' function 'in hb-ot-layout-gpos-table.hh' may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.\n - A flaw in 'PPAPI' is triggered when handling certain messages not sent by the browser in the plugin broker process. This may allow a context-dependent attacker to bypass the sandbox.\n - A flaw in 'web/web_state/ui/crw_web_controller.mm' is triggered when handling invalid URLs. This may allow a context-dependent attacker to conduct URL spoofing attacks.\n - A use-after-free error related to extensions may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n - An array indexing error in the 'ByteArray::Get()' function in 'data/byte_array.cc' is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, crashing a process linked against the library or potentially allowing the execution of arbitrary code.\n - A flaw in 'web/ChromeClientImpl.cpp' is triggered when handling creation of new windows by deferred frames. This may allow a context-dependent attacker to bypass the same-origin policy.\n - A flaw in 'core/loader/FrameLoader.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-08-12T00:00:00", "type": "nessus", "title": "Google Chrome < 52.0.2743.82 Multiple Vulnerabilites", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8947", "CVE-2016-1695", "CVE-2016-1705", "CVE-2016-1706", "CVE-2016-1707", "CVE-2016-1708", "CVE-2016-1709", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-1833", "CVE-2016-1838", "CVE-2016-1839", "CVE-2016-4447", "CVE-2016-4448", "CVE-2016-5127", "CVE-2016-5128", "CVE-2016-5129", "CVE-2016-5130", "CVE-2016-5131", "CVE-2016-5132", "CVE-2016-5133", "CVE-2016-5134", "CVE-2016-5135", "CVE-2016-5136", "CVE-2016-5137"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "9480.PASL", "href": "https://www.tenable.com/plugins/nnm/9480", "sourceData": "Binary data 9480.pasl", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:32:14", "description": "Update to version 2.2.0, see https://github.com/uclouvain/openjpeg/blob/v2.2.0/NEWS.md for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-08-14T00:00:00", "type": "nessus", "title": "Fedora 26 : openjpeg2 (2017-920b27e8f4)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5139", "CVE-2016-5158", "CVE-2016-5159", "CVE-2016-9112"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openjpeg2", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-920B27E8F4.NASL", "href": "https://www.tenable.com/plugins/nessus/102459", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-920b27e8f4.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102459);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-5139\", \"CVE-2016-5158\", \"CVE-2016-5159\", \"CVE-2016-9112\");\n script_xref(name:\"FEDORA\", value:\"2017-920b27e8f4\");\n\n script_name(english:\"Fedora 26 : openjpeg2 (2017-920b27e8f4)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to version 2.2.0, see\nhttps://github.com/uclouvain/openjpeg/blob/v2.2.0/NEWS.md for details.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-920b27e8f4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/uclouvain/openjpeg/blob/v2.2.0/NEWS.md\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openjpeg2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openjpeg2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"openjpeg2-2.2.0-1.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openjpeg2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:24", "description": "Google Chrome Releases reports :\n\n3 security fixes in this release, including :\n\n- [642496] High CVE-2016-5177: Use after free in V8. Credit to Anonymous\n\n- [651092] CVE-2016-5178: Various fixes from internal audits, fuzzing and other initiatives.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-01T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (9c135c7e-9fa4-11e6-a265-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5177", "CVE-2016-5178"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "p-cpe:/a:freebsd:freebsd:chromium-npapi", "p-cpe:/a:freebsd:freebsd:chromium-pulse", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_9C135C7E9FA411E6A2653065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/94451", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94451);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-5177\", \"CVE-2016-5178\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (9c135c7e-9fa4-11e6-a265-3065ec8fd3ec)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n3 security fixes in this release, including :\n\n- [642496] High CVE-2016-5177: Use after free in V8. Credit to\nAnonymous\n\n- [651092] CVE-2016-5178: Various fixes from internal audits, fuzzing\nand other initiatives.\"\n );\n # https://googlechromereleases.blogspot.nl/2016/09/stable-channel-update-for-desktop_29.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d1bdf3fa\"\n );\n # https://vuxml.freebsd.org/freebsd/9c135c7e-9fa4-11e6-a265-3065ec8fd3ec.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6e5543ba\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-npapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<53.0.2785.143\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-npapi<53.0.2785.143\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-pulse<53.0.2785.143\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:04", "description": "Security fix for CVE-2016-5177, CVE-2016-5178\n\nhttps://googlechromereleases.blogspot.com/2016/09/stable-channel-updat e-for-desktop_29.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-17T00:00:00", "type": "nessus", "title": "Fedora 24 : chromium (2016-d61c4f72da)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5177", "CVE-2016-5178"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-D61C4F72DA.NASL", "href": "https://www.tenable.com/plugins/nessus/94080", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-d61c4f72da.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94080);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5177\", \"CVE-2016-5178\");\n script_xref(name:\"FEDORA\", value:\"2016-d61c4f72da\");\n\n script_name(english:\"Fedora 24 : chromium (2016-d61c4f72da)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5177, CVE-2016-5178\n\nhttps://googlechromereleases.blogspot.com/2016/09/stable-channel-updat\ne-for-desktop_29.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-d61c4f72da\"\n );\n # https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_29.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df8742a0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"chromium-53.0.2785.143-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:18", "description": "Security fix for CVE-2016-5177, CVE-2016-5178\n\nhttps://googlechromereleases.blogspot.com/2016/09/stable-channel-updat e-for-desktop_29.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-15T00:00:00", "type": "nessus", "title": "Fedora 25 : chromium (2016-a90040934d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5177", "CVE-2016-5178"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-A90040934D.NASL", "href": "https://www.tenable.com/plugins/nessus/94846", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-a90040934d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94846);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5177\", \"CVE-2016-5178\");\n script_xref(name:\"FEDORA\", value:\"2016-a90040934d\");\n\n script_name(english:\"Fedora 25 : chromium (2016-a90040934d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5177, CVE-2016-5178\n\nhttps://googlechromereleases.blogspot.com/2016/09/stable-channel-updat\ne-for-desktop_29.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-a90040934d\"\n );\n # https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_29.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df8742a0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"chromium-53.0.2785.143-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T13:50:12", "description": "This update Chromium 53.0.2785.143 fixes the following issues (boo#1002140)\n\n - CVE-2016-5177: Use after free in V8\n\n - CVE-2016-5178: Various fixes from internal audits\n\nThe following bugfix changes are included :\n\n - Export GDK_BACKEND=x11 before starting chromium, ensuring that it's started as an Xwayland client (boo#1001135).\n\n - Changes to Sandbox to fix crashers on tumbleweed (boo#999091)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-2016-1142)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5177", "CVE-2016-5178"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1142.NASL", "href": "https://www.tenable.com/plugins/nessus/93851", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1142.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93851);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5177\", \"CVE-2016-5178\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2016-1142)\");\n script_summary(english:\"Check for the openSUSE-2016-1142 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update Chromium 53.0.2785.143 fixes the following issues\n(boo#1002140)\n\n - CVE-2016-5177: Use after free in V8\n\n - CVE-2016-5178: Various fixes from internal audits\n\nThe following bugfix changes are included :\n\n - Export GDK_BACKEND=x11 before starting chromium,\n ensuring that it's started as an Xwayland client\n (boo#1001135).\n\n - Changes to Sandbox to fix crashers on tumbleweed\n (boo#999091)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002140\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999091\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-53.0.2785.143-128.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-debuginfo-53.0.2785.143-128.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-53.0.2785.143-128.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debuginfo-53.0.2785.143-128.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-gnome-53.0.2785.143-128.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-kde-53.0.2785.143-128.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-53.0.2785.143-128.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-debuginfo-53.0.2785.143-128.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromedriver-53.0.2785.143-79.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromedriver-debuginfo-53.0.2785.143-79.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-53.0.2785.143-79.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-debuginfo-53.0.2785.143-79.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-desktop-gnome-53.0.2785.143-79.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-desktop-kde-53.0.2785.143-79.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-ffmpegsumo-53.0.2785.143-79.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-ffmpegsumo-debuginfo-53.0.2785.143-79.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:51", "description": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 53.0.2785.143.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5177, CVE-2016-5178)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-06T00:00:00", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2016:2007)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5177", "CVE-2016-5178"], "modified": "2020-05-29T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser", "p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2016-2007.NASL", "href": "https://www.tenable.com/plugins/nessus/93891", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2007. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93891);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2016-5177\", \"CVE-2016-5178\");\n script_xref(name:\"RHSA\", value:\"2016:2007\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2016:2007)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 53.0.2785.143.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the processing of malformed web\ncontent. A web page containing malicious content could cause Chromium\nto crash, execute arbitrary code, or disclose sensitive information\nwhen visited by the victim. (CVE-2016-5177, CVE-2016-5178)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:2007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5177\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5178\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:2007\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-53.0.2785.143-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-53.0.2785.143-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-53.0.2785.143-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-53.0.2785.143-1.el6\", allowmaj:TRUE)) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:34:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-2e50862950", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5164", "CVE-2016-5177", "CVE-2016-5165", "CVE-2016-5162", "CVE-2016-5156", "CVE-2016-5173", "CVE-2016-5154", "CVE-2016-5151", "CVE-2016-5171", "CVE-2016-5170", "CVE-2016-5163", "CVE-2016-5174", "CVE-2016-5161", "CVE-2016-5147", "CVE-2016-5175", "CVE-2016-5160", "CVE-2016-5167", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5157", "CVE-2016-5172", "CVE-2016-5150", "CVE-2016-5178", "CVE-2016-5149", "CVE-2016-5152", "CVE-2016-5166", "CVE-2016-5159"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809909", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809909", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-2e50862950\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809909\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 18:00:25 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-5177\", \"CVE-2016-5178\", \"CVE-2016-5170\", \"CVE-2016-5171\",\n \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\",\n \"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\",\n \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\",\n \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\",\n \"CVE-2016-5159\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\",\n \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5160\",\n \"CVE-2016-5167\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-2e50862950\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-2e50862950\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPYK6KQMI3FVJGNDPMFT43OJ2UIC35YO\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~53.0.2785.143~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-11T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-bf8c64a060", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5162", "CVE-2016-5156", "CVE-2016-5154", "CVE-2016-5151", "CVE-2016-5163", "CVE-2016-5161", "CVE-2016-5147", "CVE-2016-5160", "CVE-2016-5167", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5157", "CVE-2016-5150", "CVE-2016-5149", "CVE-2016-5152", "CVE-2016-5166", "CVE-2016-5159"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809245", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809245", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-bf8c64a060\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809245\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-11 05:53:14 +0200 (Sun, 11 Sep 2016)\");\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\",\n \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\",\n \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\",\n \"CVE-2016-5159\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\",\n \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5160\",\n \"CVE-2016-5167\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-bf8c64a060\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-bf8c64a060\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GN6V44FJWP2TOSLGN4ITM6BUZGYN323J\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~53.0.2785.101~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:04", "description": "Several vulnerabilities have been\n discovered in the chromium web browser.\n\nCVE-2016-5147\nA cross-site scripting issue was discovered.\n\nCVE-2016-5148\nAnother cross-site scripting issue was discovered.\n\nCVE-2016-5149\nMax Justicz discovered a script injection issue in extension handling.\n\nCVE-2016-5150\nA use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5151\nA use-after-free issue was discovered in the pdfium library.\n\nCVE-2016-5152\nGiWan Go discovered a heap overflow issue in the pdfium library.\n\nCVE-2016-5153\nAtte Kettunen discovered a use-after-destruction issue.\n\nCVE-2016-5154\nA heap overflow issue was discovered in the pdfium library.\n\nCVE-2016-5155\nAn address bar spoofing issue was discovered.\n\nCVE-2016-5156\njinmo123 discovered a use-after-free issue.\n\nCVE-2016-5157\nA heap overflow issue was discovered in the pdfium library.\n\nCVE-2016-5158\nGiWan Go discovered a heap overflow issue in the pdfium library.\n\nCVE-2016-5159\nGiWan Go discovered another heap overflow issue in the pdfium library.\n\nCVE-2016-5160\nl33terally discovered an extensions resource bypass.\n\nCVE-2016-5161\nA type confusion issue was discovered.\n\nCVE-2016-5162\nNicolas Golubovic discovered an extensions resource bypass.\n\nCVE-2016-5163\nRafay Baloch discovered an address bar spoofing issue.\n\nCVE-2016-5164\nA cross-site scripting issue was discovered in the developer tools.\n\nCVE-2016-5165\nGregory Panakkal discovered a script injection issue in the developer\ntools.\n\nCVE-2016-5166\nGregory Panakkal discovered an issue with the Save Page As feature.\n\nCVE-2016-5167\nThe chrome development team found and fixed various issues during\ninternal auditing.", "cvss3": {}, "published": "2016-09-05T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3660-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5162", "CVE-2016-5156", "CVE-2016-5154", "CVE-2016-5151", "CVE-2016-5163", "CVE-2016-5161", "CVE-2016-5147", "CVE-2016-5160", "CVE-2016-5167", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5157", "CVE-2016-5150", "CVE-2016-5149", "CVE-2016-5152", "CVE-2016-5166", "CVE-2016-5159"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703660", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703660", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3660.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3660-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703660\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\",\n\t\t \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\",\n\t\t \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\",\n\t\t \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\",\n\t\t \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\",\n \t\t \"CVE-2016-5167\");\n script_name(\"Debian Security Advisory DSA 3660-1 (chromium-browser - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-05 00:00:00 +0200 (Mon, 05 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3660.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\n these problems have been fixed in version 53.0.2785.89-1~deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 53.0.2785.89-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been\n discovered in the chromium web browser.\n\nCVE-2016-5147\nA cross-site scripting issue was discovered.\n\nCVE-2016-5148\nAnother cross-site scripting issue was discovered.\n\nCVE-2016-5149\nMax Justicz discovered a script injection issue in extension handling.\n\nCVE-2016-5150\nA use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5151\nA use-after-free issue was discovered in the pdfium library.\n\nCVE-2016-5152\nGiWan Go discovered a heap overflow issue in the pdfium library.\n\nCVE-2016-5153\nAtte Kettunen discovered a use-after-destruction issue.\n\nCVE-2016-5154\nA heap overflow issue was discovered in the pdfium library.\n\nCVE-2016-5155\nAn address bar spoofing issue was discovered.\n\nCVE-2016-5156\njinmo123 discovered a use-after-free issue.\n\nCVE-2016-5157\nA heap overflow issue was discovered in the pdfium library.\n\nCVE-2016-5158\nGiWan Go discovered a heap overflow issue in the pdfium library.\n\nCVE-2016-5159\nGiWan Go discovered another heap overflow issue in the pdfium library.\n\nCVE-2016-5160\nl33terally discovered an extensions resource bypass.\n\nCVE-2016-5161\nA type confusion issue was discovered.\n\nCVE-2016-5162\nNicolas Golubovic discovered an extensions resource bypass.\n\nCVE-2016-5163\nRafay Baloch discovered an address bar spoofing issue.\n\nCVE-2016-5164\nA cross-site scripting issue was discovered in the developer tools.\n\nCVE-2016-5165\nGregory Panakkal discovered a script injection issue in the developer\ntools.\n\nCVE-2016-5166\nGregory Panakkal discovered an issue with the Save Page As feature.\n\nCVE-2016-5167\nThe chrome development team found and fixed various issues during\ninternal auditing.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"53.0.2785.89-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"53.0.2785.89-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"53.0.2785.89-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"53.0.2785.89-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"53.0.2785.89-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-eec838a3a0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5162", "CVE-2016-5156", "CVE-2016-5154", "CVE-2016-5151", "CVE-2016-5163", "CVE-2016-5161", "CVE-2016-5147", "CVE-2016-5160", "CVE-2016-5167", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5157", "CVE-2016-5150", "CVE-2016-5149", "CVE-2016-5152", "CVE-2016-5166", "CVE-2016-5159"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871995", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871995", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-eec838a3a0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871995\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:23:25 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\", \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\", \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\", \"CVE-2016-5159\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5160\", \"CVE-2016-5167\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-eec838a3a0\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-eec838a3a0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKSQPLVSIIMPUHTNNAFKQYBZM4W7NP7U\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~53.0.2785.101~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:55:15", "description": "Several vulnerabilities have been\n discovered in the chromium web browser.\n\nCVE-2016-5147 \nA cross-site scripting issue was discovered.\n\nCVE-2016-5148 \nAnother cross-site scripting issue was discovered.\n\nCVE-2016-5149 \nMax Justicz discovered a script injection issue in extension handling.\n\nCVE-2016-5150 \nA use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5151 \nA use-after-free issue was discovered in the pdfium library.\n\nCVE-2016-5152 \nGiWan Go discovered a heap overflow issue in the pdfium library.\n\nCVE-2016-5153 \nAtte Kettunen discovered a use-after-destruction issue.\n\nCVE-2016-5154 \nA heap overflow issue was discovered in the pdfium library.\n\nCVE-2016-5155 \nAn address bar spoofing issue was discovered.\n\nCVE-2016-5156 \njinmo123 discovered a use-after-free issue.\n\nCVE-2016-5157 \nA heap overflow issue was discovered in the pdfium library.\n\nCVE-2016-5158 \nGiWan Go discovered a heap overflow issue in the pdfium library.\n\nCVE-2016-5159 \nGiWan Go discovered another heap overflow issue in the pdfium library.\n\nCVE-2016-5160 \nl33terally discovered an extensions resource bypass.\n\nCVE-2016-5161 \nA type confusion issue was discovered.\n\nCVE-2016-5162 \nNicolas Golubovic discovered an extensions resource bypass.\n\nCVE-2016-5163 \nRafay Baloch discovered an address bar spoofing issue.\n\nCVE-2016-5164 \nA cross-site scripting issue was discovered in the developer tools.\n\nCVE-2016-5165 \nGregory Panakkal discovered a script injection issue in the developer\ntools.\n\nCVE-2016-5166 \nGregory Panakkal discovered an issue with the Save Page As feature.\n\nCVE-2016-5167 \nThe chrome development team found and fixed various issues during\ninternal auditing.", "cvss3": {}, "published": "2016-09-05T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3660-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5162", "CVE-2016-5156", "CVE-2016-5154", "CVE-2016-5151", "CVE-2016-5163", "CVE-2016-5161", "CVE-2016-5147", "CVE-2016-5160", "CVE-2016-5167", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5157", "CVE-2016-5150", "CVE-2016-5149", "CVE-2016-5152", "CVE-2016-5166", "CVE-2016-5159"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703660", "href": "http://plugins.openvas.org/nasl.php?oid=703660", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3660.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3660-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703660);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\",\n\t\t \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\",\n\t\t \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\",\n\t\t \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\",\n\t\t \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\",\n \t\t \"CVE-2016-5167\");\n script_name(\"Debian Security Advisory DSA 3660-1 (chromium-browser - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-09-05 00:00:00 +0200 (Mon, 05 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3660.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"chromium-browser on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\n these problems have been fixed in version 53.0.2785.89-1~deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 53.0.2785.89-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been\n discovered in the chromium web browser.\n\nCVE-2016-5147 \nA cross-site scripting issue was discovered.\n\nCVE-2016-5148 \nAnother cross-site scripting issue was discovered.\n\nCVE-2016-5149 \nMax Justicz discovered a script injection issue in extension handling.\n\nCVE-2016-5150 \nA use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5151 \nA use-after-free issue was discovered in the pdfium library.\n\nCVE-2016-5152 \nGiWan Go discovered a heap overflow issue in the pdfium library.\n\nCVE-2016-5153 \nAtte Kettunen discovered a use-after-destruction issue.\n\nCVE-2016-5154 \nA heap overflow issue was discovered in the pdfium library.\n\nCVE-2016-5155 \nAn address bar spoofing issue was discovered.\n\nCVE-2016-5156 \njinmo123 discovered a use-after-free issue.\n\nCVE-2016-5157 \nA heap overflow issue was discovered in the pdfium library.\n\nCVE-2016-5158 \nGiWan Go discovered a heap overflow issue in the pdfium library.\n\nCVE-2016-5159 \nGiWan Go discovered another heap overflow issue in the pdfium library.\n\nCVE-2016-5160 \nl33terally discovered an extensions resource bypass.\n\nCVE-2016-5161 \nA type confusion issue was discovered.\n\nCVE-2016-5162 \nNicolas Golubovic discovered an extensions resource bypass.\n\nCVE-2016-5163 \nRafay Baloch discovered an address bar spoofing issue.\n\nCVE-2016-5164 \nA cross-site scripting issue was discovered in the developer tools.\n\nCVE-2016-5165 \nGregory Panakkal discovered a script injection issue in the developer\ntools.\n\nCVE-2016-5166 \nGregory Panakkal discovered an issue with the Save Page As feature.\n\nCVE-2016-5167 \nThe chrome development team found and fixed various issues during\ninternal auditing.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\n\nif ((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"53.0.2785.89-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"53.0.2785.89-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"53.0.2785.89-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"53.0.2785.89-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"53.0.2785.89-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-01-31T18:36:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-14T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:2296-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5162", "CVE-2016-5156", "CVE-2016-5154", "CVE-2016-5151", "CVE-2016-5163", "CVE-2016-5161", "CVE-2016-5147", "CVE-2016-5160", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5157", "CVE-2016-5150", "CVE-2016-5149", "CVE-2016-5152", "CVE-2016-5166", "CVE-2016-5159"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851391", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851391", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851391\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-09-14 05:45:01 +0200 (Wed, 14 Sep 2016)\");\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\",\n \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\",\n \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\",\n \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\",\n \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:2296-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Chromium'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Chromium was updated to 53.0.2785.101 to fix a number of security issues\n and bugs.\n\n The following vulnerabilities were fixed: (boo#996648)\n\n - CVE-2016-5147: Universal XSS in Blink.\n\n - CVE-2016-5148: Universal XSS in Blink.\n\n - CVE-2016-5149: Script injection in extensions.\n\n - CVE-2016-5150: Use after free in Blink.\n\n - CVE-2016-5151: Use after free in PDFium.\n\n - CVE-2016-5152: Heap overflow in PDFium.\n\n - CVE-2016-5153: Use after destruction in Blink.\n\n - CVE-2016-5154: Heap overflow in PDFium.\n\n - CVE-2016-5155: Address bar spoofing.\n\n - CVE-2016-5156: Use after free in event bindings.\n\n - CVE-2016-5157: Heap overflow in PDFium.\n\n - CVE-2016-5158: Heap overflow in PDFium.\n\n - CVE-2016-5159: Heap overflow in PDFium.\n\n - CVE-2016-5161: Type confusion in Blink.\n\n - CVE-2016-5162: Extensions web accessible resources bypass.\n\n - CVE-2016-5163: Address bar spoofing.\n\n - CVE-2016-5164: Universal XSS using DevTools.\n\n - CVE-2016-5165: Script injection in DevTools.\n\n - CVE-2016-5166: SMB Relay Attack via Save Page As.\n\n - CVE-2016-5160: Extensions web accessible resources bypass.\n\n The following upstream fixes are included:\n\n - SPDY crash fixes\n\n - Disable NV12 DXGI video on AMD\n\n - Forward --password-store switch to os_crypt\n\n - Tell the kernel to discard USB requests when they time out.\n\n - disallow WKBackForwardListItem navigations for pushState pages\n\n - arc: bluetooth: Fix advertised uuid\n\n - fix conflicting PendingIntent for stop button and swipe away\n\n A number of tracked build system fixes are included. (boo#996032,\n boo#99606, boo#995932)\n\n The following tracked regression fix is included: - Re-enable widevine\n plugin (boo#998328)\n\n rpmlint and rpmlint-mini were updated to work around a memory exhaustion\n problem with this package on 32 bit (boo#969732).\");\n\n script_tag(name:\"affected\", value:\"Chromium on openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:2296-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~53.0.2785.101~120.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~53.0.2785.101~120.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~53.0.2785.101~120.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~53.0.2785.101~120.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~53.0.2785.101~120.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~53.0.2785.101~120.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~53.0.2785.101~120.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~53.0.2785.101~120.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpmlint-mini\", rpm:\"rpmlint-mini~1.5~8.7.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpmlint-mini-debuginfo\", rpm:\"rpmlint-mini-debuginfo~1.5~8.7.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpmlint-mini-debugsource\", rpm:\"rpmlint-mini-debugsource~1.5~8.7.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpmlint\", rpm:\"pmlint~1.5~39.4.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:36:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-07T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:2250-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5162", "CVE-2016-5156", "CVE-2016-5154", "CVE-2016-5151", "CVE-2016-5163", "CVE-2016-5161", "CVE-2016-5147", "CVE-2016-5160", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5157", "CVE-2016-5150", "CVE-2016-5149", "CVE-2016-5152", "CVE-2016-5166", "CVE-2016-5159"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851389", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851389", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851389\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-09-07 05:43:45 +0200 (Wed, 07 Sep 2016)\");\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\",\n \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\",\n \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\",\n \"CVE-2016-5159\", \"CVE-2016-5160\", \"CVE-2016-5161\", \"CVE-2016-5162\",\n \"CVE-2016-5163\", \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:2250-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Chromium'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Chromium was updated to 53.0.2785.89 to fix a number of security issues.\n\n The following vulnerabilities were fixed: (boo#996648)\n\n - CVE-2016-5147: Universal XSS in Blink.\n\n - CVE-2016-5148: Universal XSS in Blink.\n\n - CVE-2016-5149: Script injection in extensions.\n\n - CVE-2016-5150: Use after free in Blink.\n\n - CVE-2016-5151: Use after free in PDFium.\n\n - CVE-2016-5152: Heap overflow in PDFium.\n\n - CVE-2016-5153: Use after destruction in Blink.\n\n - CVE-2016-5154: Heap overflow in PDFium.\n\n - CVE-2016-5155: Address bar spoofing.\n\n - CVE-2016-5156: Use after free in event bindings.\n\n - CVE-2016-5157: Heap overflow in PDFium.\n\n - CVE-2016-5158: Heap overflow in PDFium.\n\n - CVE-2016-5159: Heap overflow in PDFium.\n\n - CVE-2016-5161: Type confusion in Blink.\n\n - CVE-2016-5162: Extensions web accessible resources bypass.\n\n - CVE-2016-5163: Address bar spoofing.\n\n - CVE-2016-5164: Universal XSS using DevTools.\n\n - CVE-2016-5165: Script injection in DevTools.\n\n - CVE-2016-5166: SMB Relay Attack via Save Page As.\n\n - CVE-2016-5160: Extensions web accessible resources bypass.\n\n A number of tracked build system fixes are included. (boo#996032,\n boo#99606, boo#995932)\");\n\n script_tag(name:\"affected\", value:\"Chromium on openSUSE Leap 42.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:2250-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~53.0.2785.89~68.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~53.0.2785.89~68.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~53.0.2785.89~68.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~53.0.2785.89~68.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~53.0.2785.89~68.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~53.0.2785.89~68.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~53.0.2785.89~68.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~53.0.2785.89~68.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:12:33", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-06T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop_31-2016-08)-Linux", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5162", "CVE-2016-5156", "CVE-2016-5154", "CVE-2016-5151", "CVE-2016-5163", "CVE-2016-5161", "CVE-2016-5147", "CVE-2016-5160", "CVE-2016-5167", "CVE-2016-7395", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5157", "CVE-2016-5150", "CVE-2016-5149", "CVE-2016-5152", "CVE-2016-5166", "CVE-2016-5159"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310809033", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809033", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop_31-2016-08)-Linux\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809033\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\",\n \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\",\n \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\",\n \"CVE-2016-5159\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\",\n \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5160\",\n \"CVE-2016-5167\", \"CVE-2016-7395\");\n script_bugtraq_id(92717);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-06 14:41:40 +0530 (Tue, 06 Sep 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop_31-2016-08)-Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - An address bar spoofing vulnerability.\n\n - Multiple use-after-free errors in Blink.\n\n - Multiple heap overflow errors in pdfium.\n\n - Multiple universal xss errors in Blink.\n\n - A type confusion error in Blink.\n\n - A script injection error in DevTools.\n\n - An universal xss error in DevTools.\n\n - A smb relay Attack via Save Page As.\n\n - An extensions web accessible resources bypass\n\n - The SkPath.cpp in Skia does not properly validate the return values of\n ChopMonoAtY calls.\n\n - The various fixes from internal audits, fuzzing and other initiatives.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to conduct spoofing attacks on a\n targeted system, to bypass security, to corrupt memory, to execute arbitrary\n code, to escalate privileges and to cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 53.0.2785.92 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 53.0.2785.92 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2016/08/stable-channel-update-for-desktop_31.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"53.0.2785.92\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"53.0.2785.92\");\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:12:34", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-06T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop_31-2016-08)-MAC OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5162", "CVE-2016-5156", "CVE-2016-5154", "CVE-2016-5151", "CVE-2016-5163", "CVE-2016-5161", "CVE-2016-5147", "CVE-2016-5160", "CVE-2016-5167", "CVE-2016-7395", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5157", "CVE-2016-5150", "CVE-2016-5149", "CVE-2016-5152", "CVE-2016-5166", "CVE-2016-5159"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310809034", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809034", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop_31-2016-08)-MAC OS X\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809034\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\",\n \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\",\n \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\",\n \"CVE-2016-5159\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\",\n \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5160\",\n \"CVE-2016-5167\", \"CVE-2016-7395\");\n script_bugtraq_id(92717);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-06 14:41:40 +0530 (Tue, 06 Sep 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop_31-2016-08)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - An address bar spoofing vulnerability.\n\n - Multiple use-after-free errors in Blink.\n\n - Multiple heap overflow errors in pdfium.\n\n - Multiple universal xss errors in Blink.\n\n - A type confusion error in Blink.\n\n - A script injection error in DevTools.\n\n - An universal xss error in DevTools.\n\n - A smb relay Attack via Save Page As.\n\n - An extensions web accessible resources bypass\n\n - The SkPath.cpp in Skia does not properly validate the return values of\n ChopMonoAtY calls.\n\n - The various fixes from internal audits, fuzzing and other initiatives.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to conduct spoofing attacks on a\n targeted system, to bypass security, to corrupt memory, to execute arbitrary\n code, to escalate privileges and to cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 53.0.2785.89 on MAC OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 53.0.2785.89 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2016/08/stable-channel-update-for-desktop_31.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"53.0.2785.89\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"53.0.2785.89\");\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:11:52", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-06T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop_31-2016-08)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5158", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5162", "CVE-2016-5156", "CVE-2016-5154", "CVE-2016-5151", "CVE-2016-5163", "CVE-2016-5161", "CVE-2016-5147", "CVE-2016-5160", "CVE-2016-5167", "CVE-2016-7395", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5157", "CVE-2016-5150", "CVE-2016-5149", "CVE-2016-5152", "CVE-2016-5166", "CVE-2016-5159"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310809032", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809032", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop_31-2016-08)-Windows\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809032\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5147\", \"CVE-2016-5148\", \"CVE-2016-5149\", \"CVE-2016-5150\",\n \"CVE-2016-5151\", \"CVE-2016-5152\", \"CVE-2016-5153\", \"CVE-2016-5154\",\n \"CVE-2016-5155\", \"CVE-2016-5156\", \"CVE-2016-5157\", \"CVE-2016-5158\",\n \"CVE-2016-5159\", \"CVE-2016-5161\", \"CVE-2016-5162\", \"CVE-2016-5163\",\n \"CVE-2016-5164\", \"CVE-2016-5165\", \"CVE-2016-5166\", \"CVE-2016-5160\",\n \"CVE-2016-5167\", \"CVE-2016-7395\");\n script_bugtraq_id(92717);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-06 14:41:40 +0530 (Tue, 06 Sep 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop_31-2016-08)-Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - An address bar spoofing vulnerability.\n\n - Multiple use-after-free errors in Blink.\n\n - Multiple heap overflow errors in pdfium.\n\n - Multiple universal xss errors in Blink.\n\n - A type confusion error in Blink.\n\n - A script injection error in DevTools.\n\n - An universal xss error in DevTools.\n\n - A smb relay Attack via Save Page As.\n\n - An extensions web accessible resources bypass\n\n - The SkPath.cpp in Skia does not properly validate the return values of\n ChopMonoAtY calls.\n\n - The various fixes from internal audits, fuzzing and other initiatives.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to conduct spoofing attacks on a\n targeted system, to bypass security, to corrupt memory, to execute arbitrary\n code, to escalate privileges and to cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 53.0.2785.89 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 53.0.2785.89 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2016/08/stable-channel-update-for-desktop_31.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"53.0.2785.89\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"53.0.2785.89\");\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-15T00:00:00", "type": "openvas", "title": "Ubuntu Update for oxide-qt USN-3058-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5142", "CVE-2016-5164", "CVE-2016-5165", "CVE-2016-5144", "CVE-2016-5156", "CVE-2016-5141", "CVE-2016-5143", "CVE-2016-5161", "CVE-2016-5146", "CVE-2016-5147", "CVE-2016-5145", "CVE-2016-5167", "CVE-2016-5153", "CVE-2016-5148", "CVE-2016-5155", "CVE-2016-5150"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842884", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842884", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for oxide-qt USN-3058-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842884\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-15 05:47:25 +0200 (Thu, 15 Sep 2016)\");\n script_cve_id(\"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5143\", \"CVE-2016-5144\",\n\t\t\"CVE-2016-5145\", \"CVE-2016-5146\", \"CVE-2016-5167\", \"CVE-2016-5147\",\n\t\t\"CVE-2016-5148\", \"CVE-2016-5150\", \"CVE-2016-5153\", \"CVE-2016-5155\",\n\t\t\"CVE-2016-5156\", \"CVE-2016-5161\", \"CVE-2016-5164\", \"CVE-2016-5165\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for oxide-qt USN-3058-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'oxide-qt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"An issue was discovered in Blink involving\n the provisional URL for an initially empty document. An attacker could potentially\n exploit this to spoof the currently displayed URL. (CVE-2016-5141)\n\nA use-after-free was discovered in the WebCrypto implementation in Blink.\nIf a user were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code. (CVE-2016-5142)\n\nIt was discovered that the devtools subsystem in Blink mishandles various\nparameters. An attacker could exploit this to bypass intended access\nrestrictions. (CVE-2016-5143, CVE-2016-5144)\n\nIt was discovered that Blink does not ensure that a taint property is\npreserved after a structure-clone operation on an ImageBitmap object\nderived from a cross-origin image. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this to\nbypass same origin restrictions. (CVE-2016-5145)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash, or execute arbitrary code.\n(CVE-2016-5146, CVE-2016-5167)\n\nIt was discovered that Blink mishandles deferred page loads. If a user\nwere tricked in to opening a specially crafted website, an attacker could\npotentially exploit this to conduct cross-site scripting (XSS) attacks.\n(CVE-2016-5147)\n\nAn issue was discovered in Blink related to widget updates. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to conduct cross-site scripting (XSS) attacks.\n(CVE-2016-5148)\n\nA use-after-free was discovered in Blink. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via application crash, or execute\narbitrary code. (CVE-2016-5150)\n\nA use-after-free was discovered in Blink. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via application crash, or execute\narbitrary code. (CVE-2016-5153)\n\nIt was discovered that Chromium does not correctly validate access to the\ninitial document. An attacker could potentially exploit this to spoof the\ncurrently displayed URL. (CVE-2016-5155)\n\nA use-after-free was discovered in the event bindings in Blink. If a user\nwere tricked in to opening a specially crafted website, an attacker could\npotentially ex ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"oxide-qt on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3058-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3058-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.17.7-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.17.7-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.17.7-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.17.7-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-22T16:36:38", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-10-21T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2016-10)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310809072", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809072", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2016-10)-Windows\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809072\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\",\n \"CVE-2016-5185\", \"CVE-2016-5188\", \"CVE-2016-5192\", \"CVE-2016-5189\",\n \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\", \"CVE-2016-5193\",\n \"CVE-2016-5194\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-10-21 12:32:32 +0530 (Fri, 21 Oct 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2016-10)-Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to\n\n - An universal XSS error in Blink\n\n - A heap overflow error in Blink.\n\n - Multiple use after free errors in PDFium.\n\n - An use after free error in Blink.\n\n - Multiple URL spoofing errors.\n\n - An UI spoofing error.\n\n - A cross-origin bypass error in Blink.\n\n - An out of bounds read error in DevTools.\n\n - An universal XSS error in Bookmarks.\n\n - An use after free error in Internals.\n\n - A scheme bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to bypass security, to execute\n arbitrary script code, to corrupt memory and to conduct spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version\n prior to 54.0.2840.59 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 54.0.2840.59 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2016/10/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"54.0.2840.59\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"54.0.2840.59\");\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:35:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-10-24T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:2597-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851416", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851416\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-10-24 05:53:08 +0200 (Mon, 24 Oct 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\",\n \"CVE-2016-5185\", \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\",\n \"CVE-2016-5189\", \"CVE-2016-5190\", \"CVE-2016-5191\", \"CVE-2016-5192\",\n \"CVE-2016-5193\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:2597-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Chromium'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Chromium was updated to 54.0.2840.59 to fix security issues and bugs.\n\n The following security issues are fixed (bnc#1004465):\n\n - CVE-2016-5181: Universal XSS in Blink\n\n - CVE-2016-5182: Heap overflow in Blink\n\n - CVE-2016-5183: Use after free in PDFium\n\n - CVE-2016-5184: Use after free in PDFium\n\n - CVE-2016-5185: Use after free in Blink\n\n - CVE-2016-5187: URL spoofing\n\n - CVE-2016-5188: UI spoofing\n\n - CVE-2016-5192: Cross-origin bypass in Blink\n\n - CVE-2016-5189: URL spoofing\n\n - CVE-2016-5186: Out of bounds read in DevTools\n\n - CVE-2016-5191: Universal XSS in Bookmarks\n\n - CVE-2016-5190: Use after free in Internals\n\n - CVE-2016-5193: Scheme bypass\n\n The following bugs were fixed:\n\n - bnc#1000019: display issues in full screen mode, add\n\n - -ui-disable-partial-swap to the launcher\n\n The following packaging changes are included:\n\n - The desktop sub-packages are no obsolete\n\n - The package now uses the system variants of some bundled libraries\n\n - The hangouts extension is now built\");\n\n script_tag(name:\"affected\", value:\"Chromium on openSUSE Leap 42.1, openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:2597-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~54.0.2840.59~131.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~54.0.2840.59~131.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~54.0.2840.59~131.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~54.0.2840.59~131.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~54.0.2840.59~131.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~54.0.2840.59~131.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~54.0.2840.59~131.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-22T16:37:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-c671aae490", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310810192", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810192", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-c671aae490\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810192\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:05:02 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\",\n \"CVE-2016-5185\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\",\n \"CVE-2016-5189\", \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\",\n \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-c671aae490\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-c671aae490\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4RCWGAC7N3ZZKVVHENSTB63UGJVPFY3H\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~54.0.2840.90~3.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T16:38:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-35049d9d97", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872074", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872074", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-35049d9d97\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872074\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:26:31 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\", \"CVE-2016-5189\", \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\", \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-35049d9d97\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-35049d9d97\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZM32UR4V5IFSGNQBN2DUQGRXXGZREMXQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~54.0.2840.90~3.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T16:36:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for chromium-native_client FEDORA-2016-35049d9d97", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872096", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872096", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium-native_client FEDORA-2016-35049d9d97\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872096\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:27:18 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\", \"CVE-2016-5189\", \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\", \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium-native_client FEDORA-2016-35049d9d97\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium-native_client'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium-native_client on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-35049d9d97\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIKHNKBL7RZZ5KV5G2KFPOFEBNOCJ23R\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium-native_client\", rpm:\"chromium-native_client~54.0.2840.59~1.20161013git090f907.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T16:37:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-012de4c97e", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310810191", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-012de4c97e\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810191\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:05:50 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\",\n \"CVE-2016-5185\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\",\n \"CVE-2016-5189\", \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\",\n \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-012de4c97e\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-012de4c97e\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HASNN4PFSKUPILQR2OWWTPTFDPDSSX6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~54.0.2840.90~3.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T16:37:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for chromium-native_client FEDORA-2016-c671aae490", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310810156", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810156", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium-native_client FEDORA-2016-c671aae490\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810156\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:03:25 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\",\n \"CVE-2016-5185\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\",\n \"CVE-2016-5189\", \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\",\n \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium-native_client FEDORA-2016-c671aae490\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium-native_client'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium-native_client on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-c671aae490\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DISCLNR37PIQKLLY5LUXN33SJ5EGY7JV\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium-native_client\", rpm:\"chromium-native_client~54.0.2840.59~1.20161013git090f907.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T16:37:00", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-10-21T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2016-10)-MAC OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310809074", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809074", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2016-10)-MAC OS X\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809074\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\",\n \"CVE-2016-5185\", \"CVE-2016-5188\", \"CVE-2016-5189\", \"CVE-2016-5186\",\n \"CVE-2016-5191\", \"CVE-2016-5190\", \"CVE-2016-5194\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-10-21 12:32:32 +0530 (Fri, 21 Oct 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2016-10)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to\n\n - An universal XSS error in Blink\n\n - A heap overflow error in Blink.\n\n - Multiple use after free errors in PDFium.\n\n - An use after free error in Blink.\n\n - Multiple URL spoofing errors.\n\n - An UI spoofing error.\n\n - A cross-origin bypass error in Blink.\n\n - An out of bounds read error in DevTools.\n\n - An universal XSS error in Bookmarks.\n\n - An use after free error in Internals.\n\n - A scheme bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to bypass security, to execute\n arbitrary script code, to corrupt memory and to conduct spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version\n prior to 54.0.2840.59 on MAC OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 54.0.2840.59 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2016/10/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"54.0.2840.59\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"54.0.2840.59\");\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T16:36:09", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-10-21T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2016-10)-Linux", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310809073", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809073", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2016-10)-Linux\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809073\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\",\n \"CVE-2016-5185\", \"CVE-2016-5188\", \"CVE-2016-5189\", \"CVE-2016-5186\",\n \"CVE-2016-5191\", \"CVE-2016-5190\", \"CVE-2016-5194\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-10-21 12:32:32 +0530 (Fri, 21 Oct 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2016-10)-Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to\n\n - An universal XSS error in Blink\n\n - A heap overflow error in Blink.\n\n - Multiple use after free errors in PDFium.\n\n - An use after free error in Blink.\n\n - Multiple URL spoofing errors.\n\n - An UI spoofing error.\n\n - A cross-origin bypass error in Blink.\n\n - An out of bounds read error in DevTools.\n\n - An universal XSS error in Bookmarks.\n\n - An use after free error in Internals.\n\n - A scheme bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to bypass security, to execute\n arbitrary script code, to corrupt memory and to conduct spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version\n prior to 54.0.2840.59 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 54.0.2840.59 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2016/10/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"54.0.2840.59\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"54.0.2840.59\");\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:11:53", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-08-04T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2016-08)-Linux", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5142", "CVE-2016-5144", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5143", "CVE-2016-5146", "CVE-2016-5145", "CVE-2016-5139"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310808295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808295", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2016-08)-Linux\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808295\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5139\", \"CVE-2016-5140\",\n \"CVE-2016-5145\", \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5146\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-08-04 15:10:25 +0530 (Thu, 04 Aug 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2016-08)-Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - An address bar spoofing vulnerability.\n\n - An use-after-free error in Blink.\n\n - Multiple heap overflow errors in pdfium.\n\n - A same origin bypass error for images in Blink.\n\n - Parameter sanitization failure in DevTools.\n\n - The various fixes from internal audits, fuzzing and other initiatives.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to conduct spoofing attacks on a\n targeted system, to bypass security, to corrupt memory, to execute arbitrary\n code and to cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 52.0.2743.116 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 52.0.2743.116 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2016/08/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"52.0.2743.116\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"52.0.2743.116\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:11:47", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-08-04T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2016-08)-MAC OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5142", "CVE-2016-5144", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5143", "CVE-2016-5146", "CVE-2016-5145", "CVE-2016-5139"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310808296", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808296", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2016-08)-MAC OS X\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808296\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5139\", \"CVE-2016-5140\",\n \"CVE-2016-5145\", \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5146\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-08-04 15:10:25 +0530 (Thu, 04 Aug 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2016-08)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - An address bar spoofing vulnerability.\n\n - An use-after-free error in Blink.\n\n - Multiple heap overflow errors in pdfium.\n\n - A same origin bypass error for images in Blink.\n\n - Parameter sanitization failure in DevTools.\n\n - The various fixes from internal audits, fuzzing and other initiatives.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to conduct spoofing attacks on a\n targeted system, to bypass security, to corrupt memory, to execute arbitrary\n code and to cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 52.0.2743.116 on MAC OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 52.0.2743.116 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2016/08/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"52.0.2743.116\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"52.0.2743.116\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:35:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-08T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:1982-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5142", "CVE-2016-5144", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5143", "CVE-2016-5146", "CVE-2016-5145", "CVE-2016-5139"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851376", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851376", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851376\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-08-08 05:37:51 +0200 (Mon, 08 Aug 2016)\");\n script_cve_id(\"CVE-2016-5139\", \"CVE-2016-5140\", \"CVE-2016-5141\", \"CVE-2016-5142\",\n \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5145\", \"CVE-2016-5146\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:1982-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Chromium'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Chromium was updated to 52.0.2743.116 to fix the following security\n issues: (boo#992305)\n\n - CVE-2016-5141: Address bar spoofing (boo#992314)\n\n - CVE-2016-5142: Use-after-free in Blink (boo#992313)\n\n - CVE-2016-5139: Heap overflow in pdfium (boo#992311)\n\n - CVE-2016-5140: Heap overflow in pdfium (boo#992310)\n\n - CVE-2016-5145: Same origin bypass for images in Blink (boo#992320)\n\n - CVE-2016-5143: Parameter sanitization failure in DevTools (boo#992319)\n\n - CVE-2016-5144: Parameter sanitization failure in DevTools (boo#992315)\n\n - CVE-2016-5146: Various fixes from internal audits, fuzzing and other\n initiatives (boo#992309)\");\n\n script_tag(name:\"affected\", value:\"Chromium on openSUSE Leap 42.1, openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:1982-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~52.0.2743.116~114.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~52.0.2743.116~114.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~52.0.2743.116~114.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~52.0.2743.116~114.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~52.0.2743.116~114.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:11:25", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-08-04T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2016-08)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5142", "CVE-2016-5144", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5143", "CVE-2016-5146", "CVE-2016-5145", "CVE-2016-5139"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310807352", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807352", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2016-08)-Windows\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807352\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5139\", \"CVE-2016-5140\",\n \"CVE-2016-5145\", \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5146\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-08-04 15:10:25 +0530 (Thu, 04 Aug 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2016-08)-Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - An address bar spoofing vulnerability.\n\n - An use-after-free error in Blink.\n\n - Multiple heap overflow errors in pdfium.\n\n - A same origin bypass error for images in Blink.\n\n - Parameter sanitization failure in DevTools.\n\n - The various fixes from internal audits, fuzzing and other initiatives.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to conduct spoofing attacks on a\n targeted system, to bypass security, to corrupt memory, to execute arbitrary\n code and to cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 52.0.2743.116 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 52.0.2743.116 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2016/08/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"52.0.2743.116\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"52.0.2743.116\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-22T16:36:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-08T00:00:00", "type": "openvas", "title": "Ubuntu Update for oxide-qt USN-3113-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5182", "CVE-2016-5186", "CVE-2016-5189", "CVE-2016-5194", "CVE-2016-1586", "CVE-2016-5185", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842940", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842940", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for oxide-qt USN-3113-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842940\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-08 15:52:43 +0530 (Tue, 08 Nov 2016)\");\n script_cve_id(\"CVE-2016-1586\", \"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5185\",\n \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5189\",\n\t\t\"CVE-2016-5192\", \"CVE-2016-5194\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for oxide-qt USN-3113-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'oxide-qt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that a long running unload\n handler could cause an incognito profile to be reused in some circumstances. If a\n user were tricked in to opening a specially crafted website, an attacker could\n potentially exploit this to obtain sensitive information. (CVE-2016-1586)\n\nMultiple security vulnerabilities were discovered in Chromium. If a user\nwere tricked in to opening a specially crafted website, an attacker could\npotentially exploit these to conduct cross-site scripting (XSS) attacks,\nspoof an application's URL bar, obtain sensitive information, cause a\ndenial of service via application crash, or execute arbitrary code.\n(CVE-2016-5181, CVE-2016-5182, CVE-2016-5185, CVE-2016-5186,\nCVE-2016-5187, CVE-2016-5188, CVE-2016-5189, CVE-2016-5192, CVE-2016-5194)\");\n script_tag(name:\"affected\", value:\"oxide-qt on Ubuntu 16.04 LTS,\n Ubuntu 16.10,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3113-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3113-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.04 LTS|16\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.18.3-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.18.3-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.18.3-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.18.3-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.18.3-0ubuntu0.16.10.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.18.3-0ubuntu0.16.10.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-13T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-e9798eaaa3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5142", "CVE-2016-5144", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5143", "CVE-2016-5145", "CVE-2016-5139"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809113", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809113", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-e9798eaaa3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809113\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-13 06:03:15 +0200 (Sat, 13 Aug 2016)\");\n script_cve_id(\"CVE-2016-5141\", \"CVE-2016-5142\", \"CVE-2016-5139\", \"CVE-2016-5140\", \"CVE-2016-5145\", \"CVE-2016-5143\", \"CVE-2016-5144\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-e9798eaaa3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-e9798eaaa3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KMX62M7UNRLWO4FEQ6YIMPMTKXXJV6A\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~52.0.2743.116~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:42", "description": "Several vulnerabilities have been\ndiscovered in the chromium web browser.\n\nCVE-2016-5139\nGiWan Go discovered a use-after-free issue in the pdfium library.\n\nCVE-2016-5140\nKe Liu discovered a use-after-free issue in the pdfium library.\n\nCVE-2016-5141\nSergey Glazunov discovered a URL spoofing issue.\n\nCVE-2016-5142\nSergey Glazunov discovered a use-after-free issue.\n\nCVE-2016-5143\nGregory Panakkal discovered an issue in the developer tools.\n\nCVE-2016-5144\nGregory Panakkal discovered another issue in the developer tools.\n\nCVE-2016-5146\nThe chrome development team found and fixed various issues during\ninternal auditing.", "cvss3": {}, "published": "2016-08-09T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3645-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5142", "CVE-2016-5144", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5143", "CVE-2016-5146", "CVE-2016-5139"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703645", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703645", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3645.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3645-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703645\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2016-5139\", \"CVE-2016-5140\", \"CVE-2016-5141\", \"CVE-2016-5142\",\n \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5146\");\n script_name(\"Debian Security Advisory DSA 3645-1 (chromium-browser - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-09 00:00:00 +0200 (Tue, 09 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3645.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 52.0.2743.116-1~deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 52.0.2743.116-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been\ndiscovered in the chromium web browser.\n\nCVE-2016-5139\nGiWan Go discovered a use-after-free issue in the pdfium library.\n\nCVE-2016-5140\nKe Liu discovered a use-after-free issue in the pdfium library.\n\nCVE-2016-5141\nSergey Glazunov discovered a URL spoofing issue.\n\nCVE-2016-5142\nSergey Glazunov discovered a use-after-free issue.\n\nCVE-2016-5143\nGregory Panakkal discovered an issue in the developer tools.\n\nCVE-2016-5144\nGregory Panakkal discovered another issue in the developer tools.\n\nCVE-2016-5146\nThe chrome development team found and fixed various issues during\ninternal auditing.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"52.0.2743.116-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"52.0.2743.116-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"52.0.2743.116-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"52.0.2743.116-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"52.0.2743.116-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-10-30T10:52:20", "description": "Several vulnerabilities have been\ndiscovered in the chromium web browser.\n\nCVE-2016-5139 \nGiWan Go discovered a use-after-free issue in the pdfium library.\n\nCVE-2016-5140 \nKe Liu discovered a use-after-free issue in the pdfium library.\n\nCVE-2016-5141 \nSergey Glazunov discovered a URL spoofing issue.\n\nCVE-2016-5142 \nSergey Glazunov discovered a use-after-free issue.\n\nCVE-2016-5143 \nGregory Panakkal discovered an issue in the developer tools.\n\nCVE-2016-5144 \nGregory Panakkal discovered another issue in the developer tools.\n\nCVE-2016-5146 \nThe chrome development team found and fixed various issues during\ninternal auditing.", "cvss3": {}, "published": "2016-08-09T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3645-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5142", "CVE-2016-5144", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5143", "CVE-2016-5146", "CVE-2016-5139"], "modified": "2017-10-26T00:00:00", "id": "OPENVAS:703645", "href": "http://plugins.openvas.org/nasl.php?oid=703645", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3645.nasl 7585 2017-10-26 15:03:01Z cfischer $\n# Auto-generated from advisory DSA 3645-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703645);\n script_version(\"$Revision: 7585 $\");\n script_cve_id(\"CVE-2016-5139\", \"CVE-2016-5140\", \"CVE-2016-5141\", \"CVE-2016-5142\",\n \"CVE-2016-5143\", \"CVE-2016-5144\", \"CVE-2016-5146\");\n script_name(\"Debian Security Advisory DSA 3645-1 (chromium-browser - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-10-26 17:03:01 +0200 (Thu, 26 Oct 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-08-09 00:00:00 +0200 (Tue, 09 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3645.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"chromium-browser on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 52.0.2743.116-1~deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 52.0.2743.116-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been\ndiscovered in the chromium web browser.\n\nCVE-2016-5139 \nGiWan Go discovered a use-after-free issue in the pdfium library.\n\nCVE-2016-5140 \nKe Liu discovered a use-after-free issue in the pdfium library.\n\nCVE-2016-5141 \nSergey Glazunov discovered a URL spoofing issue.\n\nCVE-2016-5142 \nSergey Glazunov discovered a use-after-free issue.\n\nCVE-2016-5143 \nGregory Panakkal discovered an issue in the developer tools.\n\nCVE-2016-5144 \nGregory Panakkal discovered another issue in the developer tools.\n\nCVE-2016-5146 \nThe chrome development team found and fixed various issues during\ninternal auditing.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"52.0.2743.116-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"52.0.2743.116-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"52.0.2743.116-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"52.0.2743.116-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"52.0.2743.116-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-03b199bec6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5173", "CVE-2016-5171", "CVE-2016-5170", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5172"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871980", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871980", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-03b199bec6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871980\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:22:18 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-03b199bec6\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-03b199bec6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDU4UH7URJKGOXWZD6PVKEVSSI4SSPQJ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~53.0.2785.113~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:34:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-15T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2016:2310-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5173", "CVE-2016-5171", "CVE-2016-5170", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5172"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851393", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851393", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851393\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-09-15 05:48:16 +0200 (Thu, 15 Sep 2016)\");\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\",\n \"CVE-2016-5174\", \"CVE-2016-5175\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2016:2310-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Chromium was updated to 53.0.2785.113 to fix a number of security issues\n and bugs.\n\n The following vulnerabilities were fixed:\n\n - CVE-2016-5170: Use after free in Blink\n\n - CVE-2016-5171: Use after free in Blink\n\n - CVE-2016-5172: Arbitrary Memory Read in v8\n\n - CVE-2016-5173: Extension resource access\n\n - CVE-2016-5174: Popup not correctly suppressed\n\n - CVE-2016-5175: Various fixes from internal audits, fuzzing and other\n initiatives\");\n\n script_tag(name:\"affected\", value:\"chromium on openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:2310-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~53.0.2785.113~123.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~53.0.2785.113~123.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~53.0.2785.113~123.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~53.0.2785.113~123.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~53.0.2785.113~123.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~53.0.2785.113~123.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~53.0.2785.113~123.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~53.0.2785.113~123.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:34:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-15T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2016:2311-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5173", "CVE-2016-5171", "CVE-2016-5170", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5172"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851392", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851392", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851392\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-09-15 05:48:06 +0200 (Thu, 15 Sep 2016)\");\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\",\n \"CVE-2016-5174\", \"CVE-2016-5175\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2016:2311-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Chromium was updated to 53.0.2785.113 to fix a number of security issues\n and bugs.\n\n The following vulnerabilities were fixed:\n\n - CVE-2016-5170: Use after free in Blink\n\n - CVE-2016-5171: Use after free in Blink\n\n - CVE-2016-5172: Arbitrary Memory Read in v8\n\n - CVE-2016-5173: Extension resource access\n\n - CVE-2016-5174: Popup not correctly suppressed\n\n - CVE-2016-5175: Various fixes from internal audits, fuzzing and other\n initiatives.\n\n The following upstream fixes are included:\n\n - SPDY crash fixes\n\n - Disable NV12 DXGI video on AMD\n\n - Forward --password-store switch to os_crypt\n\n - Tell the kernel to discard USB requests when they time out.\n\n - disallow WKBackForwardListItem navigations for pushState pages\n\n - arc: bluetooth: Fix advertised uuid\n\n - fix conflicting PendingIntent for stop button and swipe away\n\n The widevine plugin was re-enabled (boo#998328).\");\n\n script_tag(name:\"affected\", value:\"chromium on openSUSE Leap 42.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:2311-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~53.0.2785.113~74.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~53.0.2785.113~74.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~53.0.2785.113~74.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~53.0.2785.113~74.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~53.0.2785.113~74.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~53.0.2785.113~74.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~53.0.2785.113~74.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~53.0.2785.113~74.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-17T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-b15185b72a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5173", "CVE-2016-5171", "CVE-2016-5170", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-5172"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809251", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-b15185b72a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809251\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-17 05:12:01 +0200 (Sat, 17 Sep 2016)\");\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\", \"CVE-2016-5174\", \"CVE-2016-5175\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-b15185b72a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-b15185b72a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LOPNOLUNTHMVCHW6LK3Y7PXMGNGE42B\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~53.0.2785.113~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:54:38", "description": "Several vulnerabilities have been\ndiscovered in the chromium web browser.\n\nCVE-2016-5170 \nA use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5171 \nAnother use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5172 \nChoongwoo Han discovered an information leak in the v8 javascript\nlibrary.\n\nCVE-2016-5173 \nA resource bypass issue was discovered in extensions.\n\nCVE-2016-5174 \nAndrey Kovalev discoved a way to bypass the popup blocker.\n\nCVE-2016-5175 \nThe chrome development team found and fixed various issues during\ninternal auditing.\n\nCVE-2016-7395 \nAn uninitialized memory read issue was discovered in the skia\nlibrary.", "cvss3": {}, "published": "2016-09-15T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3667-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5173", "CVE-2016-5171", "CVE-2016-5170", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-7395", "CVE-2016-5172"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703667", "href": "http://plugins.openvas.org/nasl.php?oid=703667", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3667.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3667-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703667);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\",\n \"CVE-2016-5174\", \"CVE-2016-5175\", \"CVE-2016-7395\");\n script_name(\"Debian Security Advisory DSA 3667-1 (chromium-browser - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-09-15 00:00:00 +0200 (Thu, 15 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3667.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"chromium-browser on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 53.0.2785.113-1~deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 53.0.2785.113-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been\ndiscovered in the chromium web browser.\n\nCVE-2016-5170 \nA use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5171 \nAnother use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5172 \nChoongwoo Han discovered an information leak in the v8 javascript\nlibrary.\n\nCVE-2016-5173 \nA resource bypass issue was discovered in extensions.\n\nCVE-2016-5174 \nAndrey Kovalev discoved a way to bypass the popup blocker.\n\nCVE-2016-5175 \nThe chrome development team found and fixed various issues during\ninternal auditing.\n\nCVE-2016-7395 \nAn uninitialized memory read issue was discovered in the skia\nlibrary.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed\nsoftware version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"53.0.2785.113-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"53.0.2785.113-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"53.0.2785.113-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"53.0.2785.113-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"53.0.2785.113-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:28", "description": "Several vulnerabilities have been\ndiscovered in the chromium web browser.\n\nCVE-2016-5170\nA use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5171\nAnother use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5172\nChoongwoo Han discovered an information leak in the v8 javascript\nlibrary.\n\nCVE-2016-5173\nA resource bypass issue was discovered in extensions.\n\nCVE-2016-5174\nAndrey Kovalev discoved a way to bypass the popup blocker.\n\nCVE-2016-5175\nThe chrome development team found and fixed various issues during\ninternal auditing.\n\nCVE-2016-7395\nAn uninitialized memory read issue was discovered in the skia\nlibrary.", "cvss3": {}, "published": "2016-09-15T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3667-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5173", "CVE-2016-5171", "CVE-2016-5170", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-7395", "CVE-2016-5172"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703667", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703667", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3667.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3667-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703667\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5173\",\n \"CVE-2016-5174\", \"CVE-2016-5175\", \"CVE-2016-7395\");\n script_name(\"Debian Security Advisory DSA 3667-1 (chromium-browser - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-15 00:00:00 +0200 (Thu, 15 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3667.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 53.0.2785.113-1~deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 53.0.2785.113-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been\ndiscovered in the chromium web browser.\n\nCVE-2016-5170\nA use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5171\nAnother use-after-free issue was discovered in Blink/Webkit.\n\nCVE-2016-5172\nChoongwoo Han discovered an information leak in the v8 javascript\nlibrary.\n\nCVE-2016-5173\nA resource bypass issue was discovered in extensions.\n\nCVE-2016-5174\nAndrey Kovalev discoved a way to bypass the popup blocker.\n\nCVE-2016-5175\nThe chrome development team found and fixed various issues during\ninternal auditing.\n\nCVE-2016-7395\nAn uninitialized memory read issue was discovered in the skia\nlibrary.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed\nsoftware version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"53.0.2785.113-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"53.0.2785.113-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"53.0.2785.113-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"53.0.2785.113-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"53.0.2785.113-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-10-08T00:00:00", "type": "openvas", "title": "Ubuntu Update for oxide-qt USN-3091-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5177", "CVE-2016-5171", "CVE-2016-5170", "CVE-2016-5175", "CVE-2016-7549", "CVE-2016-5172", "CVE-2016-5178"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842906", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842906", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for oxide-qt USN-3091-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842906\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-08 05:44:27 +0200 (Sat, 08 Oct 2016)\");\n script_cve_id(\"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5175\",\n\t\t\"CVE-2016-5178\", \"CVE-2016-5177\", \"CVE-2016-7549\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for oxide-qt USN-3091-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'oxide-qt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A use-after-free was discovered in the V8\n bindings in Blink. If a user were tricked in to opening a specially crafted\n website, an attacker could potentially exploit this to cause a denial of\n service via application crash, or execute arbitrary code. (CVE-2016-5170)\n\nA use-after-free was discovered in the V8 bindings in Blink. If a user\nwere tricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code. (CVE-2016-5171)\n\nAn issue was discovered in V8. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this to\ncontain sensitive information from arbitrary memory locations.\n(CVE-2016-5172)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash, or execute arbitrary code.\n(CVE-2016-5175, CVE-2016-5178)\n\nA use-after-free was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application crash, or\nexecute arbitrary code. (CVE-2016-5177)\n\nIt was discovered that Chromium does not ensure the recipient of a certain\nIPC message is a valid RenderFrame or RenderWidget. An attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code. (CVE-2016-7549)\");\n script_tag(name:\"affected\", value:\"oxide-qt on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3091-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3091-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.17.9-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.17.9-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.17.9-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.17.9-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for oxide-qt USN-3041-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5129", "CVE-2016-1706", "CVE-2016-5134", "CVE-2016-5130", "CVE-2016-1710", "CVE-2016-1711", "CVE-2016-5133", "CVE-2016-5131", "CVE-2016-1705", "CVE-2016-5135", "CVE-2016-5128", "CVE-2016-5132", "CVE-2016-5137", "CVE-2016-5127"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842848", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842848", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for oxide-qt USN-3041-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842848\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-06 05:37:10 +0200 (Sat, 06 Aug 2016)\");\n script_cve_id(\"CVE-2016-1705\", \"CVE-2016-1706\", \"CVE-2016-1710\", \"CVE-2016-1711\",\n\t\t\"CVE-2016-5127\", \"CVE-2016-5128\", \"CVE-2016-5129\", \"CVE-2016-5130\",\n \t\t\"CVE-2016-5131\", \"CVE-2016-5132\", \"CVE-2016-5133\", \"CVE-2016-5134\",\n \t\t\"CVE-2016-5135\", \"CVE-2016-5137\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for oxide-qt USN-3041-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'oxide-qt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Multiple security issues were discovered\n in Chromium. If a user were tricked in to opening a specially crafted website,\n an attacker could potentially exploit these to read uninitialized memory,\n cause a denial of service (application crash) or execute arbitrary code.\n (CVE-2016-1705)\n\nIt was discovered that the PPAPI implementation does not validate the\norigin of IPC messages to the plugin broker process. A remote attacker\ncould potentially exploit this to bypass sandbox protection mechanisms.\n(CVE-2016-1706)\n\nIt was discovered that Blink does not prevent window creation by a\ndeferred frame. A remote attacker could potentially exploit this to bypass\nsame origin restrictions. (CVE-2016-1710)\n\nIt was discovered that Blink does not disable frame navigation during a\ndetach operation on a DocumentLoader object. A remote attacker could\npotentially exploit this to bypass same origin restrictions.\n(CVE-2016-1711)\n\nA use-after-free was discovered in Blink. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer process crash, or execute\narbitrary code. (CVE-2016-5127)\n\nIt was discovered that objects.cc in V8 does not prevent API interceptors\nfrom modifying a store target without setting a property. A remote\nattacker could potentially exploit this to bypass same origin\nrestrictions. (CVE-2016-5128)\n\nA memory corruption was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer process crash, or execute\narbitrary code. (CVE-2016-5129)\n\nA security issue was discovered in Chromium. A remote attacker could\npotentially exploit this to spoof the currently displayed URL.\n(CVE-2016-5130)\n\nA use-after-free was discovered in libxml. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer process crash, or execute\narbitrary code. (CVE-2016-5131)\n\nThe Service Workers implementation in Chromium does not properly implement\nthe Secure Contexts specification during decisions about whether to\ncontrol a subframe. A remote attacker could potentially exploit this to\nbypass same origin restrictions. (CVE-2016-5132)\n\nIt was discovered that Chromium mishandles origin information during proxy\nauthentication. A man-in-the-middle attacker could potentially exploit this\nto spoof a proxy authentication login prompt. (CVE-2016-5133)\n\nIt was discovered that the Proxy Auto-Config (PAC) feature in Chromium\ndoes ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"oxide-qt on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3041-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3041-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.16.5-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.16.5-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.16.5-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.16.5-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:11:04", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-15T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop_13-2016-09)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5173", "CVE-2016-5176", "CVE-2016-5171", "CVE-2016-5170", "CVE-2016-5174", "CVE-2016-5175", "CVE-2016-7549", "CVE-2016-5172"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310809045", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809045", "sourceData": "################
GLSA-201610-09 : Chromium: Multiple vulnerabilities
