Lucene search
Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-2895-1.NASLHistoryFeb 19, 2016 - 12:00 a.m.
Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2895-1)
2016-02-1900:00:00
Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
The DOM implementation in Chromium did not properly restrict frame-attach operations from occurring during or after frame-detach operations. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2016-1623)
An integer underflow was discovered in Brotli. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. (CVE-2016-1624).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2895-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(88861);
script_version("2.16");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/20");
script_cve_id("CVE-2016-1623", "CVE-2016-1624");
script_xref(name:"USN", value:"2895-1");
script_name(english:"Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2895-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The DOM implementation in Chromium did not properly restrict
frame-attach operations from occurring during or after frame-detach
operations. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to bypass
same-origin restrictions. (CVE-2016-1623)
An integer underflow was discovered in Brotli. If a user were tricked
in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user
invoking the program. (CVE-2016-1624).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-2895-1");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-1624");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/14");
script_set_attribute(attribute:"patch_publication_date", value:"2016/02/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/19");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:liboxideqtquick0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:oxideqmlscene");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:oxideqt-chromedriver");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:liboxideqt-qmlplugin");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
var pkgs = [
{'osver': '14.04', 'pkgname': 'liboxideqt-qmlplugin', 'pkgver': '1.12.6-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'liboxideqtcore0', 'pkgver': '1.12.6-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'liboxideqtquick0', 'pkgver': '1.12.6-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'oxideqmlscene', 'pkgver': '1.12.6-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'oxideqt-chromedriver', 'pkgver': '1.12.6-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'oxideqt-codecs', 'pkgver': '1.12.6-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'oxideqt-codecs-extra', 'pkgver': '1.12.6-0ubuntu0.14.04.1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'liboxideqt-qmlplugin / liboxideqtcore0 / liboxideqtquick0 / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | liboxideqtcore0 | p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0 |
| canonical | ubuntu_linux | liboxideqtquick0 | p-cpe:/a:canonical:ubuntu_linux:liboxideqtquick0 |
| canonical | ubuntu_linux | oxideqmlscene | p-cpe:/a:canonical:ubuntu_linux:oxideqmlscene |
| canonical | ubuntu_linux | oxideqt-chromedriver | p-cpe:/a:canonical:ubuntu_linux:oxideqt-chromedriver |
| canonical | ubuntu_linux | oxideqt-codecs | p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs |
| canonical | ubuntu_linux | oxideqt-codecs-extra | p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra |
| canonical | ubuntu_linux | 14.04 | cpe:/o:canonical:ubuntu_linux:14.04:-:lts |
| canonical | ubuntu_linux | liboxideqt-qmlplugin | p-cpe:/a:canonical:ubuntu_linux:liboxideqt-qmlplugin |
Related
openvas
openvas
Ubuntu: Security Advisory (USN-2895-1)
2016-02-19 00:00:00
Google Chrome Multiple Vulnerabilities (Feb 2016) - Windows
2016-02-15 00:00:00
Google Chrome Multiple Vulnerabilities (Feb 2016) - Linux
2016-02-15 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2016-02-18 00:00:00
ubuntucve
ubuntucve
CVE-2016-1624
2016-02-13 00:00:00
CVE-2016-1623
2016-02-13 00:00:00
debiancve
debiancve
CVE-2016-1624
2016-02-14 02:59:00
CVE-2016-1623
2016-02-14 02:59:00
prion
prion
Integer overflow
2016-02-14 02:59:00
Design/Logic Flaw
2016-02-14 02:59:00
cve
cve
CVE-2016-1624
2016-02-14 02:59:00
CVE-2016-1623
2016-02-14 02:59:00
seebug
seebug
Chrome Universal XSS by circumventing the unload event ( CVE-2016-1623)
2017-04-24 00:00:00
nessus
nessus
Google Chrome < 48.0.2564.109 Multiple Vulnerabilities
2016-02-10 00:00:00
openSUSE Security Update : Chromium (openSUSE-2016-238)
2016-02-22 00:00:00
openSUSE Security Update : Chromium (openSUSE-2016-221)
2016-02-18 00:00:00
kaspersky
kaspersky
KLA10757 Multiple vulnerabilities in Google Chrome
2016-02-09 00:00:00
redhat
redhat
(RHSA-2016:0241) Important: chromium-browser security update
2016-02-17 00:00:00
chrome
chrome
Stable Channel Update
2016-02-09 00:00:00
freebsd
freebsd
brotli -- buffer overflow
2016-02-08 00:00:00
chromium -- multiple vulnerabilities
2016-02-08 00:00:00
debian
debian
[SECURITY] [DSA 3486-1] chromium-browser security update
2016-02-21 21:57:02
[SECURITY] [DSA 3486-1] chromium-browser security update
2016-02-21 21:56:37
osv
osv
chromium-browser - security update
2016-02-21 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2016-03-31 23:22:34
gentoo
gentoo
Chromium: Multiple vulnerabilities
2016-03-12 00:00:00
Related for UBUNTU_USN-2895-1.NASL