{"id": "MACOSX_GOOGLE_CHROME_54_0_2840_87.NASL", "bulletinFamily": "scanner", "title": "Google Chrome < 54.0.2840.87 V8 Globals Stable Map Assumption Handling RCE (macOS)", "description": "The version of Google Chrome installed on the remote macOS or Mac OS X\nhost is prior to 54.0.2840.87. It is, therefore, affected by a remote\ncode execution vulnerability in the V8 component due to an\nout-of-bounds access error that occurs when handling stable map\nassumptions for globals. An unauthenticated, remote attacker can\nexploit this, via a specially crafted website, to cause a denial of\nservice condition or the execution of arbitrary code.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "published": "2016-11-04T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/94581", "reporter": "This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?e6e2704d"], "cvelist": ["CVE-2016-5198"], "type": "nessus", "lastseen": "2021-01-01T03:30:29", "edition": 30, "viewCount": 13, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-5198"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310809099", "OPENVAS:1361412562310872096", "OPENVAS:1361412562310851425", "OPENVAS:1361412562310872074", "OPENVAS:1361412562310810192", "OPENVAS:1361412562310810156", "OPENVAS:1361412562310810201", "OPENVAS:1361412562310842973", "OPENVAS:1361412562310810191", "OPENVAS:1361412562310810200"]}, {"type": "nessus", "idList": ["GOOGLE_CHROME_54_0_2840_87.NASL", "FEDORA_2016-C671AAE490.NASL", "FEDORA_2017-98BED96D12.NASL", "FREEBSD_PKG_AE9CB9B8A20311E6A2653065EC8FD3EC.NASL", "UBUNTU_USN-3133-1.NASL", "DEBIAN_DSA-3731.NASL", "OPENSUSE-2016-1266.NASL", "FEDORA_2016-35049D9D97.NASL", "REDHAT-RHSA-2016-2672.NASL", "FEDORA_2016-012DE4C97E.NASL"]}, {"type": "redhat", "idList": ["RHSA-2016:2672"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:2732-1", "OPENSUSE-SU-2016:2733-1"]}, {"type": "kaspersky", "idList": ["KLA10951"]}, {"type": "freebsd", "idList": ["AE9CB9B8-A203-11E6-A265-3065EC8FD3EC"]}, {"type": "ubuntu", "idList": ["USN-3133-1"]}, {"type": "fedora", "idList": ["FEDORA:52D616079706", "FEDORA:C0FA66075F19", "FEDORA:68F5B6074A4D", "FEDORA:187F860567E5", "FEDORA:E68A1603A526", "FEDORA:0868860567DB"]}, {"type": "archlinux", "idList": ["ASA-201612-18"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3731-1:02966"]}], "modified": "2021-01-01T03:30:29", "rev": 2}, "score": {"value": 8.3, "vector": "NONE", "modified": "2021-01-01T03:30:29", "rev": 2}, "vulnersScore": 8.3}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94581);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\"CVE-2016-5198\");\n script_bugtraq_id(94079);\n\n script_name(english:\"Google Chrome < 54.0.2840.87 V8 Globals Stable Map Assumption Handling RCE (macOS)\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is\naffected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS or Mac OS X\nhost is prior to 54.0.2840.87. It is, therefore, affected by a remote\ncode execution vulnerability in the V8 component due to an\nout-of-bounds access error that occurs when handling stable map\nassumptions for globals. An unauthenticated, remote attacker can\nexploit this, via a specially crafted website, to cause a denial of\nservice condition or the execution of arbitrary code.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://googlechromereleases.blogspot.com/2016/11/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e6e2704d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 54.0.2840.87 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5198\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'54.0.2840.87', severity:SECURITY_WARNING);\n", "naslFamily": "MacOS X Local Security Checks", "pluginID": "94581", "cpe": ["cpe:/a:google:chrome"], "scheme": null, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}

{"cve": [{"lastseen": "2020-12-09T20:07:39", "description": "V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page.", "edition": 5, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-19T05:59:00", "title": "CVE-2016-5198", "type": "cve", "cwe": ["CWE-125", "CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5198"], "modified": "2018-01-05T02:30:00", "cpe": ["cpe:/a:google:chrome:54.0.2840.71"], "id": "CVE-2016-5198", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5198", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:54.0.2840.71:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-07-19T22:11:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5198"], "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2016-11-16T00:00:00", "id": "OPENVAS:1361412562310809099", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809099", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2016-11)-Windows", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2016-11)-Windows\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809099\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-11-16 18:08:48 +0530 (Wed, 16 Nov 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2016-11)-Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Flaw exists due to an out of bounds\n memory access error in V8.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to cause information disclosure,\n execute arbitrary code and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version\n prior to 54.0.2840.87 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 54.0.2840.87 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://googlechromereleases.blogspot.in/2016/11/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"54.0.2840.87\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"54.0.2840.87\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:12:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5198"], "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2016-11-16T00:00:00", "id": "OPENVAS:1361412562310810200", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810200", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2016-11)-Linux", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2016-11)-Linux\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810200\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-11-16 18:08:48 +0530 (Wed, 16 Nov 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2016-11)-Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Flaw exists due to an out of bounds\n memory access error in V8.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to cause information disclosure,\n execute arbitrary code and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version\n prior to 54.0.2840.90 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 54.0.2840.90 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://googlechromereleases.blogspot.in/2016/11/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"54.0.2840.90\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"54.0.2840.90\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:35:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5198"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2016-11-05T00:00:00", "id": "OPENVAS:1361412562310851425", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851425", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2016:2733-1)", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851425\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-11-05 05:31:43 +0100 (Sat, 05 Nov 2016)\");\n script_cve_id(\"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2016:2733-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update to Chromium 54.0.2840.90: fixes the following security issues:\n\n - CVE-2016-5198: out of bounds memory access in v8 (boo#1008274)\");\n\n script_tag(name:\"affected\", value:\"chromium on openSUSE Leap 42.1, openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:2733-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~54.0.2840.90~134.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~54.0.2840.90~134.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~54.0.2840.90~134.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~54.0.2840.90~134.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~54.0.2840.90~134.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~54.0.2840.90~134.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~54.0.2840.90~134.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:11:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5198"], "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2016-11-16T00:00:00", "id": "OPENVAS:1361412562310810201", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810201", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2016-11)-MAC OS X", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2016-11)-MAC OS X\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810201\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-11-16 18:08:48 +0530 (Wed, 16 Nov 2016)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2016-11)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Flaw exists due to an out of bounds\n memory access error in V8.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to cause information disclosure,\n execute arbitrary code and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version\n prior to 54.0.2840.87 on MAC OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 54.0.2840.87 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://googlechromereleases.blogspot.in/2016/11/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"54.0.2840.87\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"54.0.2840.87\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-20T16:20:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5202", "CVE-2016-5198", "CVE-2016-5200", "CVE-2016-5199"], "description": "The remote host is missing an update for the ", "modified": "2019-11-19T00:00:00", "published": "2016-12-02T00:00:00", "id": "OPENVAS:1361412562310842973", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842973", "type": "openvas", "title": "Ubuntu Update for oxide-qt USN-3133-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for oxide-qt USN-3133-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842973\");\n script_version(\"2019-11-19T07:59:35+0000\");\n script_tag(name:\"last_modification\", value:\"2019-11-19 07:59:35 +0000 (Tue, 19 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 05:33:49 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-5198\", \"CVE-2016-5200\", \"CVE-2016-5202\", \"CVE-2016-5199\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for oxide-qt USN-3133-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'oxide-qt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Multiple security vulnerabilities were\n discovered in Chromium. If a user were tricked in to opening a specially\n crafted website, an attacker could potentially exploit these to obtain sensitive\n information, cause a denial of service via application crash, or execute\n arbitrary code. (CVE-2016-5198, CVE-2016-5200, CVE-2016-5202)\n\nA heap-corruption issue was discovered in FFmpeg. If a user were tricked\nin to opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application crash, or\nexecute arbitrary code. (CVE-2016-5199)\");\n script_tag(name:\"affected\", value:\"oxide-qt on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 16.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3133-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3133-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.04 LTS|16\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.18.5-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.18.5-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.18.5-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.18.5-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.18.5-0ubuntu0.16.10.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.18.5-0ubuntu0.16.10.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-22T16:37:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-02T00:00:00", "id": "OPENVAS:1361412562310810192", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810192", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-c671aae490", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-c671aae490\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810192\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:05:02 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\",\n \"CVE-2016-5185\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\",\n \"CVE-2016-5189\", \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\",\n \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-c671aae490\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-c671aae490\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4RCWGAC7N3ZZKVVHENSTB63UGJVPFY3H\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~54.0.2840.90~3.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T16:37:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-02T00:00:00", "id": "OPENVAS:1361412562310810191", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810191", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-012de4c97e", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-012de4c97e\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810191\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:05:50 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\",\n \"CVE-2016-5185\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\",\n \"CVE-2016-5189\", \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\",\n \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-012de4c97e\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-012de4c97e\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HASNN4PFSKUPILQR2OWWTPTFDPDSSX6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~54.0.2840.90~3.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T16:36:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-07T00:00:00", "id": "OPENVAS:1361412562310872096", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872096", "type": "openvas", "title": "Fedora Update for chromium-native_client FEDORA-2016-35049d9d97", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium-native_client FEDORA-2016-35049d9d97\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872096\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:27:18 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\", \"CVE-2016-5189\", \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\", \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium-native_client FEDORA-2016-35049d9d97\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium-native_client'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium-native_client on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-35049d9d97\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIKHNKBL7RZZ5KV5G2KFPOFEBNOCJ23R\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium-native_client\", rpm:\"chromium-native_client~54.0.2840.59~1.20161013git090f907.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T16:38:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-07T00:00:00", "id": "OPENVAS:1361412562310872074", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872074", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2016-35049d9d97", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium FEDORA-2016-35049d9d97\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872074\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:26:31 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\", \"CVE-2016-5189\", \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\", \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2016-35049d9d97\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-35049d9d97\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZM32UR4V5IFSGNQBN2DUQGRXXGZREMXQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~54.0.2840.90~3.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T16:37:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-02T00:00:00", "id": "OPENVAS:1361412562310810156", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810156", "type": "openvas", "title": "Fedora Update for chromium-native_client FEDORA-2016-c671aae490", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chromium-native_client FEDORA-2016-c671aae490\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810156\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:03:25 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\",\n \"CVE-2016-5185\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\",\n \"CVE-2016-5189\", \"CVE-2016-5186\", \"CVE-2016-5191\", \"CVE-2016-5190\",\n \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium-native_client FEDORA-2016-c671aae490\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium-native_client'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium-native_client on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-c671aae490\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DISCLNR37PIQKLLY5LUXN33SJ5EGY7JV\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium-native_client\", rpm:\"chromium-native_client~54.0.2840.59~1.20161013git090f907.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T03:05:50", "description": "The version of Google Chrome installed on the remote Windows host is\nprior to 54.0.2840.87. It is, therefore, affected by a remote code\nexecution vulnerability in the V8 component due to an out-of-bounds\naccess error that occurs when handling stable map assumptions for\nglobals. An unauthenticated, remote attacker can exploit this, via a\nspecially crafted website, to cause a denial of service condition or\nthe execution of arbitrary code.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 30, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-04T00:00:00", "title": "Google Chrome < 54.0.2840.87 V8 Globals Stable Map Assumption Handling RCE", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5198"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_54_0_2840_87.NASL", "href": "https://www.tenable.com/plugins/nessus/94580", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94580);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\"CVE-2016-5198\");\n script_bugtraq_id(94079);\n\n script_name(english:\"Google Chrome < 54.0.2840.87 V8 Globals Stable Map Assumption Handling RCE\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by a\nremote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 54.0.2840.87. It is, therefore, affected by a remote code\nexecution vulnerability in the V8 component due to an out-of-bounds\naccess error that occurs when handling stable map assumptions for\nglobals. An unauthenticated, remote attacker can exploit this, via a\nspecially crafted website, to cause a denial of service condition or\nthe execution of arbitrary code.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://googlechromereleases.blogspot.com/2016/11/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e6e2704d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 54.0.2840.87 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5198\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'54.0.2840.87', severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T10:57:14", "description": "Google Chrome Releases reports :\n\n[659475] High CVE-2016-5198: Out of bounds memory access in V8. Credit\nto Tencent Keen Security Lab, working with Trend Micro's Zero Day\nInitiative.", "edition": 29, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-04T00:00:00", "title": "FreeBSD : chromium -- out-of-bounds memory access (ae9cb9b8-a203-11e6-a265-3065ec8fd3ec)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5198"], "modified": "2016-11-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium-npapi", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:chromium-pulse", "p-cpe:/a:freebsd:freebsd:chromium"], "id": "FREEBSD_PKG_AE9CB9B8A20311E6A2653065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/94527", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94527);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-5198\");\n\n script_name(english:\"FreeBSD : chromium -- out-of-bounds memory access (ae9cb9b8-a203-11e6-a265-3065ec8fd3ec)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n[659475] High CVE-2016-5198: Out of bounds memory access in V8. Credit\nto Tencent Keen Security Lab, working with Trend Micro's Zero Day\nInitiative.\"\n );\n # https://googlechromereleases.blogspot.nl/2016/11/stable-channel-update-for-desktop.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8b11aa0d\"\n );\n # https://vuxml.freebsd.org/freebsd/ae9cb9b8-a203-11e6-a265-3065ec8fd3ec.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c4d8ef3b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-npapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<54.0.2840.90\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-npapi<54.0.2840.90\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-pulse<54.0.2840.90\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T11:12:40", "description": "This update to Chromium 54.0.2840.90: fixes the following security\nissues :\n\n - CVE-2016-5198: out of bounds memory access in v8\n (boo#1008274)", "edition": 21, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-07T00:00:00", "title": "openSUSE Security Update : chromium (openSUSE-2016-1266)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5198"], "modified": "2016-11-07T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "cpe:/o:novell:opensuse:42.1", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo"], "id": "OPENSUSE-2016-1266.NASL", "href": "https://www.tenable.com/plugins/nessus/94599", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1266.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94599);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2016-5198\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2016-1266)\");\n script_summary(english:\"Check for the openSUSE-2016-1266 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update to Chromium 54.0.2840.90: fixes the following security\nissues :\n\n - CVE-2016-5198: out of bounds memory access in v8\n (boo#1008274)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1008274\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-54.0.2840.90-134.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-debuginfo-54.0.2840.90-134.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-54.0.2840.90-134.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debuginfo-54.0.2840.90-134.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debugsource-54.0.2840.90-134.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-54.0.2840.90-134.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-debuginfo-54.0.2840.90-134.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromedriver-54.0.2840.90-85.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromedriver-debuginfo-54.0.2840.90-85.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-54.0.2840.90-85.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-debuginfo-54.0.2840.90-85.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-debugsource-54.0.2840.90-85.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-ffmpegsumo-54.0.2840.90-85.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"chromium-ffmpegsumo-debuginfo-54.0.2840.90-85.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T20:09:54", "description": "An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 54.0.2840.90.\n\nSecurity Fix(es) :\n\n* A flaw was found in the processing of malformed web content. A web\npage containing malicious content could cause Chromium to crash,\nexecute arbitrary code, or disclose sensitive information when visited\nby the victim. (CVE-2016-5198)", "edition": 24, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-08T00:00:00", "title": "RHEL 6 : chromium-browser (RHSA-2016:2672)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5198"], "modified": "2016-11-08T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "p-cpe:/a:redhat:enterprise_linux:chromium-browser", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2016-2672.NASL", "href": "https://www.tenable.com/plugins/nessus/94625", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2672. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94625);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2016-5198\");\n script_xref(name:\"RHSA\", value:\"2016:2672\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2016:2672)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 54.0.2840.90.\n\nSecurity Fix(es) :\n\n* A flaw was found in the processing of malformed web content. A web\npage containing malicious content could cause Chromium to crash,\nexecute arbitrary code, or disclose sensitive information when visited\nby the victim. (CVE-2016-5198)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:2672\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-5198\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:2672\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-54.0.2840.90-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-54.0.2840.90-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-54.0.2840.90-1.el6\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-54.0.2840.90-1.el6\", allowmaj:TRUE)) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:44:10", "description": "Multiple security vulnerabilities were discovered in Chromium. If a\nuser were tricked in to opening a specially crafted website, an\nattacker could potentially exploit these to obtain sensitive\ninformation, cause a denial of service via application crash, or\nexecute arbitrary code. (CVE-2016-5198, CVE-2016-5200, CVE-2016-5202)\n\nA heap-corruption issue was discovered in FFmpeg. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code. (CVE-2016-5199).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 31, "cvss3": {"score": 9.1, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2016-12-02T00:00:00", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : oxide-qt vulnerabilities (USN-3133-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5202", "CVE-2016-5198", "CVE-2016-5200", "CVE-2016-5199"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:16.10", "p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3133-1.NASL", "href": "https://www.tenable.com/plugins/nessus/95466", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3133-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95466);\n script_version(\"3.9\");\n script_cvs_date(\"Date: 2019/11/12\");\n\n script_cve_id(\"CVE-2016-5198\", \"CVE-2016-5199\", \"CVE-2016-5200\", \"CVE-2016-5202\");\n script_xref(name:\"USN\", value:\"3133-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : oxide-qt vulnerabilities (USN-3133-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities were discovered in Chromium. If a\nuser were tricked in to opening a specially crafted website, an\nattacker could potentially exploit these to obtain sensitive\ninformation, cause a denial of service via application crash, or\nexecute arbitrary code. (CVE-2016-5198, CVE-2016-5200, CVE-2016-5202)\n\nA heap-corruption issue was discovered in FFmpeg. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code. (CVE-2016-5199).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3133-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected liboxideqtcore0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.18.5-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.18.5-0ubuntu0.16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"liboxideqtcore0\", pkgver:\"1.18.5-0ubuntu0.16.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liboxideqtcore0\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:14:47", "description": "Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183,\nCVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188,\nCVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191,\nCVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-10T00:00:00", "title": "Fedora 24 : 1:chromium-native_client / chromium (2016-c671aae490)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "modified": "2016-11-10T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:chromium-native_client", "p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-C671AAE490.NASL", "href": "https://www.tenable.com/plugins/nessus/94661", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-c671aae490.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94661);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5189\", \"CVE-2016-5190\", \"CVE-2016-5191\", \"CVE-2016-5192\", \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_xref(name:\"FEDORA\", value:\"2016-c671aae490\");\n\n script_name(english:\"Fedora 24 : 1:chromium-native_client / chromium (2016-c671aae490)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183,\nCVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188,\nCVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191,\nCVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-c671aae490\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected 1:chromium-native_client and / or chromium\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:chromium-native_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"chromium-native_client-54.0.2840.59-1.20161013git090f907.fc24\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"chromium-54.0.2840.90-3.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:chromium-native_client / chromium\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:13:56", "description": "Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183,\nCVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188,\nCVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191,\nCVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-21T00:00:00", "title": "Fedora 23 : chromium (2016-012de4c97e)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "modified": "2016-11-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-012DE4C97E.NASL", "href": "https://www.tenable.com/plugins/nessus/94987", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-012de4c97e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94987);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5189\", \"CVE-2016-5190\", \"CVE-2016-5191\", \"CVE-2016-5192\", \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_xref(name:\"FEDORA\", value:\"2016-012de4c97e\");\n\n script_name(english:\"Fedora 23 : chromium (2016-012de4c97e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183,\nCVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188,\nCVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191,\nCVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-012de4c97e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"chromium-54.0.2840.90-3.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:14:06", "description": "Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183,\nCVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188,\nCVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191,\nCVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-21T00:00:00", "title": "Fedora 25 : 1:chromium-native_client / chromium (2016-35049d9d97)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5184", "CVE-2016-5189", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5187"], "modified": "2016-11-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:chromium-native_client", "cpe:/o:fedoraproject:fedora:25", "p-cpe:/a:fedoraproject:fedora:chromium"], "id": "FEDORA_2016-35049D9D97.NASL", "href": "https://www.tenable.com/plugins/nessus/94996", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-35049d9d97.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94996);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5189\", \"CVE-2016-5190\", \"CVE-2016-5191\", \"CVE-2016-5192\", \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\");\n script_xref(name:\"FEDORA\", value:\"2016-35049d9d97\");\n\n script_name(english:\"Fedora 25 : 1:chromium-native_client / chromium (2016-35049d9d97)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183,\nCVE-2016-5184, CVE-2016-5185, CVE-2016-5187, CVE-2016-5188,\nCVE-2016-5192, CVE-2016-5189, CVE-2016-5186, CVE-2016-5191,\nCVE-2016-5190, CVE-2016-5193, CVE-2016-5194\n\nSecurity fix for CVE-2016-5198\n\nUpdate to new stable, 54.0.2840.90.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-35049d9d97\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected 1:chromium-native_client and / or chromium\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:chromium-native_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"chromium-native_client-54.0.2840.59-1.20161013git090f907.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"chromium-54.0.2840.90-3.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:chromium-native_client / chromium\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:49:54", "description": "Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2016-5181\n A cross-site scripting issue was discovered.\n\n - CVE-2016-5182\n Giwan Go discovered a heap overflow issue.\n\n - CVE-2016-5183\n A use-after-free issue was discovered in the pdfium\n library.\n\n - CVE-2016-5184\n Another use-after-free issue was discovered in the\n pdfium library.\n\n - CVE-2016-5185\n cloudfuzzer discovered a use-after-free issue in\n Blink/Webkit.\n\n - CVE-2016-5186\n Abdulrahman Alqabandi discovered an out-of-bounds read\n issue in the developer tools.\n\n - CVE-2016-5187\n Luan Herrera discovered a URL spoofing issue.\n\n - CVE-2016-5188\n Luan Herrera discovered that some drop down menus can be\n used to hide parts of the user interface.\n\n - CVE-2016-5189\n xisigr discovered a URL spoofing issue.\n\n - CVE-2016-5190\n Atte Kettunen discovered a use-after-free issue.\n\n - CVE-2016-5191\n Gareth Hughes discovered a cross-site scripting issue.\n\n - CVE-2016-5192\n haojunhou@gmail.com discovered a same-origin bypass.\n\n - CVE-2016-5193\n Yuyang Zhou discovered a way to pop open a new window.\n\n - CVE-2016-5194\n The chrome development team found and fixed various\n issues during internal auditing.\n\n - CVE-2016-5198\n Tencent Keen Security Lab discovered an out-of-bounds\n memory access issue in the v8 JavaScript library.\n\n - CVE-2016-5199\n A heap corruption issue was discovered in the ffmpeg\n library.\n\n - CVE-2016-5200\n Choongwoo Han discovered an out-of-bounds memory access\n issue in the v8 JavaScript library.\n\n - CVE-2016-5201\n Rob Wu discovered an information leak.\n\n - CVE-2016-5202\n The chrome development team found and fixed various\n issues during internal auditing.\n\n - CVE-2016-5203\n A use-after-free issue was discovered in the pdfium\n library.\n\n - CVE-2016-5204\n Mariusz Mlynski discovered a cross-site scripting issue\n in SVG image handling.\n\n - CVE-2016-5205\n A cross-site scripting issue was discovered.\n\n - CVE-2016-5206\n Rob Wu discovered a same-origin bypass in the pdfium\n library.\n\n - CVE-2016-5207\n Mariusz Mlynski discovered a cross-site scripting issue.\n\n - CVE-2016-5208\n Mariusz Mlynski discovered another cross-site scripting\n issue.\n\n - CVE-2016-5209\n Giwan Go discovered an out-of-bounds write issue in\n Blink/Webkit.\n\n - CVE-2016-5210\n Ke Liu discovered an out-of-bounds write in the pdfium\n library.\n\n - CVE-2016-5211\n A use-after-free issue was discovered in the pdfium\n library.\n\n - CVE-2016-5212\n Khalil Zhani discovered an information disclosure issue\n in the developer tools.\n\n - CVE-2016-5213\n Khalil Zhani discovered a use-after-free issue in the v8\n JavaScript library.\n\n - CVE-2016-5214\n Jonathan Birch discovered a file download protection\n bypass.\n\n - CVE-2016-5215\n Looben Yang discovered a use-after-free issue.\n\n - CVE-2016-5216\n A use-after-free issue was discovered in the pdfium\n library.\n\n - CVE-2016-5217\n Rob Wu discovered a condition where data was not\n validated by the pdfium library.\n\n - CVE-2016-5218\n Abdulrahman Alqabandi discovered a URL spoofing issue.\n\n - CVE-2016-5219\n Rob Wu discovered a use-after-free issue in the v8\n JavaScript library.\n\n - CVE-2016-5220\n Rob Wu discovered a way to access files on the local\n system.\n\n - CVE-2016-5221\n Tim Becker discovered an integer overflow issue in the\n angle library.\n\n - CVE-2016-5222\n xisigr discovered a URL spoofing issue.\n\n - CVE-2016-5223\n Hwiwon Lee discovered an integer overflow issue in the\n pdfium library.\n\n - CVE-2016-5224\n Roeland Krak discovered a same-origin bypass in SVG\n image handling.\n\n - CVE-2016-5225\n Scott Helme discovered a Content Security Protection\n bypass.\n\n - CVE-2016-5226\n Jun Kokatsu discovered a cross-scripting issue.\n\n - CVE-2016-9650\n Jakub Zoczek discovered a Content Security Protection\n information disclosure.\n\n - CVE-2016-9651\n Guang Gong discovered a way to access private data in\n the v8 JavaScript library.\n\n - CVE-2016-9652\n The chrome development team found and fixed various\n issues during internal auditing.", "edition": 37, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-12T00:00:00", "title": "Debian DSA-3731-1 : chromium-browser - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5224", "CVE-2016-5225", "CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5208", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5217", "CVE-2016-9651", "CVE-2016-5184", "CVE-2016-5211", "CVE-2016-9652", "CVE-2016-9650", "CVE-2016-5202", "CVE-2016-5222", "CVE-2016-5209", "CVE-2016-5189", "CVE-2016-5205", "CVE-2016-5221", "CVE-2016-5220", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5219", "CVE-2016-5216", "CVE-2016-5207", "CVE-2016-5215", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5218", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5203", "CVE-2016-5213", "CVE-2016-5212", "CVE-2016-5214", "CVE-2016-5223", "CVE-2016-5206", "CVE-2016-5210", "CVE-2016-5200", "CVE-2016-5199", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5201", "CVE-2016-5204", "CVE-2016-5187", "CVE-2016-5226"], "modified": "2016-12-12T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:chromium-browser"], "id": "DEBIAN_DSA-3731.NASL", "href": "https://www.tenable.com/plugins/nessus/95667", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3731. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95667);\n script_version(\"3.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5181\", \"CVE-2016-5182\", \"CVE-2016-5183\", \"CVE-2016-5184\", \"CVE-2016-5185\", \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5189\", \"CVE-2016-5190\", \"CVE-2016-5191\", \"CVE-2016-5192\", \"CVE-2016-5193\", \"CVE-2016-5194\", \"CVE-2016-5198\", \"CVE-2016-5199\", \"CVE-2016-5200\", \"CVE-2016-5201\", \"CVE-2016-5202\", \"CVE-2016-5203\", \"CVE-2016-5204\", \"CVE-2016-5205\", \"CVE-2016-5206\", \"CVE-2016-5207\", \"CVE-2016-5208\", \"CVE-2016-5209\", \"CVE-2016-5210\", \"CVE-2016-5211\", \"CVE-2016-5212\", \"CVE-2016-5213\", \"CVE-2016-5214\", \"CVE-2016-5215\", \"CVE-2016-5216\", \"CVE-2016-5217\", \"CVE-2016-5218\", \"CVE-2016-5219\", \"CVE-2016-5220\", \"CVE-2016-5221\", \"CVE-2016-5222\", \"CVE-2016-5223\", \"CVE-2016-5224\", \"CVE-2016-5225\", \"CVE-2016-5226\", \"CVE-2016-9650\", \"CVE-2016-9651\", \"CVE-2016-9652\");\n script_xref(name:\"DSA\", value:\"3731\");\n\n script_name(english:\"Debian DSA-3731-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2016-5181\n A cross-site scripting issue was discovered.\n\n - CVE-2016-5182\n Giwan Go discovered a heap overflow issue.\n\n - CVE-2016-5183\n A use-after-free issue was discovered in the pdfium\n library.\n\n - CVE-2016-5184\n Another use-after-free issue was discovered in the\n pdfium library.\n\n - CVE-2016-5185\n cloudfuzzer discovered a use-after-free issue in\n Blink/Webkit.\n\n - CVE-2016-5186\n Abdulrahman Alqabandi discovered an out-of-bounds read\n issue in the developer tools.\n\n - CVE-2016-5187\n Luan Herrera discovered a URL spoofing issue.\n\n - CVE-2016-5188\n Luan Herrera discovered that some drop down menus can be\n used to hide parts of the user interface.\n\n - CVE-2016-5189\n xisigr discovered a URL spoofing issue.\n\n - CVE-2016-5190\n Atte Kettunen discovered a use-after-free issue.\n\n - CVE-2016-5191\n Gareth Hughes discovered a cross-site scripting issue.\n\n - CVE-2016-5192\n haojunhou@gmail.com discovered a same-origin bypass.\n\n - CVE-2016-5193\n Yuyang Zhou discovered a way to pop open a new window.\n\n - CVE-2016-5194\n The chrome development team found and fixed various\n issues during internal auditing.\n\n - CVE-2016-5198\n Tencent Keen Security Lab discovered an out-of-bounds\n memory access issue in the v8 JavaScript library.\n\n - CVE-2016-5199\n A heap corruption issue was discovered in the ffmpeg\n library.\n\n - CVE-2016-5200\n Choongwoo Han discovered an out-of-bounds memory access\n issue in the v8 JavaScript library.\n\n - CVE-2016-5201\n Rob Wu discovered an information leak.\n\n - CVE-2016-5202\n The chrome development team found and fixed various\n issues during internal auditing.\n\n - CVE-2016-5203\n A use-after-free issue was discovered in the pdfium\n library.\n\n - CVE-2016-5204\n Mariusz Mlynski discovered a cross-site scripting issue\n in SVG image handling.\n\n - CVE-2016-5205\n A cross-site scripting issue was discovered.\n\n - CVE-2016-5206\n Rob Wu discovered a same-origin bypass in the pdfium\n library.\n\n - CVE-2016-5207\n Mariusz Mlynski discovered a cross-site scripting issue.\n\n - CVE-2016-5208\n Mariusz Mlynski discovered another cross-site scripting\n issue.\n\n - CVE-2016-5209\n Giwan Go discovered an out-of-bounds write issue in\n Blink/Webkit.\n\n - CVE-2016-5210\n Ke Liu discovered an out-of-bounds write in the pdfium\n library.\n\n - CVE-2016-5211\n A use-after-free issue was discovered in the pdfium\n library.\n\n - CVE-2016-5212\n Khalil Zhani discovered an information disclosure issue\n in the developer tools.\n\n - CVE-2016-5213\n Khalil Zhani discovered a use-after-free issue in the v8\n JavaScript library.\n\n - CVE-2016-5214\n Jonathan Birch discovered a file download protection\n bypass.\n\n - CVE-2016-5215\n Looben Yang discovered a use-after-free issue.\n\n - CVE-2016-5216\n A use-after-free issue was discovered in the pdfium\n library.\n\n - CVE-2016-5217\n Rob Wu discovered a condition where data was not\n validated by the pdfium library.\n\n - CVE-2016-5218\n Abdulrahman Alqabandi discovered a URL spoofing issue.\n\n - CVE-2016-5219\n Rob Wu discovered a use-after-free issue in the v8\n JavaScript library.\n\n - CVE-2016-5220\n Rob Wu discovered a way to access files on the local\n system.\n\n - CVE-2016-5221\n Tim Becker discovered an integer overflow issue in the\n angle library.\n\n - CVE-2016-5222\n xisigr discovered a URL spoofing issue.\n\n - CVE-2016-5223\n Hwiwon Lee discovered an integer overflow issue in the\n pdfium library.\n\n - CVE-2016-5224\n Roeland Krak discovered a same-origin bypass in SVG\n image handling.\n\n - CVE-2016-5225\n Scott Helme discovered a Content Security Protection\n bypass.\n\n - CVE-2016-5226\n Jun Kokatsu discovered a cross-scripting issue.\n\n - CVE-2016-9650\n Jakub Zoczek discovered a Content Security Protection\n information disclosure.\n\n - CVE-2016-9651\n Guang Gong discovered a way to access private data in\n the v8 JavaScript library.\n\n - CVE-2016-9652\n The chrome development team found and fixed various\n issues during internal auditing.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5181\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5201\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5203\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5208\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5211\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5212\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5213\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5215\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5218\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5219\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5220\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5223\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5226\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-9650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-9651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-9652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3731\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 55.0.2883.75-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"chromedriver\", reference:\"55.0.2883.75-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium\", reference:\"55.0.2883.75-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-dbg\", reference:\"55.0.2883.75-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-inspector\", reference:\"55.0.2883.75-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-l10n\", reference:\"55.0.2883.75-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:12:04", "description": "This update updates QtWebEngine to a snapshot from the Qt 5.6 LTS\n(long-term support) branch. This is a snapshot of the QtWebEngine that\nwill be included in the bugfix and security release Qt 5.6.3, but only\nthe QtWebEngine component is included in this update.\n\nThe update fixes the following security issues in QtWebEngine 5.6.2:\nCVE-2016-5133, CVE-2016-5147, CVE-2016-5153, CVE-2016-5155,\nCVE-2016-5161, CVE-2016-5166, CVE-2016-5170, CVE-2016-5171,\nCVE-2016-5172, CVE-2016-5181, CVE-2016-5185, CVE-2016-5186,\nCVE-2016-5187, CVE-2016-5188, CVE-2016-5192, CVE-2016-5198,\nCVE-2016-5205, CVE-2016-5207, CVE-2016-5208, CVE-2016-5214,\nCVE-2016-5215, CVE-2016-5221, CVE-2016-5222, CVE-2016-5224,\nCVE-2016-5225, CVE-2016-9650, CVE-2016-9651, CVE-2016-9652,\nCVE-2017-5006, CVE-2017-5007, CVE-2017-5008, CVE-2017-5009,\nCVE-2017-5010, CVE-2017-5012, CVE-2017-5015, CVE-2017-5016,\nCVE-2017-5017, CVE-2017-5019, CVE-2017-5023, CVE-2017-5024,\nCVE-2017-5025, CVE-2017-5026, CVE-2017-5027, CVE-2017-5029,\nCVE-2017-5033, CVE-2017-5037, CVE-2017-5044, CVE-2017-5046,\nCVE-2017-5047, CVE-2017-5048, CVE-2017-5049, CVE-2017-5050,\nCVE-2017-5051, CVE-2017-5059, CVE-2017-5061, CVE-2017-5062,\nCVE-2017-5065, CVE-2017-5067, CVE-2017-5069, CVE-2017-5070,\nCVE-2017-5071, CVE-2017-5075, CVE-2017-5076, CVE-2016-5078,\nCVE-2017-5083, and CVE-2017-5089.\n\nOther important changes include :\n\n - Based on Chromium 49.0.2623.111 (the version used in\n QtWebEngine 5.7.x) with security fixes from Chromium up\n to version 59.0.3071.104. (5.6.2 was based on Chromium\n 45.0.2554.101 with security fixes from Chromium up to\n version 52.0.2743.116.)\n\n - All other bug fixes from QtWebEngine 5.7.1 have been\n backported.\n\nSee\nhttp://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.6.3?h=5.\n6 for details. (Please note that at the time of this writing, not all\nsecurity backports are listed in that file yet. The list above is\naccurate.)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 23, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-07-24T00:00:00", "title": "Fedora 24 : qt5-qtwebengine (2017-98bed96d12)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-5023", "CVE-2017-5012", "CVE-2017-5009", "CVE-2016-5224", "CVE-2017-5037", "CVE-2017-5044", "CVE-2016-5225", "CVE-2016-5208", "CVE-2016-5186", "CVE-2016-9651", "CVE-2017-5065", "CVE-2017-5026", "CVE-2016-9652", "CVE-2017-5033", "CVE-2017-5019", "CVE-2016-9650", "CVE-2016-5222", "CVE-2017-5059", "CVE-2016-5205", "CVE-2016-5221", "CVE-2017-5076", "CVE-2017-5017", "CVE-2016-5198", "CVE-2017-5007", "CVE-2016-5171", "CVE-2016-5133", "CVE-2017-5069", "CVE-2017-5050", "CVE-2016-5170", "CVE-2016-5207", "CVE-2017-5025", "CVE-2016-5215", "CVE-2016-5161", "CVE-2017-5071", "CVE-2017-5029", "CVE-2016-5147", "CVE-2017-5024", "CVE-2016-5185", "CVE-2017-5016", "CVE-2017-5046", "CVE-2017-5027", "CVE-2016-5181", "CVE-2017-5015", "CVE-2017-5047", "CVE-2017-5089", "CVE-2017-5010", "CVE-2017-5083", "CVE-2016-5214", "CVE-2017-5008", "CVE-2016-5153", "CVE-2016-5155", "CVE-2017-5067", "CVE-2017-5048", "CVE-2017-5075", "CVE-2017-5049", "CVE-2016-5188", "CVE-2017-5062", "CVE-2016-5192", "CVE-2017-5006", "CVE-2016-5172", "CVE-2017-5061", "CVE-2017-5070", "CVE-2017-5051", "CVE-2016-5187", "CVE-2016-5166", "CVE-2016-5078"], "modified": "2017-07-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:qt5-qtwebengine", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-98BED96D12.NASL", "href": "https://www.tenable.com/plugins/nessus/101920", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-98bed96d12.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101920);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-5078\", \"CVE-2016-5133\", \"CVE-2016-5147\", \"CVE-2016-5153\", \"CVE-2016-5155\", \"CVE-2016-5161\", \"CVE-2016-5166\", \"CVE-2016-5170\", \"CVE-2016-5171\", \"CVE-2016-5172\", \"CVE-2016-5181\", \"CVE-2016-5185\", \"CVE-2016-5186\", \"CVE-2016-5187\", \"CVE-2016-5188\", \"CVE-2016-5192\", \"CVE-2016-5198\", \"CVE-2016-5205\", \"CVE-2016-5207\", \"CVE-2016-5208\", \"CVE-2016-5214\", \"CVE-2016-5215\", \"CVE-2016-5221\", \"CVE-2016-5222\", \"CVE-2016-5224\", \"CVE-2016-5225\", \"CVE-2016-9650\", \"CVE-2016-9651\", \"CVE-2016-9652\", \"CVE-2017-5006\", \"CVE-2017-5007\", \"CVE-2017-5008\", \"CVE-2017-5009\", \"CVE-2017-5010\", \"CVE-2017-5012\", \"CVE-2017-5015\", \"CVE-2017-5016\", \"CVE-2017-5017\", \"CVE-2017-5019\", \"CVE-2017-5023\", \"CVE-2017-5024\", \"CVE-2017-5025\", \"CVE-2017-5026\", \"CVE-2017-5027\", \"CVE-2017-5029\", \"CVE-2017-5033\", \"CVE-2017-5037\", \"CVE-2017-5044\", \"CVE-2017-5046\", \"CVE-2017-5047\", \"CVE-2017-5048\", \"CVE-2017-5049\", \"CVE-2017-5050\", \"CVE-2017-5051\", \"CVE-2017-5059\", \"CVE-2017-5061\", \"CVE-2017-5062\", \"CVE-2017-5065\", \"CVE-2017-5067\", \"CVE-2017-5069\", \"CVE-2017-5070\", \"CVE-2017-5071\", \"CVE-2017-5075\", \"CVE-2017-5076\", \"CVE-2017-5083\", \"CVE-2017-5089\");\n script_xref(name:\"FEDORA\", value:\"2017-98bed96d12\");\n\n script_name(english:\"Fedora 24 : qt5-qtwebengine (2017-98bed96d12)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update updates QtWebEngine to a snapshot from the Qt 5.6 LTS\n(long-term support) branch. This is a snapshot of the QtWebEngine that\nwill be included in the bugfix and security release Qt 5.6.3, but only\nthe QtWebEngine component is included in this update.\n\nThe update fixes the following security issues in QtWebEngine 5.6.2:\nCVE-2016-5133, CVE-2016-5147, CVE-2016-5153, CVE-2016-5155,\nCVE-2016-5161, CVE-2016-5166, CVE-2016-5170, CVE-2016-5171,\nCVE-2016-5172, CVE-2016-5181, CVE-2016-5185, CVE-2016-5186,\nCVE-2016-5187, CVE-2016-5188, CVE-2016-5192, CVE-2016-5198,\nCVE-2016-5205, CVE-2016-5207, CVE-2016-5208, CVE-2016-5214,\nCVE-2016-5215, CVE-2016-5221, CVE-2016-5222, CVE-2016-5224,\nCVE-2016-5225, CVE-2016-9650, CVE-2016-9651, CVE-2016-9652,\nCVE-2017-5006, CVE-2017-5007, CVE-2017-5008, CVE-2017-5009,\nCVE-2017-5010, CVE-2017-5012, CVE-2017-5015, CVE-2017-5016,\nCVE-2017-5017, CVE-2017-5019, CVE-2017-5023, CVE-2017-5024,\nCVE-2017-5025, CVE-2017-5026, CVE-2017-5027, CVE-2017-5029,\nCVE-2017-5033, CVE-2017-5037, CVE-2017-5044, CVE-2017-5046,\nCVE-2017-5047, CVE-2017-5048, CVE-2017-5049, CVE-2017-5050,\nCVE-2017-5051, CVE-2017-5059, CVE-2017-5061, CVE-2017-5062,\nCVE-2017-5065, CVE-2017-5067, CVE-2017-5069, CVE-2017-5070,\nCVE-2017-5071, CVE-2017-5075, CVE-2017-5076, CVE-2016-5078,\nCVE-2017-5083, and CVE-2017-5089.\n\nOther important changes include :\n\n - Based on Chromium 49.0.2623.111 (the version used in\n QtWebEngine 5.7.x) with security fixes from Chromium up\n to version 59.0.3071.104. (5.6.2 was based on Chromium\n 45.0.2554.101 with security fixes from Chromium up to\n version 52.0.2743.116.)\n\n - All other bug fixes from QtWebEngine 5.7.1 have been\n backported.\n\nSee\nhttp://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.6.3?h=5.\n6 for details. (Please note that at the time of this writing, not all\nsecurity backports are listed in that file yet. The list above is\naccurate.)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n # http://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.6.3?h=5.6\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dfc84d1b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-98bed96d12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected qt5-qtwebengine package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qt5-qtwebengine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"qt5-qtwebengine-5.6.3-0.1.20170712gitee719ad313e564.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt5-qtwebengine\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:42", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5198"], "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 54.0.2840.90.\n\nSecurity Fix(es):\n\n* A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5198)", "modified": "2018-06-07T09:04:02", "published": "2016-11-07T23:57:40", "id": "RHSA-2016:2672", "href": "https://access.redhat.com/errata/RHSA-2016:2672", "type": "redhat", "title": "(RHSA-2016:2672) Important: chromium-browser security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-11-04T21:27:50", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5198"], "edition": 1, "description": "This update to Chromium 54.0.2840.90: fixes the following security issues:\n\n - CVE-2016-5198: out of bounds memory access in v8 (boo#1008274)\n\n", "modified": "2016-11-04T21:07:11", "published": "2016-11-04T21:07:11", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00014.html", "id": "OPENSUSE-SU-2016:2733-1", "type": "suse", "title": "Security update for chromium (important)", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2016-11-04T21:27:50", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5198"], "edition": 1, "description": "This update to Chromium 54.0.2840.90: fixes the following security issues:\n\n - CVE-2016-5198: out of bounds memory access in v8 (boo#1008274)\n\n", "modified": "2016-11-04T21:06:57", "published": "2016-11-04T21:06:57", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00013.html", "id": "OPENSUSE-SU-2016:2732-1", "type": "suse", "title": "Security update for chromium (important)", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2020-09-02T11:44:13", "bulletinFamily": "info", "cvelist": ["CVE-2016-5198"], "description": "### *Detect date*:\n01/19/2017\n\n### *Severity*:\nHigh\n\n### *Description*:\nIncorrect optimisation assumptions in V8 engine were found in Google Chrome. By exploiting this vulnerability malicious users can perform arbitrary read/write operations and execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTML page.\n\n### *Affected products*:\nGoogle Chrome earlier than 54.0.2840.87\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Google Chrome download page](<https://www.google.com/chrome/browser/desktop/>)\n\n### *Original advisories*:\n[Stable Channel Update for Desktop](<https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2016-5198](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5198>)6.8High", "edition": 40, "modified": "2020-05-22T00:00:00", "published": "2017-01-19T00:00:00", "id": "KLA10951", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10951", "title": "\r KLA10951ACE vulnerability in Google Chrome ", "type": "kaspersky", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:28", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5198"], "description": "\nGoogle Chrome Releases reports:\n\n[659475] High CVE-2016-5198: Out of bounds memory access in V8.\n\t Credit to Tencent Keen Security Lab, working with Trend Micro's\n\t Zero Day Initiative.\n\n", "edition": 5, "modified": "2016-11-01T00:00:00", "published": "2016-11-01T00:00:00", "id": "AE9CB9B8-A203-11E6-A265-3065EC8FD3EC", "href": "https://vuxml.freebsd.org/freebsd/ae9cb9b8-a203-11e6-a265-3065ec8fd3ec.html", "title": "chromium -- out-of-bounds memory access", "type": "freebsd", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:36:28", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5202", "CVE-2016-5198", "CVE-2016-5200", "CVE-2016-5199"], "description": "Multiple security vulnerabilities were discovered in Chromium. If a user \nwere tricked in to opening a specially crafted website, an attacker could \npotentially exploit these to obtain sensitive information, cause a denial \nof service via application crash, or execute arbitrary code. \n(CVE-2016-5198, CVE-2016-5200, CVE-2016-5202)\n\nA heap-corruption issue was discovered in FFmpeg. If a user were tricked \nin to opening a specially crafted website, an attacker could potentially \nexploit this to cause a denial of service via application crash, or \nexecute arbitrary code. (CVE-2016-5199)", "edition": 6, "modified": "2016-12-01T00:00:00", "published": "2016-12-01T00:00:00", "id": "USN-3133-1", "href": "https://ubuntu.com/security/notices/USN-3133-1", "title": "Oxide vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "description": "Google's \"pnacl\" toolchain for native client support in Chromium. Depends on their older \"nacl\" toolchain, packaged separately. ", "modified": "2016-11-19T21:31:03", "published": "2016-11-19T21:31:03", "id": "FEDORA:187F860567E5", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update:\n chromium-native_client-54.0.2840.59-1.20161013git090f907.fc25", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "modified": "2016-11-19T07:26:33", "published": "2016-11-19T07:26:33", "id": "FEDORA:52D616079706", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: chromium-54.0.2840.90-3.fc23", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "description": "Google's \"pnacl\" toolchain for native client support in Chromium. Depends on their older \"nacl\" toolchain, packaged separately. ", "modified": "2016-11-10T03:32:26", "published": "2016-11-10T03:32:26", "id": "FEDORA:68F5B6074A4D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update:\n chromium-native_client-54.0.2840.59-1.20161013git090f907.fc24", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "modified": "2016-11-19T21:31:03", "published": "2016-11-19T21:31:03", "id": "FEDORA:0868860567DB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: chromium-54.0.2840.90-3.fc25", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5181", "CVE-2016-5182", "CVE-2016-5183", "CVE-2016-5184", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5189", "CVE-2016-5190", "CVE-2016-5191", "CVE-2016-5192", "CVE-2016-5193", "CVE-2016-5194", "CVE-2016-5198"], "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "modified": "2016-11-10T03:32:25", "published": "2016-11-10T03:32:25", "id": "FEDORA:C0FA66075F19", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: chromium-54.0.2840.90-3.fc24", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5078", "CVE-2016-5133", "CVE-2016-5147", "CVE-2016-5153", "CVE-2016-5161", "CVE-2016-5166", "CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5181", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5198", "CVE-2016-5205", "CVE-2016-5207", "CVE-2016-5208", "CVE-2016-5214", "CVE-2016-5215", "CVE-2016-5221", "CVE-2016-5222", "CVE-2016-5224", "CVE-2016-5225", "CVE-2016-9650", "CVE-2016-9651", "CVE-2016-9652", "CVE-2017-5006", "CVE-2017-5007", "CVE-2017-5008", "CVE-2017-5009", "CVE-2017-5010", "CVE-2017-5012", "CVE-2017-5015", "CVE-2017-5016", "CVE-2017-5017", "CVE-2017-5019", "CVE-2017-5023", "CVE-2017-5024", "CVE-2017-5025", "CVE-2017-5026", "CVE-2017-5027", "CVE-2017-5029", "CVE-2017-5033", "CVE-2017-5037", "CVE-2017-5044", "CVE-2017-5046", "CVE-2017-5047", "CVE-2017-5048", "CVE-2017-5049", "CVE-2017-5050", "CVE-2017-5051", "CVE-2017-5059", "CVE-2017-5061", "CVE-2017-5062", "CVE-2017-5065", "CVE-2017-5067", "CVE-2017-5069", "CVE-2017-5070", "CVE-2017-5071", "CVE-2017-5075", "CVE-2017-5076", "CVE-2017-5083", "CVE-2017-5089"], "description": "Qt5 - QtWebEngine components. ", "modified": "2017-07-23T21:52:43", "published": "2017-07-23T21:52:43", "id": "FEDORA:E68A1603A526", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update:\n qt5-qtwebengine-5.6.3-0.1.20170712gitee719ad313e564.fc24", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:44", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5133", "CVE-2016-5147", "CVE-2016-5153", "CVE-2016-5155", "CVE-2016-5161", "CVE-2016-5166", "CVE-2016-5170", "CVE-2016-5171", "CVE-2016-5172", "CVE-2016-5181", "CVE-2016-5185", "CVE-2016-5186", "CVE-2016-5187", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5198"], "description": "Arch Linux Security Advisory ASA-201612-18\n==========================================\n\nSeverity: Critical\nDate : 2016-12-17\nCVE-ID : CVE-2016-5133 CVE-2016-5147 CVE-2016-5153 CVE-2016-5155\nCVE-2016-5161 CVE-2016-5166 CVE-2016-5170 CVE-2016-5171\nCVE-2016-5172 CVE-2016-5181 CVE-2016-5185 CVE-2016-5186\nCVE-2016-5187 CVE-2016-5188 CVE-2016-5192 CVE-2016-5198\nPackage : qt5-webengine\nType : multiple issues\nRemote : Yes\nLink : https://wiki.archlinux.org/index.php/CVE\n\nSummary\n=======\n\nThe package qt5-webengine before version 5.7.1-1 is vulnerable to\nmultiple issues including arbitrary code execution, content spoofing,\ncross-site scripting, information disclosure and same-origin policy\nbypass.\n\nResolution\n==========\n\nUpgrade to 5.7.1-1.\n\n# pacman -Syu \"qt5-webengine>=5.7.1-1\"\n\nThe problems have been fixed upstream in version 5.7.1.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2016-5133 (content spoofing)\n\nGoogle Chrome before 52.0.2743.82 mishandles origin information during\nproxy authentication, which allows man-in-the-middle attackers to spoof\na proxy-authentication login prompt or trigger incorrect credential\nstorage by modifying the client-server data stream.\n\n- CVE-2016-5147 (cross-site scripting)\n\nBlink, as used in Google Chrome, mishandles deferred page loads, which\nallows remote attackers to inject arbitrary web script or HTML via a\ncrafted web site, aka \"Universal XSS (UXSS).\"\n\n- CVE-2016-5153 (arbitrary code execution)\n\nThe Web Animations implementation in Blink improperly relies on list\niteration, which allows remote attackers to cause a denial of service\n(use-after-destruction) or possibly have unspecified other impact via a\ncrafted web site.\n\n- CVE-2016-5155 (content spoofing)\n\nChromium does not properly validate access to the initial document,\nwhich allows remote attackers to spoof the address bar via a crafted\nweb site.\n\n- CVE-2016-5161 (information disclosure)\n\nThe EditingStyle::mergeStyle function in\nWebKit/Source/core/editing/EditingStyle.cpp in Blink mishandles custom\nproperties, which allows remote attackers to cause a denial of service\nor possibly have unspecified other impact via a crafted web site that\nleverages \"type confusion\" in the StylePropertySerializer class.\n\n- CVE-2016-5166 (information disclosure)\n\nThe download implementation in Chromium does not properly restrict\nsaving a file:// URL that is referenced by an http:// URL, which makes\nit easier for user-assisted remote attackers to discover NetNTLM hashes\nand conduct SMB relay attacks via a crafted web page that is accessed\nwith the \"Save page as\" menu choice.\n\n- CVE-2016-5170 (arbitrary code execution)\n\nWebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink does\nnot properly consider getter side effects during array key conversion,\nwhich allows remote attackers to cause a denial of service (use-after-\nfree) or possibly have unspecified other impact via crafted Indexed\nDatabase (aka IndexedDB) API calls.\n\n- CVE-2016-5171 (arbitrary code execution)\n\nWebKit/Source/bindings/templates/interface.cpp in Blink does not\nprevent certain constructor calls, which allows remote attackers to\ncause a denial of service (use-after-free) or possibly have unspecified\nother impact via crafted JavaScript code.\n\n- CVE-2016-5172 (information disclosure)\n\nThe parser in Google V8 mishandles scopes, which allows remote\nattackers to obtain sensitive information from arbitrary memory\nlocations via crafted JavaScript code.\n\n- CVE-2016-5181 (cross-site scripting)\n\nAn universal XSS flaw was found in the Blink component of the Chromium\nbrowser.\n\n- CVE-2016-5185 (arbitrary code execution)\n\nAn use after free flaw was found in the Blink component of the Chromium\nbrowser.\n\n- CVE-2016-5186 (information disclosure)\n\nAn out of bounds read flaw was found in the DevTools component of the\nChromium browser.\n\n- CVE-2016-5187 (content spoofing)\n\nAn URL spoofing flaw was found in the Chromium browser.\n\n- CVE-2016-5188 (content spoofing)\n\nAn UI spoofing flaw was found in the Chromium browser.\n\n- CVE-2016-5192 (same-origin policy bypass)\n\nA cross-origin bypass flaw was found in the Blink component of the\nChromium browser.\n\n- CVE-2016-5198 (arbitrary code execution)\n\nAn out of bounds memory access flaw was found in the V8 component of\nthe Chromium browser.\n\nImpact\n======\n\nA remote attacker can access sensitive information, spoof content,\nbypass security measures or execute arbitrary code on the affected\nhost.\n\nReferences\n==========\n\nhttps://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.7.1?h=5.7\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=613626\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=628942\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=631052\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=630662\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1372216\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=622420\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=616429\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=641101\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=643357\nhttps://chromereleases.googleblog.com/2016/09/stable-channel-update-for-desktop_13.html\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=616386\nhttps://googlechromereleases.blogspot.fr/2016/10/stable-channel-update-for-desktop.html\nhttps://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop.html\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=659475\nhttps://access.redhat.com/security/cve/CVE-2016-5133\nhttps://access.redhat.com/security/cve/CVE-2016-5147\nhttps://access.redhat.com/security/cve/CVE-2016-5153\nhttps://access.redhat.com/security/cve/CVE-2016-5155\nhttps://access.redhat.com/security/cve/CVE-2016-5161\nhttps://access.redhat.com/security/cve/CVE-2016-5166\nhttps://access.redhat.com/security/cve/CVE-2016-5170\nhttps://access.redhat.com/security/cve/CVE-2016-5171\nhttps://access.redhat.com/security/cve/CVE-2016-5172\nhttps://access.redhat.com/security/cve/CVE-2016-5181\nhttps://access.redhat.com/security/cve/CVE-2016-5185\nhttps://access.redhat.com/security/cve/CVE-2016-5186\nhttps://access.redhat.com/security/cve/CVE-2016-5187\nhttps://access.redhat.com/security/cve/CVE-2016-5188\nhttps://access.redhat.com/security/cve/CVE-2016-5192\nhttps://access.redhat.com/security/cve/CVE-2016-5198", "modified": "2016-12-17T00:00:00", "published": "2016-12-17T00:00:00", "id": "ASA-201612-18", "href": "https://security.archlinux.org/ASA-201612-18", "type": "archlinux", "title": "[ASA-201612-18] qt5-webengine: multiple issues", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T01:07:46", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5224", "CVE-2016-5225", "CVE-2016-5183", "CVE-2016-5182", "CVE-2016-5208", "CVE-2016-5191", "CVE-2016-5186", "CVE-2016-5217", "CVE-2016-9651", "CVE-2016-5184", "CVE-2016-5211", "CVE-2016-9652", "CVE-2016-9650", "CVE-2016-5202", "CVE-2016-5222", "CVE-2016-5209", "CVE-2016-5189", "CVE-2016-5205", "CVE-2016-5221", "CVE-2016-5220", "CVE-2016-5198", "CVE-2016-5194", "CVE-2016-5219", "CVE-2016-5216", "CVE-2016-5207", "CVE-2016-5215", "CVE-2016-5185", "CVE-2016-5193", "CVE-2016-5218", "CVE-2016-5190", "CVE-2016-5181", "CVE-2016-5203", "CVE-2016-5213", "CVE-2016-5212", "CVE-2016-5214", "CVE-2016-5223", "CVE-2016-5206", "CVE-2016-5210", "CVE-2016-5200", "CVE-2016-5199", "CVE-2016-5188", "CVE-2016-5192", "CVE-2016-5201", "CVE-2016-5204", "CVE-2016-5187", "CVE-2016-5226"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3731-1 security@debian.org\nhttps://www.debian.org/security/ Michael Gilbert\nDecember 11, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2016-5181 CVE-2016-5182 CVE-2016-5183 CVE-2016-5184\n CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 CVE-2016-5188\n CVE-2016-5189 CVE-2016-5190 CVE-2016-5191 CVE-2016-5192\n CVE-2016-5193 CVE-2016-5194 CVE-2016-5198 CVE-2016-5199\n CVE-2016-5200 CVE-2016-5201 CVE-2016-5202 CVE-2016-5203\n CVE-2016-5204 CVE-2016-5205 CVE-2016-5206 CVE-2016-5207\n CVE-2016-5208 CVE-2016-5209 CVE-2016-5210 CVE-2016-5211\n CVE-2016-5212 CVE-2016-5213 CVE-2016-5214 CVE-2016-5215\n CVE-2016-5216 CVE-2016-5217 CVE-2016-5218 CVE-2016-5219\n CVE-2016-5220 CVE-2016-5221 CVE-2016-5222 CVE-2016-5223\n CVE-2016-5224 CVE-2016-5225 CVE-2016-5226 CVE-2016-9650\n CVE-2016-9651 CVE-2016-9652\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2016-5181\n\n A cross-site scripting issue was discovered.\n\nCVE-2016-5182\n\n Giwan Go discovered a heap overflow issue.\n\nCVE-2016-5183\n\n A use-after-free issue was discovered in the pdfium library.\n\nCVE-2016-5184\n\n Another use-after-free issue was discovered in the pdfium library.\n\nCVE-2016-5185\n\n cloudfuzzer discovered a use-after-free issue in Blink/Webkit.\n\nCVE-2016-5186\n\n Abdulrahman Alqabandi discovered an out-of-bounds read issue in the\n developer tools.\n\nCVE-2016-5187\n\n Luan Herrera discovered a URL spoofing issue.\n\nCVE-2016-5188\n\n Luan Herrera discovered that some drop down menus can be used to\n hide parts of the user interface.\n\nCVE-2016-5189\n\n xisigr discovered a URL spoofing issue.\n\nCVE-2016-5190\n\n Atte Kettunen discovered a use-after-free issue.\n\nCVE-2016-5191\n\n Gareth Hughes discovered a cross-site scripting issue.\n\nCVE-2016-5192\n\n haojunhou@gmail.com discovered a same-origin bypass.\n\nCVE-2016-5193\n\n Yuyang Zhou discovered a way to pop open a new window.\n\nCVE-2016-5194\n\n The chrome development team found and fixed various issues during\n internal auditing.\n\nCVE-2016-5198\n\n Tencent Keen Security Lab discovered an out-of-bounds memory access\n issue in the v8 javascript library.\n\nCVE-2016-5199\n\n A heap corruption issue was discovered in the ffmpeg library.\n\nCVE-2016-5200\n\n Choongwoo Han discovered an out-of-bounds memory access issue in\n the v8 javascript library.\n\nCVE-2016-5201\n\n Rob Wu discovered an information leak.\n\nCVE-2016-5202\n\n The chrome development team found and fixed various issues during\n internal auditing.\n\nCVE-2016-5203\n\n A use-after-free issue was discovered in the pdfium library.\n\nCVE-2016-5204\n\n Mariusz Mlynski discovered a cross-site scripting issue in SVG\n image handling.\n\nCVE-2016-5205\n\n A cross-site scripting issue was discovered.\n\nCVE-2016-5206\n\n Rob Wu discovered a same-origin bypass in the pdfium library.\n\nCVE-2016-5207\n\n Mariusz Mlynski discovered a cross-site scripting issue.\n\nCVE-2016-5208\n\n Mariusz Mlynski discovered another cross-site scripting issue.\n\nCVE-2016-5209\n\n Giwan Go discovered an out-of-bounds write issue in Blink/Webkit.\n\nCVE-2016-5210\n\n Ke Liu discovered an out-of-bounds write in the pdfium library.\n\nCVE-2016-5211\n\n A use-after-free issue was discovered in the pdfium library.\n\nCVE-2016-5212\n\n Khalil Zhani discovered an information disclosure issue in the\n developer tools.\n\nCVE-2016-5213\n\n Khalil Zhani discovered a use-after-free issue in the v8 javascript\n library.\n\nCVE-2016-5214\n\n Jonathan Birch discovered a file download protection bypass.\n\nCVE-2016-5215\n\n Looben Yang discovered a use-after-free issue.\n\nCVE-2016-5216\n\n A use-after-free issue was discovered in the pdfium library.\n\nCVE-2016-5217\n\n Rob Wu discovered a condition where data was not validated by\n the pdfium library.\n\nCVE-2016-5218\n\n Abdulrahman Alqabandi discovered a URL spoofing issue.\n\nCVE-2016-5219\n\n Rob Wu discovered a use-after-free issue in the v8 javascript\n library.\n\nCVE-2016-5220\n\n Rob Wu discovered a way to access files on the local system.\n\nCVE-2016-5221\n\n Tim Becker discovered an integer overflow issue in the angle\n library.\n\nCVE-2016-5222\n\n xisigr discovered a URL spoofing issue.\n\nCVE-2016-5223\n\n Hwiwon Lee discovered an integer overflow issue in the pdfium\n library.\n\nCVE-2016-5224\n\n Roeland Krak discovered a same-origin bypass in SVG image handling.\n\nCVE-2016-5225\n\n Scott Helme discovered a Content Security Protection bypass.\n\nCVE-2016-5226\n\n Jun Kokatsu discovered a cross-scripting issue.\n\nCVE-2016-9650\n\n Jakub \u00c5\u00bboczek discovered a Content Security Protection information\n disclosure.\n\nCVE-2016-9651\n\n Guang Gong discovered a way to access private data in the v8\n javascript library.\n\nCVE-2016-9652\n\n The chrome development team found and fixed various issues during\n internal auditing.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 55.0.2883.75-1~deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 55.0.2883.75-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2016-12-11T21:39:21", "published": "2016-12-11T21:39:21", "id": "DEBIAN:DSA-3731-1:02966", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00314.html", "title": "[SECURITY] [DSA 3731-1] chromium-browser security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}