{"securityvulns": [{"lastseen": "2018-08-31T11:10:57", "references": [], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2476-1\r\nJanuary 26, 2015\r\n\r\noxide-qt vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 14.10\r\n- Ubuntu 14.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in Oxide.\r\n\r\nSoftware Description:\r\n- oxide-qt: Web browser engine library for Qt (QML plugin)\r\n\r\nDetails:\r\n\r\nSeveral memory corruption bugs were discovered in ICU. If a user were\r\ntricked in to opening a specially crafted website, an attacker could\r\npotentially exploit these to cause a denial of service via renderer crash\r\nor execute arbitrary code with the privileges of the sandboxed render\r\nprocess. (CVE-2014-7923, CVE-2014-7926)\r\n\r\nA use-after-free was discovered in the IndexedDB implementation. If a user\r\nwere tricked in to opening a specially crafted website, an attacker could\r\npotentially exploit this to cause a denial of service via application\r\ncrash or execute arbitrary code with the privileges of the user invoking\r\nthe program. (CVE-2014-7924)\r\n\r\nA use-after free was discovered in the WebAudio implementation in Blink.\r\nIf a user were tricked in to opening a specially crafted website, an\r\nattacker could potentially exploit this to cause a denial of service via\r\nrenderer crash or execute arbitrary code with the privileges of the\r\nsandboxed render process. (CVE-2014-7925)\r\n\r\nSeveral memory corruption bugs were discovered in V8. If a user were\r\ntricked in to opening a specially crafted website, an attacker could\r\npotentially exploit these to cause a denial of service via renderer crash\r\nor execute arbitrary code with the privileges of the sandboxed render\r\nprocess. (CVE-2014-7927, CVE-2014-7928, CVE-2014-7931)\r\n\r\nSeveral use-after free bugs were discovered in the DOM implementation in\r\nBlink. If a user were tricked in to opening a specially crafted website,\r\nan attacker could potentially exploit these to cause a denial of service\r\nvia renderer crash or execute arbitrary code with the privileges of the\r\nsandboxed render process. (CVE-2014-7929, CVE-2014-7930, CVE-2014-7932,\r\nCVE-2014-7934)\r\n\r\nA use-after free was discovered in FFmpeg. If a user were tricked in to\r\nopening a specially crafted website, an attacker could potentially exploit\r\nthis to cause a denial of service via renderer crash or execute arbitrary\r\ncode with the privileges of the sandboxed render process. (CVE-2014-7933)\r\n\r\nMultiple off-by-one errors were discovered in FFmpeg. If a user were\r\ntricked in to opening a specially crafted website, an attacker could\r\npotentially exploit this to cause a denial of service via renderer crash\r\nor execute arbitrary code with the privileges of the sandboxed render\r\nprocess. (CVE-2014-7937)\r\n\r\nA memory corruption bug was discovered in the fonts implementation. If a\r\nuser were tricked in to opening a specially crafted website, an attacker\r\ncould potentially exploit this to cause a denial of service via renderer\r\ncrash or execute arbitrary code with the privileges of the sandboxed\r\nrender process. (CVE-2014-7938)\r\n\r\nIt was discovered that ICU did not initialize memory for a data structure\r\ncorrectly. If a user were tricked in to opening a specially crafted\r\nwebsite, an attacker could potentially exploit this to cause a denial of\r\nservice via renderer crash or execute arbitrary code with the privileges\r\nof the sandboxed render process. (CVE-2014-7940)\r\n\r\nIt was discovered that the fonts implementation did not initialize memory\r\nfor a data structure correctly. If a user were tricked in to opening a\r\nspecially crafted website, an attacker could potentially exploit this to\r\ncause a denial of service via renderer crash or execute arbitrary code\r\nwith the privileges of the sandboxed render process. (CVE-2014-7942)\r\n\r\nAn out-of-bounds read was discovered in Skia. If a user were tricked in to\r\nopening a specially crafted website, an attacker could potentially exploit\r\nthis to cause a denial of service via renderer crash. (CVE-2014-7943)\r\n\r\nAn out-of-bounds read was discovered in Blink. If a user were tricked in to\r\nopening a specially crafted website, an attacker could potentially exploit\r\nthis to cause a denial of service via renderer crash. (CVE-2014-7946)\r\n\r\nIt was discovered that the AppCache proceeded with caching for SSL\r\nsessions even if there is a certificate error. A remote attacker could\r\npotentially exploit this by conducting a MITM attack to modify HTML\r\napplication content. (CVE-2014-7948)\r\n\r\nMultiple security issues were discovered in Chromium. If a user were\r\ntricked in to opening a specially crafted website, an attacker could\r\npotentially exploit these to read uninitialized memory, cause a denial\r\nof service via application crash or execute arbitrary code with the\r\nprivileges of the user invoking the program. (CVE-2015-1205)\r\n\r\nMultiple security issues were discovered in V8. If a user were tricked\r\nin to opening a specially crafted website, an attacker could potentially\r\nexploit these to read uninitialized memory, cause a denial of service via\r\nrenderer crash or execute arbitrary code with the privileges of the\r\nsandboxed render process. (CVE-2015-1346)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 14.10:\r\n liboxideqtcore0 1.4.2-0ubuntu0.14.10.1\r\n oxideqt-codecs 1.4.2-0ubuntu0.14.10.1\r\n oxideqt-codecs-extra 1.4.2-0ubuntu0.14.10.1\r\n\r\nUbuntu 14.04 LTS:\r\n liboxideqtcore0 1.4.2-0ubuntu0.14.04.1\r\n oxideqt-codecs 1.4.2-0ubuntu0.14.04.1\r\n oxideqt-codecs-extra 1.4.2-0ubuntu0.14.04.1\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2476-1\r\n CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926,\r\n CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930,\r\n CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934,\r\n CVE-2014-7937, CVE-2014-7938, CVE-2014-7940, CVE-2014-7942,\r\n CVE-2014-7943, CVE-2014-7946, CVE-2014-7948, CVE-2015-1205,\r\n CVE-2015-1346\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/oxide-qt/1.4.2-0ubuntu0.14.10.1\r\n https://launchpad.net/ubuntu/+source/oxide-qt/1.4.2-0ubuntu0.14.04.1\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-02-02T00:00:00", "title": "[USN-2476-1] Oxide vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:57", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7931", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7948", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2015-02-02T00:00:00", "id": "SECURITYVULNS:DOC:31688", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31688", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:57", "references": [], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2522-1\r\nMarch 05, 2015\r\n\r\nicu vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 14.10\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nICU could be made to crash or run programs as your login if it processed\r\nspecially crafted data.\r\n\r\nSoftware Description:\r\n- icu: International Components for Unicode library\r\n\r\nDetails:\r\n\r\nIt was discovered that ICU incorrectly handled memory operations when\r\nprocessing fonts. If an application using ICU processed crafted data, an\r\nattacker could cause it to crash or potentially execute arbitrary code with\r\nthe privileges of the user invoking the program. This issue only affected\r\nUbuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,\r\nCVE-2013-2419)\r\n\r\nIt was discovered that ICU incorrectly handled memory operations when\r\nprocessing fonts. If an application using ICU processed crafted data, an\r\nattacker could cause it to crash or potentially execute arbitrary code with\r\nthe privileges of the user invoking the program. (CVE-2014-6585,\r\nCVE-2014-6591)\r\n\r\nIt was discovered that ICU incorrectly handled memory operations when\r\nprocessing regular expressions. If an application using ICU processed\r\ncrafted data, an attacker could cause it to crash or potentially execute\r\narbitrary code with the privileges of the user invoking the program.\r\n(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\r\n\r\nIt was discovered that ICU collator implementation incorrectly handled\r\nmemory operations. If an application using ICU processed crafted data, an\r\nattacker could cause it to crash or potentially execute arbitrary code with\r\nthe privileges of the user invoking the program. (CVE-2014-7940)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 14.10:\r\n libicu52 52.1-6ubuntu0.2\r\n\r\nUbuntu 14.04 LTS:\r\n libicu52 52.1-3ubuntu0.2\r\n\r\nUbuntu 12.04 LTS:\r\n libicu48 4.8.1.1-3ubuntu0.3\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2522-1\r\n CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419,\r\n CVE-2014-6585, CVE-2014-6591, CVE-2014-7923, CVE-2014-7926,\r\n CVE-2014-7940, CVE-2014-9654\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/icu/52.1-6ubuntu0.2\r\n https://launchpad.net/ubuntu/+source/icu/52.1-3ubuntu0.2\r\n https://launchpad.net/ubuntu/+source/icu/4.8.1.1-3ubuntu0.3\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-03-07T00:00:00", "title": "[USN-2522-1] ICU vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:57", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-03-07T00:00:00", "id": "SECURITYVULNS:DOC:31765", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31765", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:59", "references": ["https://vulners.com/securityvulns/securityvulns:doc:31765"], "description": "Multiple memory corruptions.", "edition": 1, "reporter": "UBUNTU", "published": "2015-03-07T00:00:00", "title": "libicu multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:59", "vector": "NONE", "value": 10.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "icu", "version": "52", "operator": "eq"}], "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-03-07T00:00:00", "id": "SECURITYVULNS:VULN:14291", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14291", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:01", "references": [], "description": "\r\n\r\nAPPLE-SA-2015-09-21-1 watchOS 2\r\n\r\nwatchOS 2 is now available and addresses the following:\r\n\r\nApple Pay\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Some cards may allow a terminal to retrieve limited recent\r\ntransaction information when making a payment\r\nDescription: The transaction log functionality was enabled in\r\ncertain configurations. This issue was addressed by removing the\r\ntransaction log functionality.\r\nCVE-ID\r\nCVE-2015-5916\r\n\r\nAudio\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Playing a malicious audio file may lead to an unexpected\r\napplication termination\r\nDescription: A memory corruption issue existed in the handling of\r\naudio files. This issue issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.:\r\nProf. Taekyoung Kwon), Yonsei University, Seoul, Korea\r\n\r\nCertificate Trust Policy\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT204873.\r\n\r\nCFNetwork\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: An attacker with a privileged network position may intercept\r\nSSL/TLS connections\r\nDescription: A certificate validation issue existed in NSURL when a\r\ncertificate changed. This issue was addressed through improved\r\ncertificate validation.\r\nCVE-ID\r\nCVE-2015-5824 : Timothy J. Wood of The Omni Group\r\n\r\nCFNetwork\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Connecting to a malicious web proxy may set malicious\r\ncookies for a website\r\nDescription: An issue existed in the handling of proxy connect\r\nresponses. This issue was addressed by removing the set-cookie header\r\nwhile parsing the connect response.\r\nCVE-ID\r\nCVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: An attacker in a privileged network position can track a\r\nuser's activity\r\nDescription: A cross-domain cookie issue existed in the handling of\r\ntop level domains. The issue was address through improved\r\nrestrictions of cookie creation\r\nCVE-ID\r\nCVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Malicious FTP servers may be able to cause the client to\r\nperform reconnaissance on other hosts\r\nDescription: An issue existed in FTP clients while checking when\r\nproxy was in use. This issue was resolved through improved\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5912 : Amit Klein\r\n\r\nCFNetwork\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A person with physical access to an iOS device may read\r\ncache data from Apple apps\r\nDescription: Cache data was encrypted with a key protected only by\r\nthe hardware UID. This issue was addressed by encrypting the cache\r\ndata with a key protected by the hardware UID and the user's\r\npasscode.\r\nCVE-ID\r\nCVE-2015-5898 : Andreas Kurtz of NESO Security Labs\r\n\r\nCoreCrypto\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: An attacker may be able to determine a private key\r\nDescription: By observing many signing or decryption attempts, an\r\nattacker may have been able to determine the RSA private key. This\r\nissue was addressed using improved encryption algorithms.\r\n\r\nCoreText\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nData Detectors Engine\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Processing a maliciously crafted text file may lead to\r\narbitrary code execution\r\nDescription: Memory corruption issues existed in the processing of\r\ntext files. These issues were addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5829 : M1x7e1 of Safeye Team (www.safeye.org)\r\n\r\nDev Tools\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in dyld. This was\r\naddressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5876 : beist of grayhash\r\n\r\ndyld\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: An application may be able to bypass code signing\r\nDescription: An issue existed with validation of the code signature\r\nof executables. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5839 : @PanguTeam, TaiG Jailbreak Team\r\n\r\nDisk Images\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in DiskImages. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5847 : Filippo Bigarella, Luca Todesco\r\n\r\nGasGauge\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: Multiple memory corruption issues existed in the\r\nkernel. These issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5918 : Apple\r\nCVE-2015-5919 : Apple\r\n\r\nICU\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Multiple vulnerabilities in ICU\r\nDescription: Multiple vulnerabilities existed in ICU versions prior\r\nto 53.1.0. These issues were addressed by updating ICU to version\r\n55.1.\r\nCVE-ID\r\nCVE-2014-8146\r\nCVE-2015-1205\r\n\r\nIOAcceleratorFamily\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed that led to the disclosure of kernel\r\nmemory content. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5834 : Cererdlong of Alibaba Mobile Security Team\r\n\r\nIOAcceleratorFamily\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in\r\nIOAcceleratorFamily. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5848 : Filippo Bigarella\r\n\r\nIOKit\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5844 : Filippo Bigarella\r\nCVE-2015-5845 : Filippo Bigarella\r\nCVE-2015-5846 : Filippo Bigarella\r\n\r\nIOMobileFrameBuffer\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in\r\nIOMobileFrameBuffer. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5843 : Filippo Bigarella\r\n\r\nIOStorageFamily\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local attacker may be able to read kernel memory\r\nDescription: A memory initialization issue existed in the kernel.\r\nThis issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5863 : Ilja van Sprundel of IOActive\r\n\r\nKernel\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team\r\nCVE-2015-5896 : Maxime Villard of m00nbsd\r\nCVE-2015-5903 : CESG\r\n\r\nKernel\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local attacker may control the value of stack cookies\r\nDescription: Multiple weaknesses existed in the generation of user\r\nspace stack cookies. This was addressed through improved generation\r\nof stack cookies.\r\nCVE-ID\r\nCVE-2013-3951 : Stefan Esser\r\n\r\nKernel\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local process can modify other processes without\r\nentitlement checks\r\nDescription: An issue existed where root processes using the\r\nprocessor_set_tasks API were allowed to retrieve the task ports of\r\nother processes. This issue was addressed through added entitlement\r\nchecks.\r\nCVE-ID\r\nCVE-2015-5882 : Pedro Vilaca, working from original research by Ming-\r\nchieh Pan and Sung-ting Tsai; Jonathan Levin\r\n\r\nKernel\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: An attacker in a local LAN segment may disable IPv6 routing\r\nDescription: An insufficient validation issue existed in handling of\r\nIPv6 router advertisements that allowed an attacker to set the hop\r\nlimit to an arbitrary value. This issue was addressed by enforcing a\r\nminimum hop limit.\r\nCVE-ID\r\nCVE-2015-5869 : Dennis Spindel Ljungmark\r\n\r\nKernel\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in XNU that led to the disclosure of\r\nkernel memory. This was addressed through improved initialization of\r\nkernel memory structures.\r\nCVE-ID\r\nCVE-2015-5842 : beist of grayhash\r\n\r\nKernel\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: An issue existed in HFS drive mounting. This was\r\naddressed by additional validation checks.\r\nCVE-ID\r\nCVE-2015-5748 : Maxime Villard of m00nbsd\r\n\r\nlibpthread\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team\r\n\r\nPluginKit\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: A malicious enterprise application can install extensions\r\nbefore the application has been trusted\r\nDescription: An issue existed in the validation of extensions during\r\ninstallation. This was addressed through improved app verification.\r\nCVE-ID\r\nCVE-2015-5837 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\r\nFireEye, Inc.\r\n\r\nremovefile\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Processing malicious data may lead to unexpected application\r\ntermination\r\nDescription: An overflow fault existed in the checkint division\r\nroutines. This issue was addressed with improved division routines.\r\nCVE-ID\r\nCVE-2015-5840 : an anonymous researcher\r\n\r\nSQLite\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Multiple vulnerabilities in SQLite v3.8.5\r\nDescription: Multiple vulnerabilities existed in SQLite v3.8.5.\r\nThese issues were addressed by updating SQLite to version 3.8.10.2.\r\nCVE-ID\r\nCVE-2015-5895\r\n\r\ntidy\r\nAvailable for: Apple Watch Sport, Apple Watch,\r\nand Apple Watch Edition\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in Tidy. This issues\r\nwas addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5522 : Fernando Munoz of NULLGroup.com\r\nCVE-2015-5523 : Fernando Munoz of NULLGroup.com\r\n\r\n\r\nInstallation note:\r\n\r\nInstructions on how to update your Apple Watch software are\r\navailable at https://support.apple.com/en-us/HT204641\r\n\r\nTo check the version on your Apple Watch, open the Apple Watch app\r\non your iPhone and select "My Watch > General > About".\r\n\r\nAlternatively, on your watch, select "My Watch > General > About".\r\n\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-10-05T00:00:00", "title": "APPLE-SA-2015-09-21-1 watchOS 2", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:11:01", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2015-5903", "CVE-2015-5748", "CVE-2015-5918", "CVE-2015-5847", "CVE-2015-5869", "CVE-2015-5876", "CVE-2015-5862", "CVE-2015-5829", "CVE-2015-1205", "CVE-2015-5874", "CVE-2015-5895", "CVE-2015-5843", "CVE-2015-5845", "CVE-2015-5868", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5846", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-5912", "CVE-2015-5919", "CVE-2015-5841", "CVE-2015-5916", "CVE-2015-5824", "CVE-2015-5848", "CVE-2014-8146", "CVE-2015-5523", "CVE-2015-5844", "CVE-2015-5885", "CVE-2015-5837", "CVE-2013-3951", "CVE-2015-5898", "CVE-2015-5896", "CVE-2015-5863", "CVE-2015-5834", "CVE-2015-5522", "CVE-2015-5899"], "modified": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32518", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32518", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:02", "references": ["https://vulners.com/securityvulns/securityvulns:doc:32518", "https://vulners.com/securityvulns/securityvulns:doc:32564"], "description": "Information disclosure, memory corruptions, multiple vulnerabilities in different libraries.", "edition": 1, "reporter": "BUGTRAQ", "published": "2015-10-25T00:00:00", "title": "Apple watchOS security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:02", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Apple watchOS", "version": "2.0", "operator": "eq"}, {"name": "Apple WatchOS", "version": "1.0", "operator": "eq"}], "cvelist": ["CVE-2015-5903", "CVE-2015-5927", "CVE-2015-5748", "CVE-2015-5918", "CVE-2015-5847", "CVE-2015-5869", "CVE-2015-5876", "CVE-2015-5862", "CVE-2015-5829", "CVE-2015-1205", "CVE-2015-5939", "CVE-2015-5874", "CVE-2015-5895", "CVE-2015-5843", "CVE-2015-5845", "CVE-2015-5868", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5846", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-5912", "CVE-2015-5935", "CVE-2015-5919", "CVE-2015-5841", "CVE-2015-5937", "CVE-2015-5916", "CVE-2015-5824", "CVE-2015-5936", "CVE-2015-6989", "CVE-2015-5942", "CVE-2015-7015", "CVE-2015-5848", "CVE-2014-8146", "CVE-2015-5523", "CVE-2015-5844", "CVE-2015-5885", "CVE-2015-6996", "CVE-2015-5837", "CVE-2013-3951", "CVE-2015-5898", "CVE-2015-5925", "CVE-2015-6974", "CVE-2015-5896", "CVE-2015-5863", "CVE-2015-5834", "CVE-2015-7006", "CVE-2015-5926", "CVE-2015-5522", "CVE-2015-5899"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14699", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14699", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:02", "references": ["https://vulners.com/securityvulns/securityvulns:doc:32567", "https://vulners.com/securityvulns/securityvulns:doc:32517"], "description": "Multiple memory corruptions, DLL injections, multiple WebKit vulnerabilities, information disclosure.", "edition": 1, "reporter": "BUGTRAQ", "published": "2015-10-25T00:00:00", "title": "Apple iTunes multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:02", "vector": "NONE", "value": 10.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "iTunes", "version": "12.2", "operator": "eq"}], "cvelist": ["CVE-2015-3733", "CVE-2015-5930", "CVE-2015-7013", "CVE-2015-1157", "CVE-2015-3736", "CVE-2015-3686", "CVE-2015-6975", "CVE-2015-7002", "CVE-2015-5798", "CVE-2015-3688", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-5796", "CVE-2015-1205", "CVE-2015-5874", "CVE-2015-5808", "CVE-2015-5812", "CVE-2015-7014", "CVE-2015-3731", "CVE-2015-3687", "CVE-2015-6992", "CVE-2015-5805", "CVE-2015-3738", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-3740", "CVE-2015-3739", "CVE-2015-5807", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-3730", "CVE-2015-5802", "CVE-2015-5931", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5929", "CVE-2015-5789", "CVE-2015-5761", "CVE-2015-5813", "CVE-2015-5821", "CVE-2015-3749", "CVE-2015-3742", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-3748", "CVE-2014-8146", "CVE-2015-1152", "CVE-2015-5815", "CVE-2015-3746", "CVE-2015-5920", "CVE-2015-5755", "CVE-2015-7012", "CVE-2015-5810", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5823", "CVE-2015-5928", "CVE-2015-3735", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-7017", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-3737", "CVE-2010-3190", "CVE-2015-7011"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14698", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14698", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:01", "references": [], "description": "\r\n\r\nAPPLE-SA-2015-09-16-3 iTunes 12.3\r\n\r\niTunes 12.3 is now available and addresses the following:\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: Applications that use CoreText may be vulnerable to\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of text files. These issues were addressed through\r\nimproved memory handling.\r\nCVE-ID\r\nCVE-2015-1157 : Apple\r\nCVE-2015-3686 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-3687 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-3688 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: Applications that use ICU may be vulnerable to unexpected\r\napplication termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of unicode strings. These issues were addressed by\r\nupdating ICU to version 55.\r\nCVE-ID\r\nCVE-2014-8146\r\nCVE-2015-1205\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: Opening a media file may lead to arbitrary code execution\r\nDescription: A security issue existed in Microsoft Foundation\r\nClass's handling of library loading. This issue was addressed by\r\nupdating to the latest version of the Microsoft Visual C++\r\nRedistributable Package.\r\nCVE-ID\r\nCVE-2010-3190 : Stefan Kanthak\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may result in unexpected application termination or\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1152 : Apple\r\nCVE-2015-1153 : Apple\r\nCVE-2015-3730 : Apple\r\nCVE-2015-3731 : Apple\r\nCVE-2015-3733 : Apple\r\nCVE-2015-3734 : Apple\r\nCVE-2015-3735 : Apple\r\nCVE-2015-3736 : Apple\r\nCVE-2015-3737 : Apple\r\nCVE-2015-3738 : Apple\r\nCVE-2015-3739 : Apple\r\nCVE-2015-3740 : Apple\r\nCVE-2015-3741 : Apple\r\nCVE-2015-3742 : Apple\r\nCVE-2015-3743 : Apple\r\nCVE-2015-3744 : Apple\r\nCVE-2015-3745 : Apple\r\nCVE-2015-3746 : Apple\r\nCVE-2015-3747 : Apple\r\nCVE-2015-3748 : Apple\r\nCVE-2015-3749 : Apple\r\nCVE-2015-5789 : Apple\r\nCVE-2015-5790 : Apple\r\nCVE-2015-5791 : Apple\r\nCVE-2015-5792 : Apple\r\nCVE-2015-5793 : Apple\r\nCVE-2015-5794 : Apple\r\nCVE-2015-5795 : Apple\r\nCVE-2015-5796 : Apple\r\nCVE-2015-5797 : Apple\r\nCVE-2015-5798 : Apple\r\nCVE-2015-5799 : Apple\r\nCVE-2015-5800 : Apple\r\nCVE-2015-5801 : Apple\r\nCVE-2015-5802 : Apple\r\nCVE-2015-5803 : Apple\r\nCVE-2015-5804 : Apple\r\nCVE-2015-5805\r\nCVE-2015-5806 : Apple\r\nCVE-2015-5807 : Apple\r\nCVE-2015-5808 : Joe Vennix\r\nCVE-2015-5809 : Apple\r\nCVE-2015-5810 : Apple\r\nCVE-2015-5811 : Apple\r\nCVE-2015-5812 : Apple\r\nCVE-2015-5813 : Apple\r\nCVE-2015-5814 : Apple\r\nCVE-2015-5815 : Apple\r\nCVE-2015-5816 : Apple\r\nCVE-2015-5817 : Apple\r\nCVE-2015-5818 : Apple\r\nCVE-2015-5819 : Apple\r\nCVE-2015-5821 : Apple\r\nCVE-2015-5822 : Mark S. Miller of Google\r\nCVE-2015-5823 : Apple\r\n\r\nSoftware Update\r\nImpact: An attacker in a privileged network position may be able to\r\nobtain encrypted SMB credentials\r\nDescription: A redirection issue existed in the handling of certain\r\nnetwork connections. This issue was addressed through improved\r\nresource validation.\r\nCVE-ID\r\nCVE-2015-5920 : Cylance\r\n\r\n\r\niTunes 12.3 may be obtained from:\r\nhttp://www.apple.com/itunes/download/\r\n\r\nYou may also update to the latest version of iTunes via Apple\r\nSoftware Update, which can be found in the Start menu.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-10-05T00:00:00", "title": "APPLE-SA-2015-09-16-3 iTunes 12.3", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:11:01", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2015-3733", "CVE-2015-1157", "CVE-2015-3736", "CVE-2015-3686", "CVE-2015-5798", "CVE-2015-3688", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-5796", "CVE-2015-1205", "CVE-2015-5874", "CVE-2015-5808", "CVE-2015-5812", "CVE-2015-3731", "CVE-2015-3687", "CVE-2015-5805", "CVE-2015-3738", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-3740", "CVE-2015-3739", "CVE-2015-5807", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-3730", "CVE-2015-5802", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5789", "CVE-2015-5761", "CVE-2015-5813", "CVE-2015-5821", "CVE-2015-3749", "CVE-2015-3742", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-3748", "CVE-2014-8146", "CVE-2015-1152", "CVE-2015-5815", "CVE-2015-3746", "CVE-2015-5920", "CVE-2015-5755", "CVE-2015-5810", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5823", "CVE-2015-3735", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-3737", "CVE-2010-3190"], "modified": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32517", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32517", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:01", "references": [], "description": "\r\n\r\nAPPLE-SA-2015-09-16-1 iOS 9\r\n\r\niOS 9 is now available and addresses the following:\r\n\r\nApple Pay\r\nAvailable for: iPhone 6, iPad mini 3, and iPad Air 2\r\nImpact: Some cards may allow a terminal to retrieve limited recent\r\ntransaction information when making a payment\r\nDescription: The transaction log functionality was enabled in\r\ncertain configurations. This issue was addressed by removing the\r\ntransaction log functionality.\r\nCVE-ID\r\nCVE-2015-5916\r\n\r\nAppleKeyStore\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may be able to reset failed passcode\r\nattempts with an iOS backup\r\nDescription: An issue existed in resetting failed passcode attempts\r\nwith a backup of the iOS device. This was addressed through improved\r\npasscode failure logic.\r\nCVE-ID\r\nCVE-2015-5850 : an anonymous researcher\r\n\r\nApplication Store\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Clicking a malicious ITMS link may lead to a denial of\r\nservice in an enterprise-signed application\r\nDescription: An issue existed with installation through ITMS links.\r\nThis was addressed through additional installation verification.\r\nCVE-ID\r\nCVE-2015-5856 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\r\nFireEye, Inc.\r\n\r\nAudio\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Playing a malicious audio file may lead to an unexpected\r\napplication termination\r\nDescription: A memory corruption issue existed in the handling of\r\naudio files. This issue issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.:\r\nProf. Taekyoung Kwon), Yonsei University, Seoul, Korea\r\n\r\nCertificate Trust Policy\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT204132.\r\n\r\nCFNetwork\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to an iOS device may read\r\ncache data from Apple apps\r\nDescription: Cache data was encrypted with a key protected only by\r\nthe hardware UID. This issue was addressed by encrypting the cache\r\ndata with a key protected by the hardware UID and the user's\r\npasscode.\r\nCVE-ID\r\nCVE-2015-5898 : Andreas Kurtz of NESO Security Labs\r\n\r\nCFNetwork Cookies\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a privileged network position can track a\r\nuser's activity\r\nDescription: A cross-domain cookie issue existed in the handling of\r\ntop level domains. The issue was address through improved\r\nrestrictions of cookie creation.\r\nCVE-ID\r\nCVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork Cookies\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to create unintended cookies for a\r\nwebsite\r\nDescription: WebKit would accept multiple cookies to be set in the\r\ndocument.cookie API. This issue was addressed through improved\r\nparsing.\r\nCVE-ID\r\nCVE-2015-3801 : Erling Ellingsen of Facebook\r\n\r\nCFNetwork FTPProtocol\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Malicious FTP servers may be able to cause the client to\r\nperform reconnaissance on other hosts\r\nDescription: An issue existed in FTP packet handling if clients were\r\nusing an FTP proxy.\r\nCVE-ID\r\nCVE-2015-5912 : Amit Klein\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A maliciously crafted URL may be able to bypass HTTP Strict\r\nTransport Security (HSTS) and leak sensitive data\r\nDescription: A URL parsing vulnerability existed in HSTS handling.\r\nThis issue was addressed through improved URL parsing.\r\nCVE-ID\r\nCVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious website may be able to track users in Safari\r\nprivate browsing mode\r\nDescription: An issue existed in the handling of HSTS state in\r\nSafari private browsing mode. This issue was addressed through\r\nimproved state handling.\r\nCVE-ID\r\nCVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd\r\n\r\nCFNetwork Proxies\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Connecting to a malicious web proxy may set malicious\r\ncookies for a website\r\nDescription: An issue existed in the handling of proxy connect\r\nresponses. This issue was addressed by removing the set-cookie header\r\nwhile parsing the connect response.\r\nCVE-ID\r\nCVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork SSL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may intercept\r\nSSL/TLS connections\r\nDescription: A certificate validation issue existed in NSURL when a\r\ncertificate changed. This issue was addressed through improved\r\ncertificate validation.\r\nCVE-ID\r\nCVE-2015-5824 : Timothy J. Wood of The Omni Group\r\n\r\nCFNetwork SSL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of RC4.\r\nAn attacker could force the use of RC4, even if the server preferred\r\nbetter ciphers, by blocking TLS 1.0 and higher connections until\r\nCFNetwork tried SSL 3.0, which only allows RC4. This issue was\r\naddressed by removing the fallback to SSL 3.0.\r\n\r\nCoreAnimation\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to leak sensitive user\r\ninformation\r\nDescription: Applications could access the screen framebuffer while\r\nthey were in the background. This issue was addressed with improved\r\naccess control on IOSurfaces.\r\nCVE-ID\r\nCVE-2015-5880 : Jin Han, Su Mon Kywe, Qiang Yan, Robert Deng, Debin\r\nGao, Yingjiu Li of School of Information Systems Singapore Management\r\nUniversity, Feng Bao and Jianying Zhou of Cryptography and Security\r\nDepartment Institute for Infocomm Research\r\n\r\nCoreCrypto\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to determine a private key\r\nDescription: By observing many signing or decryption attempts, an\r\nattacker may have been able to determine the RSA private key. This\r\nissue was addressed using improved encryption algorithms.\r\n\r\nCoreText\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nData Detectors Engine\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted text file may lead to\r\narbitrary code execution\r\nDescription: Memory corruption issues existed in the processing of\r\ntext files. These issues were addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5829 : M1x7e1 of Safeye Team (www.safeye.org)\r\n\r\nDev Tools\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in dyld. This was\r\naddressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5876 : beist of grayhash\r\n\r\ndyld\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An application may be able to bypass code signing\r\nDescription: An issue existed with validation of the code signature\r\nof executables. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5839 : @PanguTeam, TaiG Jailbreak Team\r\n\r\nDisk Images\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in DiskImages. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5847 : Filippo Bigarella, Luca Todesco\r\n\r\nGame Center\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious Game Center application may be able to access a\r\nplayer's email address\r\nDescription: An issue existed in Game Center in the handling of a\r\nplayer's email. This issue was addressed through improved access\r\nrestrictions.\r\nCVE-ID\r\nCVE-2015-5855 : Nasser Alnasser\r\n\r\nICU\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities in ICU\r\nDescription: Multiple vulnerabilities existed in ICU versions prior\r\nto 53.1.0. These issues were addressed by updating ICU to version\r\n55.1.\r\nCVE-ID\r\nCVE-2014-8146\r\nCVE-2015-1205\r\n\r\nIOAcceleratorFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed that led to the disclosure of kernel\r\nmemory content. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5834 : Cererdlong of Alibaba Mobile Security Team\r\n\r\nIOAcceleratorFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in\r\nIOAcceleratorFamily. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5848 : Filippo Bigarella\r\n\r\nIOHIDFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in IOHIDFamily. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5867 : moony li of Trend Micro\r\n\r\nIOKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5844 : Filippo Bigarella\r\nCVE-2015-5845 : Filippo Bigarella\r\nCVE-2015-5846 : Filippo Bigarella\r\n\r\nIOMobileFrameBuffer\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in\r\nIOMobileFrameBuffer. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5843 : Filippo Bigarella\r\n\r\nIOStorageFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may be able to read kernel memory\r\nDescription: A memory initialization issue existed in the kernel.\r\nThis issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5863 : Ilja van Sprundel of IOActive\r\n\r\niTunes Store\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: AppleID credentials may persist in the keychain after sign\r\nout\r\nDescription: An issue existed in keychain deletion. This issue was\r\naddressed through improved account cleanup.\r\nCVE-ID\r\nCVE-2015-5832 : Kasif Dekel from Check Point Software Technologies\r\n\r\nJavaScriptCore\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Memory corruption issues existed in WebKit. These\r\nissues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5791 : Apple\r\nCVE-2015-5793 : Apple\r\nCVE-2015-5814 : Apple\r\nCVE-2015-5816 : Apple\r\nCVE-2015-5822 : Mark S. Miller of Google\r\nCVE-2015-5823 : Apple\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team\r\nCVE-2015-5896 : Maxime Villard of m00nbsd\r\nCVE-2015-5903 : CESG\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may control the value of stack cookies\r\nDescription: Multiple weaknesses existed in the generation of user\r\nspace stack cookies. This was addressed through improved generation\r\nof stack cookies.\r\nCVE-ID\r\nCVE-2013-3951 : Stefan Esser\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local process can modify other processes without\r\nentitlement checks\r\nDescription: An issue existed where root processes using the\r\nprocessor_set_tasks API were allowed to retrieve the task ports of\r\nother processes. This issue was addressed through added entitlement\r\nchecks.\r\nCVE-ID\r\nCVE-2015-5882 : Pedro Vilaca, working from original research by Ming-\r\nchieh Pan and Sung-ting Tsai; Jonathan Levin\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to launch denial of service attacks\r\non targeted TCP connections without knowing the correct sequence\r\nnumber\r\nDescription: An issue existed in xnu's validation of TCP packet\r\nheaders. This issues was addressed through improved TCP packet header\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5879 : Jonathan Looney\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a local LAN segment may disable IPv6 routing\r\nDescription: An insufficient validation issue existed in handling of\r\nIPv6 router advertisements that allowed an attacker to set the hop\r\nlimit to an arbitrary value. This issue was addressed by enforcing a\r\nminimum hop limit.\r\nCVE-ID\r\nCVE-2015-5869 : Dennis Spindel Ljungmark\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in XNU that led to the disclosure of\r\nkernel memory. This was addressed through improved initialization of\r\nkernel memory structures.\r\nCVE-ID\r\nCVE-2015-5842 : beist of grayhash\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: An issue existed in HFS drive mounting. This was\r\naddressed by additional validation checks.\r\nCVE-ID\r\nCVE-2015-5748 : Maxime Villard of m00nbsd\r\n\r\nlibc\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse\r\nCorporation\r\n\r\nlibpthread\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team\r\n\r\nMail\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker can send an email that appears to come from a\r\ncontact in the recipient's address book\r\nDescription: An issue existed in the handling of the sender's\r\naddress. This issue was addressed through improved validation.\r\nCVE-ID\r\nCVE-2015-5857 : Emre Saglam of salesforce.com\r\n\r\nMultipeer Connectivity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may be able to observe unprotected\r\nmultipeer data\r\nDescription: An issue existed in convenience initializer handling in\r\nwhich encryption could be actively downgraded to a non-encrypted\r\nsession. This issue was addressed by changing the convenience\r\ninitializer to require encryption.\r\nCVE-ID\r\nCVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem\r\n\r\nNetworkExtension\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An uninitialized memory issue in the kernel led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nmemory initialization.\r\nCVE-ID\r\nCVE-2015-5831 : Maxime Villard of m00nbsd\r\n\r\nOpenSSL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: Multiple vulnerabilities existed in OpenSSL versions\r\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\r\n0.9.8zg.\r\nCVE-ID\r\nCVE-2015-0286\r\nCVE-2015-0287\r\n\r\nPluginKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious enterprise application can install extensions\r\nbefore the application has been trusted\r\nDescription: An issue existed in the validation of extensions during\r\ninstallation. This was addressed through improved app verification.\r\nCVE-ID\r\nCVE-2015-5837 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\r\nFireEye, Inc.\r\n\r\nremovefile\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing malicious data may lead to unexpected application\r\ntermination\r\nDescription: An overflow fault existed in the checkint division\r\nroutines. This issue was addressed with improved division routines.\r\nCVE-ID\r\nCVE-2015-5840 : an anonymous researcher\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to read Safari bookmarks on a\r\nlocked iOS device without a passcode\r\nDescription: Safari bookmark data was encrypted with a key protected\r\nonly by the hardware UID. This issue was addressed by encrypting the\r\nSafari bookmark data with a key protected by the hardware UID and the\r\nuser's passcode.\r\nCVE-ID\r\nCVE-2015-5903 : Jonathan Zdziarski\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: An issue may have allowed a website to display content\r\nwith a URL from a different website. This issue was addressed through\r\nimproved URL handling.\r\nCVE-ID\r\nCVE-2015-5904 : Erling Ellingsen of Facebook, Lukasz Pilorz\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: Navigating to a malicious website with a malformed\r\nwindow opener may have allowed the display of arbitrary URLs. This\r\nissue was addressed through improved handling of window openers.\r\nCVE-ID\r\nCVE-2015-5905 : Keita Haga of keitahaga.com\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Users may be tracked by malicious websites using client\r\ncertificates\r\nDescription: An issue existed in Safari's client certificate\r\nmatching for SSL authentication. This issue was addressed through\r\nimproved matching of valid client certificates.\r\nCVE-ID\r\nCVE-2015-1129 : Stefan Kraus of fluid Operations AG, Sylvain Munaut\r\nof Whatever s.a.\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: Multiple user interface inconsistencies may have\r\nallowed a malicious website to display an arbitrary URL. These issues\r\nwere addressed through improved URL display logic.\r\nCVE-ID\r\nCVE-2015-5764 : Antonio Sanso (@asanso) of Adobe\r\nCVE-2015-5765 : Ron Masas\r\nCVE-2015-5767 : Krystian Kloskowski via Secunia, Masato Kinugawa\r\n\r\nSafari Safe Browsing\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Navigating to the IP address of a known malicious website\r\nmay not trigger a security warning\r\nDescription: Safari's Safe Browsing feature did not warn users when\r\nvisiting known malicious websites by their IP addresses. The issue\r\nwas addressed through improved malicious site detection.\r\nRahul M of TagsDoc\r\n\r\nSecurity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious app may be able to intercept communication\r\nbetween apps\r\nDescription: An issue existed that allowed a malicious app to\r\nintercept URL scheme communication between apps. This was mitigated\r\nby displaying a dialog when a URL scheme is used for the first time.\r\nCVE-ID\r\nCVE-2015-5835 : Teun van Run of FiftyTwoDegreesNorth B.V.; XiaoFeng\r\nWang of Indiana University, Luyi Xing of Indiana University, Tongxin\r\nLi of Peking University, Tongxin Li of Peking University, Xiaolong\r\nBai of Tsinghua University\r\n\r\nSiri\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to an iOS device may be able\r\nto use Siri to read notifications of content that is set not to be\r\ndisplayed at the lock screen\r\nDescription: When a request was made to Siri, client side\r\nrestrictions were not being checked by the server. This issue was\r\naddressed through improved restriction checking.\r\nCVE-ID\r\nCVE-2015-5892 : Robert S Mozayeni, Joshua Donvito\r\n\r\nSpringBoard\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to an iOS device can reply to\r\nan audio message from the lock screen when message previews from the\r\nlock screen are disabled\r\nDescription: A lock screen issue allowed users to reply to audio\r\nmessages when message previews were disabled. This issue was\r\naddressed through improved state management.\r\nCVE-ID\r\nCVE-2015-5861 : Daniel Miedema of Meridian Apps\r\n\r\nSpringBoard\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to spoof another\r\napplication's dialog windows\r\nDescription: An access issue existed with privileged API calls. This\r\nissue was addressed through additional restrictions.\r\nCVE-ID\r\nCVE-2015-5838 : Min (Spark) Zheng, Hui Xue, Tao (Lenx) Wei, John C.S.\r\nLui\r\n\r\nSQLite\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities in SQLite v3.8.5\r\nDescription: Multiple vulnerabilities existed in SQLite v3.8.5.\r\nThese issues were addressed by updating SQLite to version 3.8.10.2.\r\nCVE-ID\r\nCVE-2015-5895\r\n\r\ntidy\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in Tidy. This issues\r\nwas addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5522 : Fernando Munoz of NULLGroup.com\r\nCVE-2015-5523 : Fernando Munoz of NULLGroup.com\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Object references may be leaked between isolated origins on\r\ncustom events, message events and pop state events\r\nDescription: An object leak issue broke the isolation boundary\r\nbetween origins. This issue was addressed through improved isolation\r\nbetween origins.\r\nCVE-ID\r\nCVE-2015-5827 : Gildas\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Memory corruption issues existed in WebKit. These\r\nissues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5789 : Apple\r\nCVE-2015-5790 : Apple\r\nCVE-2015-5792 : Apple\r\nCVE-2015-5794 : Apple\r\nCVE-2015-5795 : Apple\r\nCVE-2015-5796 : Apple\r\nCVE-2015-5797 : Apple\r\nCVE-2015-5799 : Apple\r\nCVE-2015-5800 : Apple\r\nCVE-2015-5801 : Apple\r\nCVE-2015-5802 : Apple\r\nCVE-2015-5803 : Apple\r\nCVE-2015-5804 : Apple\r\nCVE-2015-5805\r\nCVE-2015-5806 : Apple\r\nCVE-2015-5807 : Apple\r\nCVE-2015-5809 : Apple\r\nCVE-2015-5810 : Apple\r\nCVE-2015-5811 : Apple\r\nCVE-2015-5812 : Apple\r\nCVE-2015-5813 : Apple\r\nCVE-2015-5817 : Apple\r\nCVE-2015-5818 : Apple\r\nCVE-2015-5819 : Apple\r\nCVE-2015-5821 : Apple\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to unintended dialing\r\nDescription: An issue existed in handling of tel://, facetime://,\r\nand facetime-audio:// URLs. This issue was addressed through improved\r\nURL handling.\r\nCVE-ID\r\nCVE-2015-5820 : Andrei Neculaesei, Guillaume Ross\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: QuickType may learn the last character of a password in a\r\nfilled-in web form\r\nDescription: An issue existed in WebKit's handling of password input\r\ncontext. This issue was addressed through improved input context\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5906 : Louis Romero of Google Inc.\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a privileged network position may be able to\r\nredirect to a malicious domain\r\nDescription: An issue existed in the handling of resource caches on\r\nsites with invalid certificates. The issue was addressed by rejecting\r\nthe application cache of domains with invalid certificates.\r\nCVE-ID\r\nCVE-2015-5907 : Yaoqi Jia of National University of Singapore (NUS)\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious website may exfiltrate data cross-origin\r\nDescription: Safari allowed cross-origin stylesheets to be loaded\r\nwith non-CSS MIME types which could be used for cross-origin data\r\nexfiltration. This issue was addressed by limiting MIME types for\r\ncross-origin stylesheets.\r\nCVE-ID\r\nCVE-2015-5826 : filedescriptor, Chris Evans\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: The Performance API may allow a malicious website to leak\r\nbrowsing history, network activity, and mouse movements\r\nDescription: WebKit's Performance API could have allowed a malicious\r\nwebsite to leak browsing history, network activity, and mouse\r\nmovements by measuring time. This issue was addressed by limiting\r\ntime resolution.\r\nCVE-ID\r\nCVE-2015-5825 : Yossi Oren et al. of Columbia University's Network\r\nSecurity Lab\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a privileged network position may be able to\r\nleak sensitive user information\r\nDescription: An issue existed with Content-Disposition headers\r\ncontaining type attachment. This issue was addressed by disallowing\r\nsome functionality for type attachment pages.\r\nCVE-ID\r\nCVE-2015-5921 : Mickey Shkatov of the Intel(r) Advanced Threat\r\nResearch Team, Daoyuan Wu of Singapore Management University, Rocky\r\nK. C. Chang of Hong Kong Polytechnic University, Lukasz Pilorz,\r\nsuperhei of www.knownsec.com\r\n\r\nWebKit Canvas\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may disclose image data from\r\nanother website\r\nDescription: A cross-origin issue existed with "canvas" element\r\nimages in WebKit. This was addressed through improved tracking of\r\nsecurity origins.\r\nCVE-ID\r\nCVE-2015-5788 : Apple\r\n\r\nWebKit Page Loading\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: WebSockets may bypass mixed content policy enforcement\r\nDescription: An insufficient policy enforcement issue allowed\r\nWebSockets to load mixed content. This issue was addressed by\r\nextending mixed content policy enforcement to WebSockets.\r\nKevin G Jones of Higher Logic\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "9".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-10-05T00:00:00", "title": "APPLE-SA-2015-09-16-1 iOS 9", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:11:01", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2015-5880", "CVE-2015-5838", "CVE-2015-5903", "CVE-2015-5861", "CVE-2015-5825", "CVE-2015-5748", "CVE-2015-5847", "CVE-2015-5892", "CVE-2015-5869", "CVE-2015-5879", "CVE-2015-5876", "CVE-2015-5858", "CVE-2015-5862", "CVE-2015-0286", "CVE-2015-5796", "CVE-2015-5829", "CVE-2015-1205", "CVE-2015-5874", "CVE-2015-5860", "CVE-2015-5812", "CVE-2015-5788", "CVE-2015-5895", "CVE-2015-5843", "CVE-2015-5845", "CVE-2015-5905", "CVE-2015-5868", "CVE-2015-5805", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-5846", "CVE-2015-5807", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-5801", "CVE-2015-5912", "CVE-2015-5921", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-5802", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5841", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5831", "CVE-2015-5855", "CVE-2015-5916", "CVE-2014-8611", "CVE-2015-5789", "CVE-2015-5765", "CVE-2015-5813", "CVE-2015-1129", "CVE-2015-5824", "CVE-2015-5856", "CVE-2015-5764", "CVE-2015-5821", "CVE-2015-5867", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-5827", "CVE-2015-5848", "CVE-2015-5826", "CVE-2014-8146", "CVE-2015-5835", "CVE-2015-5523", "CVE-2015-5820", "CVE-2015-5844", "CVE-2015-5904", "CVE-2015-5885", "CVE-2015-3801", "CVE-2015-5837", "CVE-2013-3951", "CVE-2015-5906", "CVE-2015-5810", "CVE-2015-5898", "CVE-2015-5850", "CVE-2015-0287", "CVE-2015-5823", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5896", "CVE-2015-5863", "CVE-2015-5907", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5857", "CVE-2015-5834", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-5522", "CVE-2015-5851", "CVE-2015-5899", "CVE-2015-5832", "CVE-2015-5767"], "modified": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32514", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32514", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:03", "references": ["https://vulners.com/securityvulns/securityvulns:doc:32657", "https://vulners.com/securityvulns/securityvulns:doc:32654", "https://vulners.com/securityvulns/securityvulns:doc:32655", "https://vulners.com/securityvulns/securityvulns:doc:32656", "https://vulners.com/securityvulns/securityvulns:doc:32658", "https://vulners.com/securityvulns/securityvulns:doc:32659", "https://vulners.com/securityvulns/securityvulns:doc:32653"], "description": "Quarterly update closes 140 vulnerabilities in different applications.", "edition": 1, "reporter": "ORACLE", "published": "2015-11-02T00:00:00", "title": "Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:03", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "PeopleSoft Enterprise HCM Talent Acquistion Managment", "version": "9.2", "operator": "eq"}, {"name": "Endeca Server", "version": "7.6", "operator": "eq"}, {"name": "Oracle Transportation Management", "version": "6.2", "operator": "eq"}, {"name": "Oracle Traffic Director", "version": "11.1", "operator": "eq"}, {"name": "Java SE", "version": "8", "operator": "eq"}, {"name": "Oracle Communications LSMS", "version": "13.1", "operator": "eq"}, {"name": "Oracle Communications Messaging Server", "version": "8.0", "operator": "eq"}, {"name": "Oracle Enterprise Data Quality", "version": "12.1", "operator": "eq"}, {"name": "PeopleSoft Enterprise FSCM", "version": "9.2", "operator": "eq"}, {"name": "Hyperion Installation Technology", "version": "11.1", "operator": "eq"}, {"name": "Oracle", "version": "12.1", "operator": "eq"}, {"name": "Java SE Embedded", "version": "8", "operator": "eq"}, {"name": "Outside In Technology", "version": "8.5", "operator": "eq"}, {"name": "Exalogic Infrastructure", "version": "2.0", "operator": "eq"}, {"name": "Oracle", "version": "11.2", "operator": "eq"}, {"name": "Oracle Retail Returns Management", "version": "14.0", "operator": "eq"}, {"name": "Oracle E-Business Suite", "version": "12.2", "operator": "eq"}, {"name": "Solaris", "version": "11.2", "operator": "eq"}, {"name": "MySQL Enterprise Monitor", "version": "3.0", "operator": "eq"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.54", "operator": "eq"}, {"name": "Oracle Agile PLM", "version": "9.3", "operator": "eq"}, {"name": "PeopleSoft Enterprise HCM", "version": "9.2", "operator": "eq"}, {"name": "Oracle WebCenter Content", "version": "10.1", "operator": "eq"}, {"name": "Oracle Configurator", "version": "12.2", "operator": "eq"}, {"name": "Oracle Communications Performance Intelligence Center Software", "version": "10.1", "operator": "eq"}, {"name": "Oracle Communications Diameter Signaling Router", "version": "7.1", "operator": "eq"}, {"name": "Oracle Identity Manager", "version": "11.1", "operator": "eq"}, {"name": "Enterprise Manager Base Platform", "version": "12.1", "operator": "eq"}, {"name": "FS1-2 Flash Storage System", "version": "6.3", "operator": "eq"}, {"name": "Integrated Lights Out Manager", "version": "3.2", "operator": "eq"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1", "operator": "eq"}, {"name": "OSS Support Tools", "version": "8.8", "operator": "eq"}, {"name": "Oracle Retail Back Office", "version": "14.0", "operator": "eq"}, {"name": "Oracle Agile Engineering Data Management", "version": "6.2", "operator": "eq"}, {"name": "Oracle Communications Tekelec HLR Router", "version": "4.0", "operator": "eq"}, {"name": "VirtualBox", "version": "5.0", "operator": "eq"}, {"name": "MySQL Server", "version": "5.6", "operator": "eq"}, {"name": "PeopleSoft Enterprise FIN Expenses", "version": "9.2", "operator": "eq"}, {"name": "GlassFish Server", "version": "3.1", "operator": "eq"}, {"name": "Oracle Mobile Security Suite", "version": "3.0", "operator": "eq"}, {"name": "Oracle Communications User Data Repository", "version": "10.2", "operator": "eq"}, {"name": "Oracle Communications Convergence", "version": "3.0", "operator": "eq"}, {"name": "Oracle Access Manager", "version": "11.1", "operator": "eq"}, {"name": "JDeveloper", "version": "12.1", "operator": "eq"}, {"name": "Oracle Mobile Server", "version": "12.1", "operator": "eq"}, {"name": "Oracle Utilities Work and Asset Management", "version": "1.9", "operator": "eq"}, {"name": "Oracle Communications Policy Management", "version": "12.1", "operator": "eq"}, {"name": "Oracle WebCenter Sites", "version": "11.1", "operator": "eq"}, {"name": "JavaFX", "version": "2.2", "operator": "eq"}, {"name": "Fusion Middleware", "version": "12.1", "operator": "eq"}, {"name": "Siebel Applications", "version": "2015", "operator": "eq"}, {"name": "Oracle HTTP Server", "version": "12.1", "operator": "eq"}, {"name": "Oracle Retail Central Office", "version": "14.0", "operator": "eq"}, {"name": "Enterprise Manager Ops Center", "version": "12.2", "operator": "eq"}, {"name": "JRockit", "version": "28.3", "operator": "eq"}, {"name": "Oracle Fusion Applications", "version": "11.1", "operator": "eq"}, {"name": "Oracle Retail Open Commerce Platform", "version": "3.0", "operator": "eq"}], "cvelist": ["CVE-2015-4894", "CVE-2015-4000", "CVE-2015-4851", "CVE-2015-4895", "CVE-2015-4905", "CVE-2015-4866", "CVE-2015-4832", "CVE-2015-4822", "CVE-2015-4830", "CVE-2015-4804", "CVE-2015-4816", "CVE-2015-0235", "CVE-2015-1793", "CVE-2015-4793", "CVE-2015-4863", "CVE-2015-4913", "CVE-2015-4892", "CVE-2014-0191", "CVE-2015-4796", "CVE-2015-4864", "CVE-2015-4794", "CVE-2015-4887", "CVE-2015-2642", "CVE-2015-4860", "CVE-2015-4868", "CVE-1999-0377", "CVE-2015-4820", "CVE-2015-4903", "CVE-2015-0286", "CVE-2015-4906", "CVE-2015-4843", "CVE-2015-4842", "CVE-2015-4910", "CVE-2015-4872", "CVE-2015-4846", "CVE-2014-3576", "CVE-2015-4876", "CVE-2014-3571", "CVE-2015-4883", "CVE-2014-7940", "CVE-2015-4858", "CVE-2015-4802", "CVE-2015-4882", "CVE-2015-4801", "CVE-2015-4878", "CVE-2015-4799", "CVE-2015-4811", "CVE-2015-4834", "CVE-2015-4762", "CVE-2015-4815", "CVE-2015-4812", "CVE-2015-4839", "CVE-2015-4798", "CVE-2015-4891", "CVE-2015-4734", "CVE-2015-4899", "CVE-2015-4865", "CVE-2015-4915", "CVE-2015-4871", "CVE-2015-4800", "CVE-2015-4869", "CVE-2015-4828", "CVE-2015-4803", "CVE-2015-4875", "CVE-2015-4902", "CVE-2015-4917", "CVE-2015-4909", "CVE-2015-4791", "CVE-2015-4805", "CVE-2015-4849", "CVE-2015-4879", "CVE-2015-4888", "CVE-2015-4838", "CVE-2015-4850", "CVE-2015-4806", "CVE-2015-4825", "CVE-2015-3144", "CVE-2015-4797", "CVE-2015-4792", "CVE-2015-4837", "CVE-2015-4904", "CVE-2015-4810", "CVE-2015-4827", "CVE-2014-0050", "CVE-2015-4817", "CVE-2015-4908", "CVE-2015-4912", "CVE-2015-4833", "CVE-2015-4847", "CVE-2015-4855", "CVE-2015-4848", "CVE-2015-4730", "CVE-2015-4819", "CVE-2015-4896", "CVE-2015-2633", "CVE-2015-4807", "CVE-2015-4901", "CVE-2015-4835", "CVE-2015-4873", "CVE-2015-4766", "CVE-2015-4795", "CVE-2015-4907", "CVE-2015-4859", "CVE-2015-1829", "CVE-2015-4898", "CVE-2015-4874", "CVE-2015-4836", "CVE-2015-4824", "CVE-2015-4900", "CVE-2015-4831", "CVE-2015-4861", "CVE-2015-4911", "CVE-2015-4886", "CVE-2015-2608", "CVE-2015-4809", "CVE-2015-4877", "CVE-2015-4844", "CVE-2015-4870", "CVE-2015-4881", "CVE-2015-4840", "CVE-2015-4856", "CVE-2015-4845", "CVE-2015-4914", "CVE-2015-4893", "CVE-2015-4916", "CVE-2015-4826", "CVE-2014-1569", "CVE-2015-4862", "CVE-2010-1622", "CVE-2015-4857", "CVE-2015-4890", "CVE-2015-4867", "CVE-2015-4884", "CVE-2015-4813", "CVE-2015-4841", "CVE-2015-4818", "CVE-2015-4880", "CVE-2015-1791", "CVE-2015-4823", "CVE-2015-4821"], "modified": "2015-11-02T00:00:00", "id": "SECURITYVULNS:VULN:14755", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14755", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:02", "references": ["https://vulners.com/securityvulns/securityvulns:doc:32514", "https://vulners.com/securityvulns/securityvulns:doc:32515", "https://vulners.com/securityvulns/securityvulns:doc:32563"], "description": "Screen unlock, information disclosure, restrictions bypass, multiple memory corruptions, weak encryption, multiple vulnerabilities in different libraries.", "edition": 1, "reporter": "BUGTRAQ", "published": "2015-10-25T00:00:00", "title": "Apple iOS multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:02", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Apple iOS", "version": "9.0", "operator": "eq"}], "cvelist": ["CVE-2015-5880", "CVE-2015-5930", "CVE-2015-5838", "CVE-2015-5903", "CVE-2015-7022", "CVE-2015-6976", "CVE-2015-5861", "CVE-2015-5825", "CVE-2015-5927", "CVE-2015-5748", "CVE-2015-5847", "CVE-2015-7005", "CVE-2015-6975", "CVE-2015-7004", "CVE-2015-7002", "CVE-2015-5892", "CVE-2015-6982", "CVE-2015-5869", "CVE-2015-5879", "CVE-2015-5876", "CVE-2015-5858", "CVE-2015-5924", "CVE-2015-5862", "CVE-2015-0286", "CVE-2015-6979", "CVE-2015-6983", "CVE-2015-5796", "CVE-2015-5829", "CVE-2015-1205", "CVE-2015-5939", "CVE-2015-5874", "CVE-2015-6991", "CVE-2015-5860", "CVE-2015-5812", "CVE-2015-7014", "CVE-2015-6994", "CVE-2015-5788", "CVE-2015-6992", "CVE-2015-5895", "CVE-2015-5843", "CVE-2015-6977", "CVE-2015-5845", "CVE-2015-5905", "CVE-2015-5868", "CVE-2015-5805", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-5940", "CVE-2015-5846", "CVE-2015-5807", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-6997", "CVE-2015-5801", "CVE-2015-6995", "CVE-2015-6978", "CVE-2015-7018", "CVE-2015-5912", "CVE-2015-5921", "CVE-2015-5935", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-6986", "CVE-2015-7010", "CVE-2015-5802", "CVE-2015-5792", "CVE-2015-7008", "CVE-2015-5791", "CVE-2015-5841", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5929", "CVE-2015-5831", "CVE-2015-5937", "CVE-2015-5855", "CVE-2015-5916", "CVE-2015-7023", "CVE-2014-8611", "CVE-2015-5789", "CVE-2015-6993", "CVE-2015-5765", "CVE-2015-7000", "CVE-2015-5813", "CVE-2015-1129", "CVE-2015-5824", "CVE-2015-5856", "CVE-2015-5764", "CVE-2015-5821", "CVE-2015-5936", "CVE-2015-5867", "CVE-2015-6989", "CVE-2015-5923", "CVE-2015-5942", "CVE-2015-7015", "CVE-2015-6981", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-5827", "CVE-2015-6999", "CVE-2015-5848", "CVE-2015-5826", "CVE-2014-8146", "CVE-2015-5835", "CVE-2015-6990", "CVE-2015-7009", "CVE-2015-6988", "CVE-2015-5523", "CVE-2015-5820", "CVE-2015-5844", "CVE-2015-5904", "CVE-2015-5885", "CVE-2015-6996", "CVE-2015-3801", "CVE-2015-5837", "CVE-2013-3951", "CVE-2015-7012", "CVE-2015-5906", "CVE-2015-5810", "CVE-2015-5898", "CVE-2015-5925", "CVE-2015-5850", "CVE-2015-0287", "CVE-2015-6974", "CVE-2015-5823", "CVE-2015-5928", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5896", "CVE-2015-5863", "CVE-2015-5907", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5857", "CVE-2015-5834", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-7006", "CVE-2015-7017", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-5926", "CVE-2015-5522", "CVE-2015-5851", "CVE-2015-5899", "CVE-2015-5832", "CVE-2015-5767"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14696", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14696", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:51:50", "references": [], "pluginID": "81016", "description": "Several memory corruption bugs were discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7923, CVE-2014-7926)\n\nA use-after-free was discovered in the IndexedDB implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7924)\n\nA use-after free was discovered in the WebAudio implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7925)\n\nSeveral memory corruption bugs were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7927, CVE-2014-7928, CVE-2014-7931)\n\nSeveral use-after free bugs were discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7929, CVE-2014-7930, CVE-2014-7932, CVE-2014-7934)\n\nA use-after free was discovered in FFmpeg. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7933)\n\nMultiple off-by-one errors were discovered in FFmpeg. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7937)\n\nA memory corruption bug was discovered in the fonts implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7938)\n\nIt was discovered that ICU did not initialize memory for a data structure correctly. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7940)\n\nIt was discovered that the fonts implementation did not initialize memory for a data structure correctly. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7942)\n\nAn out-of-bounds read was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2014-7943)\n\nAn out-of-bounds read was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2014-7946)\n\nIt was discovered that the AppCache proceeded with caching for SSL sessions even if there is a certificate error. A remote attacker could potentially exploit this by conducting a MITM attack to modify HTML application content. (CVE-2014-7948)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1205)\n\nMultiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1346).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2015-01-27T00:00:00", "title": "Ubuntu 14.04 LTS / 14.10 : oxide-qt vulnerabilities (USN-2476-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7931", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7948", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-08-03T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs", "p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra", "cpe:/o:canonical:ubuntu_linux:14.10", "p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2476-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81016", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2476-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81016);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/08/03 12:21:24\");\n\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7924\", \"CVE-2014-7925\", \"CVE-2014-7926\", \"CVE-2014-7927\", \"CVE-2014-7928\", \"CVE-2014-7929\", \"CVE-2014-7930\", \"CVE-2014-7931\", \"CVE-2014-7932\", \"CVE-2014-7933\", \"CVE-2014-7934\", \"CVE-2014-7937\", \"CVE-2014-7938\", \"CVE-2014-7940\", \"CVE-2014-7942\", \"CVE-2014-7943\", \"CVE-2014-7946\", \"CVE-2014-7948\", \"CVE-2015-1205\", \"CVE-2015-1346\");\n script_bugtraq_id(72288);\n script_xref(name:\"USN\", value:\"2476-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 14.10 : oxide-qt vulnerabilities (USN-2476-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several memory corruption bugs were discovered in ICU. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service via renderer\ncrash or execute arbitrary code with the privileges of the sandboxed\nrender process. (CVE-2014-7923, CVE-2014-7926)\n\nA use-after-free was discovered in the IndexedDB implementation. If a\nuser were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to cause a denial of service\nvia application crash or execute arbitrary code with the privileges of\nthe user invoking the program. (CVE-2014-7924)\n\nA use-after free was discovered in the WebAudio implementation in\nBlink. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service via renderer crash or execute arbitrary code with the\nprivileges of the sandboxed render process. (CVE-2014-7925)\n\nSeveral memory corruption bugs were discovered in V8. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service via renderer\ncrash or execute arbitrary code with the privileges of the sandboxed\nrender process. (CVE-2014-7927, CVE-2014-7928, CVE-2014-7931)\n\nSeveral use-after free bugs were discovered in the DOM implementation\nin Blink. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit these to cause a denial\nof service via renderer crash or execute arbitrary code with the\nprivileges of the sandboxed render process. (CVE-2014-7929,\nCVE-2014-7930, CVE-2014-7932, CVE-2014-7934)\n\nA use-after free was discovered in FFmpeg. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash or\nexecute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-7933)\n\nMultiple off-by-one errors were discovered in FFmpeg. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via renderer\ncrash or execute arbitrary code with the privileges of the sandboxed\nrender process. (CVE-2014-7937)\n\nA memory corruption bug was discovered in the fonts implementation. If\na user were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to cause a denial of service\nvia renderer crash or execute arbitrary code with the privileges of\nthe sandboxed render process. (CVE-2014-7938)\n\nIt was discovered that ICU did not initialize memory for a data\nstructure correctly. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to cause a\ndenial of service via renderer crash or execute arbitrary code with\nthe privileges of the sandboxed render process. (CVE-2014-7940)\n\nIt was discovered that the fonts implementation did not initialize\nmemory for a data structure correctly. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash or\nexecute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-7942)\n\nAn out-of-bounds read was discovered in Skia. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via renderer\ncrash. (CVE-2014-7943)\n\nAn out-of-bounds read was discovered in Blink. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via renderer\ncrash. (CVE-2014-7946)\n\nIt was discovered that the AppCache proceeded with caching for SSL\nsessions even if there is a certificate error. A remote attacker could\npotentially exploit this by conducting a MITM attack to modify HTML\napplication content. (CVE-2014-7948)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2015-1205)\n\nMultiple security issues were discovered in V8. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via renderer crash or execute arbitrary code with the\nprivileges of the sandboxed render process. (CVE-2015-1346).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected liboxideqtcore0, oxideqt-codecs and / or\noxideqt-codecs-extra packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.4.2-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"oxideqt-codecs\", pkgver:\"1.4.2-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"oxideqt-codecs-extra\", pkgver:\"1.4.2-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"liboxideqtcore0\", pkgver:\"1.4.2-0ubuntu0.14.10.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"oxideqt-codecs\", pkgver:\"1.4.2-0ubuntu0.14.10.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"oxideqt-codecs-extra\", pkgver:\"1.4.2-0ubuntu0.14.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liboxideqtcore0 / oxideqt-codecs / oxideqt-codecs-extra\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T17:03:12", "references": ["https://access.redhat.com/security/cve/cve-2014-7932", "https://access.redhat.com/security/cve/cve-2014-7927", "https://access.redhat.com/security/cve/cve-2014-7943", "https://access.redhat.com/errata/RHSA-2015:0093", "https://access.redhat.com/security/cve/cve-2014-7924", "https://access.redhat.com/security/cve/cve-2014-7923", "https://access.redhat.com/security/cve/cve-2014-7942", "https://access.redhat.com/security/cve/cve-2014-7934", "https://access.redhat.com/security/cve/cve-2014-7946", "https://access.redhat.com/security/cve/cve-2014-7930", "https://access.redhat.com/security/cve/cve-2014-7948", "https://access.redhat.com/security/cve/cve-2014-7944", "https://access.redhat.com/security/cve/cve-2014-7938", "https://access.redhat.com/security/cve/cve-2014-7935", "https://access.redhat.com/security/cve/cve-2014-7940", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "https://access.redhat.com/security/cve/cve-2014-7933", "https://access.redhat.com/security/cve/cve-2014-7928", "https://access.redhat.com/security/cve/cve-2014-7931", "https://access.redhat.com/security/cve/cve-2014-7925", "https://access.redhat.com/security/cve/cve-2014-7929", "https://access.redhat.com/security/cve/cve-2014-7939", "https://access.redhat.com/security/cve/cve-2014-7945", "https://access.redhat.com/security/cve/cve-2014-7937", "https://access.redhat.com/security/cve/cve-2014-7926", "https://access.redhat.com/security/cve/cve-2014-7947", "https://access.redhat.com/security/cve/cve-2014-7941", "https://access.redhat.com/security/cve/cve-2014-7936"], "pluginID": "81035", "description": "Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. (CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7935, CVE-2014-7936, CVE-2014-7937, CVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941, CVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945, CVE-2014-7946, CVE-2014-7947, CVE-2014-7948)\n\nAll Chromium users should upgrade to these updated packages, which contain Chromium version 40.0.2214.91, which corrects these issues.\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "edition": 8, "reporter": "Tenable", "published": "2015-01-28T00:00:00", "title": "RHEL 6 : chromium-browser (RHSA-2015:0093)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2014-7944", "CVE-2014-7924", "CVE-2014-7947", "CVE-2014-7948", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "cpe:/o:redhat:enterprise_linux:6.6", "p-cpe:/a:redhat:enterprise_linux:chromium-browser", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2015-0093.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81035", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0093. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81035);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/11/10 11:49:54\");\n\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7924\", \"CVE-2014-7925\", \"CVE-2014-7926\", \"CVE-2014-7927\", \"CVE-2014-7928\", \"CVE-2014-7929\", \"CVE-2014-7930\", \"CVE-2014-7931\", \"CVE-2014-7932\", \"CVE-2014-7933\", \"CVE-2014-7934\", \"CVE-2014-7935\", \"CVE-2014-7936\", \"CVE-2014-7937\", \"CVE-2014-7938\", \"CVE-2014-7939\", \"CVE-2014-7940\", \"CVE-2014-7941\", \"CVE-2014-7942\", \"CVE-2014-7943\", \"CVE-2014-7944\", \"CVE-2014-7945\", \"CVE-2014-7946\", \"CVE-2014-7947\", \"CVE-2014-7948\", \"CVE-2015-1346\");\n script_bugtraq_id(72288);\n script_xref(name:\"RHSA\", value:\"2015:0093\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2015:0093)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated chromium-browser packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Chromium to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Chromium. (CVE-2014-7923, CVE-2014-7924, CVE-2014-7925,\nCVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929,\nCVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933,\nCVE-2014-7934, CVE-2014-7935, CVE-2014-7936, CVE-2014-7937,\nCVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941,\nCVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945,\nCVE-2014-7946, CVE-2014-7947, CVE-2014-7948)\n\nAll Chromium users should upgrade to these updated packages, which\ncontain Chromium version 40.0.2214.91, which corrects these issues.\nAfter installing the update, Chromium must be restarted for the\nchanges to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://googlechromereleases.blogspot.com/2015/01/stable-update.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0093\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7948\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7944\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7947\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7927\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7924\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7939\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7932\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0093\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-40.0.2214.91-1.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-40.0.2214.91-1.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-40.0.2214.91-1.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-40.0.2214.91-1.el6_6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T16:52:29", "references": ["http://www.nessus.org/u?5dc2ca63", "http://googlechromereleases.blogspot.nl"], "pluginID": "80898", "description": "Google Chrome Releases reports :\n\n62 security fixes in this release, including :\n\n- [430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.\n\n- [435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.\n\n- [434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer.\n\n- [422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.\n\n- [444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.\n\n- [435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.\n\n- [442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.\n\n- [442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.\n\n- [443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.\n\n- [429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG.\n\n- [427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin.\n\n- [427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.\n\n- [402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.\n\n- [428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.\n\n- [419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG.\n\n- [416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG.\n\n- [399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.\n\n- [433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.\n\n- [428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl.\n\n- [426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.\n\n- [422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.\n\n- [418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.\n\n- [414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.\n\n- [414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.\n\n- [430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.\n\n- [414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia.\n\n- [449894] CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives.\n\n- Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently 3.30.33.15).", "edition": 5, "reporter": "Tenable", "published": "2015-01-22T00:00:00", "title": "FreeBSD : chromium -- multiple vulnerabilities (e30e0c99-a1b7-11e4-b85c-00262d5ed8ee)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2014-7948", "CVE-2014-7940", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:chromium-pulse", "p-cpe:/a:freebsd:freebsd:chromium"], "id": "FREEBSD_PKG_E30E0C99A1B711E4B85C00262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80898", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80898);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:44\");\n\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7924\", \"CVE-2014-7925\", \"CVE-2014-7926\", \"CVE-2014-7927\", \"CVE-2014-7928\", \"CVE-2014-7929\", \"CVE-2014-7930\", \"CVE-2014-7931\", \"CVE-2014-7932\", \"CVE-2014-7933\", \"CVE-2014-7934\", \"CVE-2014-7935\", \"CVE-2014-7936\", \"CVE-2014-7937\", \"CVE-2014-7938\", \"CVE-2014-7939\", \"CVE-2014-7940\", \"CVE-2014-7941\", \"CVE-2014-7942\", \"CVE-2014-7943\", \"CVE-2014-7944\", \"CVE-2014-7945\", \"CVE-2014-7946\", \"CVE-2014-7947\", \"CVE-2014-7948\", \"CVE-2015-1205\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (e30e0c99-a1b7-11e4-b85c-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n62 security fixes in this release, including :\n\n- [430353] High CVE-2014-7923: Memory corruption in ICU. Credit to\nyangdingning.\n\n- [435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to\nCollin Payne.\n\n- [434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to\nmark.buer.\n\n- [422824] High CVE-2014-7926: Memory corruption in ICU. Credit to\nyangdingning.\n\n- [444695] High CVE-2014-7927: Memory corruption in V8. Credit to\nChristian Holler.\n\n- [435073] High CVE-2014-7928: Memory corruption in V8. Credit to\nChristian Holler.\n\n- [442806] High CVE-2014-7930: Use-after-free in DOM. Credit to\ncloudfuzzer.\n\n- [442710] High CVE-2014-7931: Memory corruption in V8. Credit to\ncloudfuzzer.\n\n- [443115] High CVE-2014-7929: Use-after-free in DOM. Credit to\ncloudfuzzer.\n\n- [429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte\nKettunen of OUSPG.\n\n- [427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to\naohelin.\n\n- [427249] High CVE-2014-7934: Use-after-free in DOM. Credit to\ncloudfuzzer.\n\n- [402957] High CVE-2014-7935: Use-after-free in Speech. Credit to\nKhalil Zhani.\n\n- [428561] High CVE-2014-7936: Use-after-free in Views. Credit to\nChristoph Diehl.\n\n- [419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to\nAtte Kettunen of OUSPG.\n\n- [416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to\nAtte Kettunen of OUSPG.\n\n- [399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to\nTakeshi Terada.\n\n- [433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to\nmiaubiz.\n\n- [428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to\nAtte Kettunen of OUSPG and Christoph Diehl.\n\n- [426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit\nto miaubiz.\n\n- [422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to\nAtte Kettunen of OUSPG.\n\n- [418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit\nto cloudfuzzer.\n\n- [414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit\nto cloudfuzzer.\n\n- [414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit\nto miaubiz.\n\n- [430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit\nto fuzztercluck.\n\n- [414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to\njiayaoqijia.\n\n- [449894] CVE-2015-1205: Various fixes from internal audits, fuzzing\nand other initiatives.\n\n- Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch\n(currently 3.30.33.15).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://googlechromereleases.blogspot.nl\"\n );\n # https://vuxml.freebsd.org/freebsd/e30e0c99-a1b7-11e4-b85c-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5dc2ca63\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<40.0.2214.91\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-pulse<40.0.2214.91\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:33", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=916841", "https://bugzilla.opensuse.org/show_bug.cgi?id=914468", "https://bugzilla.opensuse.org/show_bug.cgi?id=916843", "https://bugzilla.opensuse.org/show_bug.cgi?id=916838", "https://bugzilla.opensuse.org/show_bug.cgi?id=916840"], "pluginID": "81692", "description": "chromium was updated to version 40.0.2214.111 to fix 31 vulnerabilities.\n\nThese security issues were fixed :\n\n - CVE-2015-1209: Use-after-free in DOM (bnc#916841).\n\n - CVE-2015-1210: Cross-origin-bypass in V8 bindings (bnc#916843).\n\n - CVE-2015-1211: Privilege escalation using service workers (bnc#916838).\n\n - CVE-2015-1212: Various fixes from internal audits, fuzzing and other initiatives (bnc#916840).\n\n - CVE-2014-7923: Memory corruption in ICU (bnc#914468).\n\n - CVE-2014-7924: Use-after-free in IndexedDB (bnc#914468).\n\n - CVE-2014-7925: Use-after-free in WebAudio (bnc#914468).\n\n - CVE-2014-7926: Memory corruption in ICU (bnc#914468).\n\n - CVE-2014-7927: Memory corruption in V8 (bnc#914468).\n\n - CVE-2014-7928: Memory corruption in V8 (bnc#914468).\n\n - CVE-2014-7930: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7931: Memory corruption in V8 (bnc#914468).\n\n - CVE-2014-7929: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7932: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7933: Use-after-free in FFmpeg (bnc#914468).\n\n - CVE-2014-7934: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7935: Use-after-free in Speech (bnc#914468).\n\n - CVE-2014-7936: Use-after-free in Views (bnc#914468).\n\n - CVE-2014-7937: Use-after-free in FFmpeg (bnc#914468).\n\n - CVE-2014-7938: Memory corruption in Fonts (bnc#914468).\n\n - CVE-2014-7939: Same-origin-bypass in V8 (bnc#914468).\n\n - CVE-2014-7940: Uninitialized-value in ICU (bnc#914468).\n\n - CVE-2014-7941: Out-of-bounds read in UI (bnc#914468).\n\n - CVE-2014-7942: Uninitialized-value in Fonts (bnc#914468).\n\n - CVE-2014-7943: Out-of-bounds read in Skia\n\n - CVE-2014-7944: Out-of-bounds read in PDFium\n\n - CVE-2014-7945: Out-of-bounds read in PDFium\n\n - CVE-2014-7946: Out-of-bounds read in Fonts\n\n - CVE-2014-7947: Out-of-bounds read in PDFium\n\n - CVE-2014-7948: Caching error in AppCache\n\n - CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives\n\nThese non-security issues were fixed :\n\n - Fix using 'echo' command in chromium-browser.sh script", "edition": 4, "reporter": "Tenable", "published": "2015-03-09T00:00:00", "title": "openSUSE Security Update : chromium (openSUSE-2015-204)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2014-7948", "CVE-2014-7940", "CVE-2015-1210", "CVE-2014-7933", "CVE-2014-7932", "CVE-2015-1212", "CVE-2014-7941", "CVE-2014-7939", "CVE-2015-1209", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2015-1211", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2015-04-11T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "cpe:/o:novell:opensuse:13.1", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "p-cpe:/a:novell:opensuse:chromium-desktop-kde"], "id": "OPENSUSE-2015-204.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81692", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-204.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81692);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2015/04/11 15:46:02 $\");\n\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7924\", \"CVE-2014-7925\", \"CVE-2014-7926\", \"CVE-2014-7927\", \"CVE-2014-7928\", \"CVE-2014-7929\", \"CVE-2014-7930\", \"CVE-2014-7931\", \"CVE-2014-7932\", \"CVE-2014-7933\", \"CVE-2014-7934\", \"CVE-2014-7935\", \"CVE-2014-7936\", \"CVE-2014-7937\", \"CVE-2014-7938\", \"CVE-2014-7939\", \"CVE-2014-7940\", \"CVE-2014-7941\", \"CVE-2014-7942\", \"CVE-2014-7943\", \"CVE-2014-7944\", \"CVE-2014-7945\", \"CVE-2014-7946\", \"CVE-2014-7947\", \"CVE-2014-7948\", \"CVE-2015-1205\", \"CVE-2015-1209\", \"CVE-2015-1210\", \"CVE-2015-1211\", \"CVE-2015-1212\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2015-204)\");\n script_summary(english:\"Check for the openSUSE-2015-204 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"chromium was updated to version 40.0.2214.111 to fix 31\nvulnerabilities.\n\nThese security issues were fixed :\n\n - CVE-2015-1209: Use-after-free in DOM (bnc#916841).\n\n - CVE-2015-1210: Cross-origin-bypass in V8 bindings\n (bnc#916843).\n\n - CVE-2015-1211: Privilege escalation using service\n workers (bnc#916838).\n\n - CVE-2015-1212: Various fixes from internal audits,\n fuzzing and other initiatives (bnc#916840).\n\n - CVE-2014-7923: Memory corruption in ICU (bnc#914468).\n\n - CVE-2014-7924: Use-after-free in IndexedDB (bnc#914468).\n\n - CVE-2014-7925: Use-after-free in WebAudio (bnc#914468).\n\n - CVE-2014-7926: Memory corruption in ICU (bnc#914468).\n\n - CVE-2014-7927: Memory corruption in V8 (bnc#914468).\n\n - CVE-2014-7928: Memory corruption in V8 (bnc#914468).\n\n - CVE-2014-7930: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7931: Memory corruption in V8 (bnc#914468).\n\n - CVE-2014-7929: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7932: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7933: Use-after-free in FFmpeg (bnc#914468).\n\n - CVE-2014-7934: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7935: Use-after-free in Speech (bnc#914468).\n\n - CVE-2014-7936: Use-after-free in Views (bnc#914468).\n\n - CVE-2014-7937: Use-after-free in FFmpeg (bnc#914468).\n\n - CVE-2014-7938: Memory corruption in Fonts (bnc#914468).\n\n - CVE-2014-7939: Same-origin-bypass in V8 (bnc#914468).\n\n - CVE-2014-7940: Uninitialized-value in ICU (bnc#914468).\n\n - CVE-2014-7941: Out-of-bounds read in UI (bnc#914468).\n\n - CVE-2014-7942: Uninitialized-value in Fonts\n (bnc#914468).\n\n - CVE-2014-7943: Out-of-bounds read in Skia\n\n - CVE-2014-7944: Out-of-bounds read in PDFium\n\n - CVE-2014-7945: Out-of-bounds read in PDFium\n\n - CVE-2014-7946: Out-of-bounds read in Fonts\n\n - CVE-2014-7947: Out-of-bounds read in PDFium\n\n - CVE-2014-7948: Caching error in AppCache\n\n - CVE-2015-1205: Various fixes from internal audits,\n fuzzing and other initiatives\n\nThese non-security issues were fixed :\n\n - Fix using 'echo' command in chromium-browser.sh script\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=914468\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=916838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=916840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=916841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=916843\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-40.0.2214.111-68.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-debuginfo-40.0.2214.111-68.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-40.0.2214.111-68.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debuginfo-40.0.2214.111-68.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debugsource-40.0.2214.111-68.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-gnome-40.0.2214.111-68.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-kde-40.0.2214.111-68.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-40.0.2214.111-68.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-debuginfo-40.0.2214.111-68.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-40.0.2214.111-13.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-debuginfo-40.0.2214.111-13.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-40.0.2214.111-13.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debuginfo-40.0.2214.111-13.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debugsource-40.0.2214.111-13.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-gnome-40.0.2214.111-13.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-kde-40.0.2214.111-13.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-40.0.2214.111-13.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-debuginfo-40.0.2214.111-13.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:04:15", "references": ["http://googlechromereleases.blogspot.com/2015/01/stable-update.html"], "pluginID": "80951", "description": "The version of Google Chrome installed on the remote Windows host is a version prior to 40.0.2214.91. It is, therefore, affected by vulnerabilities in the following components :\n\n - AppCache\n - DOM\n - FFmpeg\n - Fonts\n - ICU\n - IndexedDB\n - PDFium\n - Skia\n - Speech\n - UI\n - V8\n - Views\n - WebAudio", "edition": 5, "reporter": "Tenable", "published": "2015-01-23T00:00:00", "title": "Google Chrome < 40.0.2214.91 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_40_0_2214_91.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80951", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80951);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\n\n script_cve_id(\n \"CVE-2014-7923\",\n \"CVE-2014-7924\",\n \"CVE-2014-7925\",\n \"CVE-2014-7926\",\n \"CVE-2014-7927\",\n \"CVE-2014-7928\",\n \"CVE-2014-7929\",\n \"CVE-2014-7930\",\n \"CVE-2014-7931\",\n \"CVE-2014-7932\",\n \"CVE-2014-7933\",\n \"CVE-2014-7934\",\n \"CVE-2014-7935\",\n \"CVE-2014-7936\",\n \"CVE-2014-7937\",\n \"CVE-2014-7938\",\n \"CVE-2014-7939\",\n \"CVE-2014-7940\",\n \"CVE-2014-7941\",\n \"CVE-2014-7942\",\n \"CVE-2014-7943\",\n \"CVE-2014-7944\",\n \"CVE-2014-7945\",\n \"CVE-2014-7946\",\n \"CVE-2014-7947\",\n \"CVE-2014-7948\",\n \"CVE-2015-1205\",\n \"CVE-2015-1346\",\n \"CVE-2015-1359\",\n \"CVE-2015-1360\"\n );\n script_bugtraq_id(72288, 72858, 73076, 73077);\n\n script_name(english:\"Google Chrome < 40.0.2214.91 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version number of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is a\nversion prior to 40.0.2214.91. It is, therefore, affected by\nvulnerabilities in the following components :\n\n - AppCache\n - DOM\n - FFmpeg\n - Fonts\n - ICU\n - IndexedDB\n - PDFium\n - Skia\n - Speech\n - UI\n - V8\n - Views\n - WebAudio\");\n script_set_attribute(attribute:\"see_also\", value:\"http://googlechromereleases.blogspot.com/2015/01/stable-update.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Google Chrome 40.0.2214.91 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'40.0.2214.91', severity:SECURITY_HOLE, xss:FALSE);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:06:26", "references": ["http://googlechromereleases.blogspot.com/2015/01/stable-update.html"], "pluginID": "80950", "description": "The version of Google Chrome installed on the remote Mac OS X host is a version prior to 40.0.2214.91. It is, therefore, affected by vulnerabilities in the following components :\n\n - AppCache\n - DOM\n - FFmpeg\n - Fonts\n - ICU\n - IndexedDB\n - PDFium\n - Skia\n - Speech\n - UI\n - V8\n - Views\n - WebAudio", "edition": 5, "reporter": "Tenable", "published": "2015-01-23T00:00:00", "title": "Google Chrome < 40.0.2214.91 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "MacOS X Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_40_0_2214_91.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80950", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80950);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2014-7923\",\n \"CVE-2014-7924\",\n \"CVE-2014-7925\",\n \"CVE-2014-7926\",\n \"CVE-2014-7927\",\n \"CVE-2014-7928\",\n \"CVE-2014-7929\",\n \"CVE-2014-7930\",\n \"CVE-2014-7931\",\n \"CVE-2014-7932\",\n \"CVE-2014-7933\",\n \"CVE-2014-7934\",\n \"CVE-2014-7935\",\n \"CVE-2014-7936\",\n \"CVE-2014-7937\",\n \"CVE-2014-7938\",\n \"CVE-2014-7939\",\n \"CVE-2014-7940\",\n \"CVE-2014-7941\",\n \"CVE-2014-7942\",\n \"CVE-2014-7943\",\n \"CVE-2014-7944\",\n \"CVE-2014-7945\",\n \"CVE-2014-7946\",\n \"CVE-2014-7947\",\n \"CVE-2014-7948\",\n \"CVE-2015-1205\",\n \"CVE-2015-1359\",\n \"CVE-2015-1360\"\n );\n script_bugtraq_id(72288, 73076, 73077);\n\n script_name(english:\"Google Chrome < 40.0.2214.91 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version number of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is\na version prior to 40.0.2214.91. It is, therefore, affected by\nvulnerabilities in the following components :\n\n - AppCache\n - DOM\n - FFmpeg\n - Fonts\n - ICU\n - IndexedDB\n - PDFium\n - Skia\n - Speech\n - UI\n - V8\n - Views\n - WebAudio\");\n script_set_attribute(attribute:\"see_also\", value:\"http://googlechromereleases.blogspot.com/2015/01/stable-update.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Google Chrome 40.0.2214.91 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'40.0.2214.91', severity:SECURITY_HOLE, xss:FALSE);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:58:42", "references": ["https://security.gentoo.org/glsa/201502-13"], "pluginID": "81396", "description": "The remote host is affected by the vulnerability described in GLSA-201502-13 (Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker may be able to cause a Denial of Service condition, gain privileges via a filesystem: URI, or have other unspecified impact.\n Workaround :\n\n There is no known workaround at this time.", "edition": 5, "reporter": "Tenable", "published": "2015-02-18T00:00:00", "title": "GLSA-201502-13 : Chromium: Multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-9646", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2015-1361", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2015-1210", "CVE-2015-1346", "CVE-2014-7933", "CVE-2014-7932", "CVE-2015-1212", "CVE-2014-9648", "CVE-2014-7941", "CVE-2014-7939", "CVE-2015-1209", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2015-1211", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-9647", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:chromium"], "id": "GENTOO_GLSA-201502-13.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81396", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201502-13.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81396);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7924\", \"CVE-2014-7925\", \"CVE-2014-7926\", \"CVE-2014-7927\", \"CVE-2014-7928\", \"CVE-2014-7929\", \"CVE-2014-7930\", \"CVE-2014-7931\", \"CVE-2014-7932\", \"CVE-2014-7933\", \"CVE-2014-7934\", \"CVE-2014-7935\", \"CVE-2014-7936\", \"CVE-2014-7937\", \"CVE-2014-7938\", \"CVE-2014-7939\", \"CVE-2014-7940\", \"CVE-2014-7941\", \"CVE-2014-7942\", \"CVE-2014-7943\", \"CVE-2014-7944\", \"CVE-2014-7945\", \"CVE-2014-7946\", \"CVE-2014-7947\", \"CVE-2014-7948\", \"CVE-2014-9646\", \"CVE-2014-9647\", \"CVE-2014-9648\", \"CVE-2015-1205\", \"CVE-2015-1209\", \"CVE-2015-1210\", \"CVE-2015-1211\", \"CVE-2015-1212\", \"CVE-2015-1346\", \"CVE-2015-1359\", \"CVE-2015-1360\", \"CVE-2015-1361\");\n script_xref(name:\"GLSA\", value:\"201502-13\");\n\n script_name(english:\"GLSA-201502-13 : Chromium: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201502-13\n(Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to cause a Denial of Service condition,\n gain privileges via a filesystem: URI, or have other unspecified impact.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201502-13\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-40.0.2214.111'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 40.0.2214.111\"), vulnerable:make_list(\"lt 40.0.2214.111\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:08:18", "references": [], "pluginID": "81296", "description": "A use-after-free bug was discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1209)\n\nIt was discovered that V8 did not properly consider frame access restrictions when throwing exceptions in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same origin restrictions.\n(CVE-2015-1210)\n\nIt was discovered that Chromium did not properly restrict the URI scheme during ServiceWorker registration. If a user were tricked in to downloading and opening a specially crafted HTML file, an attacker could potentially exploit this to bypass security restrictions.\n(CVE-2015-1211)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1212).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2015-02-11T00:00:00", "title": "Ubuntu 14.04 LTS / 14.10 : oxide-qt vulnerabilities (USN-2495-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1210", "CVE-2015-1212", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2018-08-03T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs", "p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra", "cpe:/o:canonical:ubuntu_linux:14.10", "p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2495-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81296", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2495-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81296);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/08/03 12:21:24\");\n\n script_cve_id(\"CVE-2015-1209\", \"CVE-2015-1210\", \"CVE-2015-1211\", \"CVE-2015-1212\");\n script_bugtraq_id(72497);\n script_xref(name:\"USN\", value:\"2495-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 14.10 : oxide-qt vulnerabilities (USN-2495-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free bug was discovered in the DOM implementation in\nBlink. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service via renderer crash or execute arbitrary code with the\nprivileges of the sandboxed render process. (CVE-2015-1209)\n\nIt was discovered that V8 did not properly consider frame access\nrestrictions when throwing exceptions in some circumstances. If a user\nwere tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to bypass same origin restrictions.\n(CVE-2015-1210)\n\nIt was discovered that Chromium did not properly restrict the URI\nscheme during ServiceWorker registration. If a user were tricked in to\ndownloading and opening a specially crafted HTML file, an attacker\ncould potentially exploit this to bypass security restrictions.\n(CVE-2015-1211)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2015-1212).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected liboxideqtcore0, oxideqt-codecs and / or\noxideqt-codecs-extra packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.4.3-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"oxideqt-codecs\", pkgver:\"1.4.3-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"oxideqt-codecs-extra\", pkgver:\"1.4.3-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"liboxideqtcore0\", pkgver:\"1.4.3-0ubuntu0.14.10.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"oxideqt-codecs\", pkgver:\"1.4.3-0ubuntu0.14.10.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"oxideqt-codecs-extra\", pkgver:\"1.4.3-0ubuntu0.14.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liboxideqtcore0 / oxideqt-codecs / oxideqt-codecs-extra\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T16:58:42", "references": ["https://access.redhat.com/security/cve/cve-2015-1210", "https://access.redhat.com/security/cve/cve-2015-1212", "https://access.redhat.com/errata/RHSA-2015:0163", "https://access.redhat.com/security/cve/cve-2015-1211", "https://access.redhat.com/security/cve/cve-2015-1209", "http://www.nessus.org/u?9661eacd"], "pluginID": "81290", "description": "Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. (CVE-2015-1209, CVE-2015-1210, CVE-2015-1211, CVE-2015-1212)\n\nAll Chromium users should upgrade to these updated packages, which contain Chromium version 40.0.2214.111, which corrects these issues.\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "edition": 8, "reporter": "Tenable", "published": "2015-02-11T00:00:00", "title": "RHEL 6 : chromium-browser (RHSA-2015:0163)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1210", "CVE-2015-1212", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "cpe:/o:redhat:enterprise_linux:6.6", "p-cpe:/a:redhat:enterprise_linux:chromium-browser", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2015-0163.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81290", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0163. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81290);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/10 11:49:54\");\n\n script_cve_id(\"CVE-2015-1209\", \"CVE-2015-1210\", \"CVE-2015-1211\", \"CVE-2015-1212\");\n script_bugtraq_id(72497);\n script_xref(name:\"RHSA\", value:\"2015:0163\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2015:0163)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated chromium-browser packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Chromium to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Chromium. (CVE-2015-1209, CVE-2015-1210, CVE-2015-1211,\nCVE-2015-1212)\n\nAll Chromium users should upgrade to these updated packages, which\ncontain Chromium version 40.0.2214.111, which corrects these issues.\nAfter installing the update, Chromium must be restarted for the\nchanges to take effect.\"\n );\n # http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9661eacd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1212\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1211\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1209\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0163\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-40.0.2214.111-1.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-40.0.2214.111-1.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-40.0.2214.111-1.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-40.0.2214.111-1.el6_6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T17:01:21", "references": ["http://googlechromereleases.blogspot.nl", "http://www.nessus.org/u?c1eb691a"], "pluginID": "81223", "description": "Chrome Releases reports :\n\n11 security fixes in this release, including :\n\n- [447906] High CVE-2015-1209: Use-after-free in DOM. Credit to Maksymillian.\n\n- [453979] High CVE-2015-1210: Cross-origin-bypass in V8 bindings.\nCredit to anonymous.\n\n- [453982] High CVE-2015-1211: Privilege escalation using service workers. Credit to anonymous.\n\n- [455225] CVE-2015-1212: Various fixes from internal audits, fuzzing and other initiatives.", "edition": 5, "reporter": "Tenable", "published": "2015-02-09T00:00:00", "title": "FreeBSD : chromium -- multiple vulnerabilities (a6eb239f-adbe-11e4-9fce-080027593b9a)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1210", "CVE-2015-1212", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:chromium-pulse", "p-cpe:/a:freebsd:freebsd:chromium"], "id": "FREEBSD_PKG_A6EB239FADBE11E49FCE080027593B9A.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81223", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81223);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:44\");\n\n script_cve_id(\"CVE-2015-1209\", \"CVE-2015-1210\", \"CVE-2015-1211\", \"CVE-2015-1212\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (a6eb239f-adbe-11e4-9fce-080027593b9a)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chrome Releases reports :\n\n11 security fixes in this release, including :\n\n- [447906] High CVE-2015-1209: Use-after-free in DOM. Credit to\nMaksymillian.\n\n- [453979] High CVE-2015-1210: Cross-origin-bypass in V8 bindings.\nCredit to anonymous.\n\n- [453982] High CVE-2015-1211: Privilege escalation using service\nworkers. Credit to anonymous.\n\n- [455225] CVE-2015-1212: Various fixes from internal audits, fuzzing\nand other initiatives.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://googlechromereleases.blogspot.nl\"\n );\n # https://vuxml.freebsd.org/freebsd/a6eb239f-adbe-11e4-9fce-080027593b9a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c1eb691a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<40.0.2214.111\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-pulse<40.0.2214.111\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:25", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7931", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7923", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7925", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7926", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-1205", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7943", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7948", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7930", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7932", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7927", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7937", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7929", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7938", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7940", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-1346", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7928", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7946", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7924", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7934", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7942", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7933"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "1.4.2-0ubuntu0.14.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "liboxideqtcore0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "1.4.2-0ubuntu0.14.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "oxideqt-codecs", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1.4.2-0ubuntu0.14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "oxideqt-codecs", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1.4.2-0ubuntu0.14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "oxideqt-codecs-extra", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1.4.2-0ubuntu0.14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "liboxideqtcore0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "1.4.2-0ubuntu0.14.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "oxideqt-codecs-extra", "operator": "lt"}], "description": "Several memory corruption bugs were discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7923, CVE-2014-7926)\n\nA use-after-free was discovered in the IndexedDB implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7924)\n\nA use-after free was discovered in the WebAudio implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7925)\n\nSeveral memory corruption bugs were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7927, CVE-2014-7928, CVE-2014-7931)\n\nSeveral use-after free bugs were discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7929, CVE-2014-7930, CVE-2014-7932, CVE-2014-7934)\n\nA use-after free was discovered in FFmpeg. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7933)\n\nMultiple off-by-one errors were discovered in FFmpeg. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7937)\n\nA memory corruption bug was discovered in the fonts implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7938)\n\nIt was discovered that ICU did not initialize memory for a data structure correctly. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7940)\n\nIt was discovered that the fonts implementation did not initialize memory for a data structure correctly. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7942)\n\nAn out-of-bounds read was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2014-7943)\n\nAn out-of-bounds read was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2014-7946)\n\nIt was discovered that the AppCache proceeded with caching for SSL sessions even if there is a certificate error. A remote attacker could potentially exploit this by conducting a MITM attack to modify HTML application content. (CVE-2014-7948)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1205)\n\nMultiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1346)", "edition": 3, "reporter": "Ubuntu", "published": "2015-01-26T00:00:00", "title": "Oxide vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7931", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7948", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2015-01-26T00:00:00", "id": "USN-2476-1", "href": "https://usn.ubuntu.com/2476-1/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:08:27", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2015-1211", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-1209", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-1212", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-1210"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "1.4.3-0ubuntu0.14.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "liboxideqtcore0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1.4.3-0ubuntu0.14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "liboxideqtcore0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "1.4.3-0ubuntu0.14.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "oxideqt-codecs-extra", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1.4.3-0ubuntu0.14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "oxideqt-codecs-extra", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "1.4.3-0ubuntu0.14.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "oxideqt-codecs", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1.4.3-0ubuntu0.14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "oxideqt-codecs", "operator": "lt"}], "description": "A use-after-free bug was discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1209)\n\nIt was discovered that V8 did not properly consider frame access restrictions when throwing exceptions in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same origin restrictions. (CVE-2015-1210)\n\nIt was discovered that Chromium did not properly restrict the URI scheme during ServiceWorker registration. If a user were tricked in to downloading and opening a specially crafted HTML file, an attacker could potentially exploit this to bypass security restrictions. (CVE-2015-1211)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1212)", "edition": 3, "reporter": "Ubuntu", "published": "2015-02-10T00:00:00", "title": "Oxide vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-1210", "CVE-2015-1212", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2015-02-10T00:00:00", "id": "USN-2495-1", "href": "https://usn.ubuntu.com/2495-1/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:09:45", "references": ["https://launchpad.net/bugs/1429043", "https://usn.ubuntu.com/usn/usn-2522-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "4.8.1.1-3ubuntu0.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libicu48", "operator": "lt"}], "description": "USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have been temporarily backed out until the regression is investigated.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-6585, CVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory operations when processing regular expressions. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7940)", "edition": 3, "reporter": "Ubuntu", "published": "2015-03-06T00:00:00", "title": "ICU regression", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-03-06T00:00:00", "id": "USN-2522-2", "href": "https://usn.ubuntu.com/2522-2/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:23", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9654", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7923", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7926", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-6585", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-6591", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-2383", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-2384", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-1569", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7940", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-2419"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "4.8.1.1-3ubuntu0.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libicu48", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "52.1-3ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libicu52", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "52.1-6ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libicu52", "operator": "lt"}], "description": "It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-6585, CVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory operations when processing regular expressions. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7940)", "edition": 3, "reporter": "Ubuntu", "published": "2015-03-05T00:00:00", "title": "ICU vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-03-05T00:00:00", "id": "USN-2522-1", "href": "https://usn.ubuntu.com/2522-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:55", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-6585", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-6591", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-2383", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-2384", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-1569", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-2419", "https://usn.ubuntu.com/usn/usn-2522-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "4.8.1.1-3ubuntu0.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libicu48", "operator": "lt"}], "description": "USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have now been updated to fix the regression.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419)\n\nIt was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-6585, CVE-2014-6591)\n\nIt was discovered that ICU incorrectly handled memory operations when processing regular expressions. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)\n\nIt was discovered that ICU collator implementation incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7940)", "edition": 3, "reporter": "Ubuntu", "published": "2015-03-10T00:00:00", "title": "ICU vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-03-10T00:00:00", "id": "USN-2522-3", "href": "https://usn.ubuntu.com/2522-3/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-09-01T23:52:26", "references": ["http://www.ubuntu.com/usn/usn-2476-1/", "2476-1"], "pluginID": "1361412562310842073", "description": "Check the version of oxide-qt", "edition": 7, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-27T00:00:00", "title": "Ubuntu Update for oxide-qt USN-2476-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7931", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7948", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-08-17T00:00:00", "id": "OPENVAS:1361412562310842073", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842073", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for oxide-qt USN-2476-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842073\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-27 05:50:26 +0100 (Tue, 27 Jan 2015)\");\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7926\", \"CVE-2014-7924\", \"CVE-2014-7925\",\n \"CVE-2014-7927\", \"CVE-2014-7928\", \"CVE-2014-7931\", \"CVE-2014-7929\",\n \"CVE-2014-7930\", \"CVE-2014-7932\", \"CVE-2014-7934\", \"CVE-2014-7933\",\n \"CVE-2014-7937\", \"CVE-2014-7938\", \"CVE-2014-7940\", \"CVE-2014-7942\",\n \"CVE-2014-7943\", \"CVE-2014-7946\", \"CVE-2014-7948\", \"CVE-2015-1205\",\n \"CVE-2015-1346\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for oxide-qt USN-2476-1\");\n script_tag(name:\"summary\", value:\"Check the version of oxide-qt\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Several memory corruption bugs were discovered\nin ICU. If a user were tricked in to opening a specially crafted website, an\nattacker could potentially exploit these to cause a denial of service via renderer\ncrash or execute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-7923, CVE-2014-7926)\n\nA use-after-free was discovered in the IndexedDB implementation. If a user\nwere tricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash or execute arbitrary code with the privileges of the user invoking\nthe program. (CVE-2014-7924)\n\nA use-after free was discovered in the WebAudio implementation in Blink.\nIf a user were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to cause a denial of service via\nrenderer crash or execute arbitrary code with the privileges of the\nsandboxed render process. (CVE-2014-7925)\n\nSeveral memory corruption bugs were discovered in V8. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service via renderer crash\nor execute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-7927, CVE-2014-7928, CVE-2014-7931)\n\nSeveral use-after free bugs were discovered in the DOM implementation in\nBlink. If a user were tricked in to opening a specially crafted website,\nan attacker could potentially exploit these to cause a denial of service\nvia renderer crash or execute arbitrary code with the privileges of the\nsandboxed render process. (CVE-2014-7929, CVE-2014-7930, CVE-2014-7932,\nCVE-2014-7934)\n\nA use-after free was discovered in FFmpeg. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash or execute arbitrary\ncode with the privileges of the sandboxed render process. (CVE-2014-7933)\n\nMultiple off-by-one errors were discovered in FFmpeg. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via renderer crash\nor execute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-7937)\n\nA memory corruption bug was discovered in the fonts implementation. If a\nuser were tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to cause a denial of service via renderer\ncrash or execute arbitrary code with the privileges of the sandboxed\nrender process. (CVE-2014-7938)\n\nIt w ..\n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name:\"affected\", value:\"oxide-qt on Ubuntu 14.10,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2476-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2476-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.4.2-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.4.2-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:i386\", ver:\"1.4.2-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:amd64\", ver:\"1.4.2-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:i386\", ver:\"1.4.2-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:amd64\", ver:\"1.4.2-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.4.2-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.4.2-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:i386\", ver:\"1.4.2-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:amd64\", ver:\"1.4.2-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:i386\", ver:\"1.4.2-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:amd64\", ver:\"1.4.2-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-12T12:45:12", "references": ["2015:0441_1"], "pluginID": "1361412562310850639", "description": "Check the version of chromium", "edition": 7, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-03-06T00:00:00", "title": "SuSE Update for chromium openSUSE-SU-2015:0441-1 (chromium)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2014-7948", "CVE-2014-7940", "CVE-2015-1210", "CVE-2014-7933", "CVE-2014-7932", "CVE-2015-1212", "CVE-2014-7941", "CVE-2014-7939", "CVE-2015-1209", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2015-1211", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-11-09T00:00:00", "id": "OPENVAS:1361412562310850639", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850639", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2015_0441_1.nasl 12284 2018-11-09 12:37:21Z cfischer $\n#\n# SuSE Update for chromium openSUSE-SU-2015:0441-1 (chromium)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850639\");\n script_version(\"$Revision: 12284 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-09 13:37:21 +0100 (Fri, 09 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-06 14:17:10 +0100 (Fri, 06 Mar 2015)\");\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7924\", \"CVE-2014-7925\", \"CVE-2014-7926\", \"CVE-2014-7927\", \"CVE-2014-7928\", \"CVE-2014-7929\", \"CVE-2014-7930\", \"CVE-2014-7931\", \"CVE-2014-7932\", \"CVE-2014-7933\", \"CVE-2014-7934\", \"CVE-2014-7935\", \"CVE-2014-7936\", \"CVE-2014-7937\", \"CVE-2014-7938\", \"CVE-2014-7939\", \"CVE-2014-7940\", \"CVE-2014-7941\", \"CVE-2014-7942\", \"CVE-2014-7943\", \"CVE-2014-7944\", \"CVE-2014-7945\", \"CVE-2014-7946\", \"CVE-2014-7947\", \"CVE-2014-7948\", \"CVE-2015-1205\", \"CVE-2015-1209\", \"CVE-2015-1210\", \"CVE-2015-1211\", \"CVE-2015-1212\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for chromium openSUSE-SU-2015:0441-1 (chromium)\");\n script_tag(name:\"summary\", value:\"Check the version of chromium\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"chromium was updated to version 40.0.2214.111 to fix 31 vulnerabilities.\n\n These security issues were fixed:\n\n - CVE-2015-1209: Use-after-free in DOM (bnc#916841).\n\n - CVE-2015-1210: Cross-origin-bypass in V8 bindings (bnc#916843).\n\n - CVE-2015-1211: Privilege escalation using service workers (bnc#916838).\n\n - CVE-2015-1212: Various fixes from internal audits, fuzzing and other\n initiatives (bnc#916840).\n\n - CVE-2014-7923: Memory corruption in ICU (bnc#914468).\n\n - CVE-2014-7924: Use-after-free in IndexedDB (bnc#914468).\n\n - CVE-2014-7925: Use-after-free in WebAudio (bnc#914468).\n\n - CVE-2014-7926: Memory corruption in ICU (bnc#914468).\n\n - CVE-2014-7927: Memory corruption in V8 (bnc#914468).\n\n - CVE-2014-7928: Memory corruption in V8 (bnc#914468).\n\n - CVE-2014-7930: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7931: Memory corruption in V8 (bnc#914468).\n\n - CVE-2014-7929: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7932: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7933: Use-after-free in FFmpeg (bnc#914468).\n\n - CVE-2014-7934: Use-after-free in DOM (bnc#914468).\n\n - CVE-2014-7935: Use-after-free in Speech (bnc#914468).\n\n - CVE-2014-7936: Use-after-free in Views (bnc#914468).\n\n - CVE-2014-7937: Use-after-free in FFmpeg (bnc#914468).\n\n - CVE-2014-7938: Memory corruption in Fonts (bnc#914468).\n\n - CVE-2014-7939: Same-origin-bypass in V8 (bnc#914468).\n\n - CVE-2014-7940: Uninitialized-value in ICU (bnc#914468).\n\n - CVE-2014-7941: Out-of-bounds read in UI (bnc#914468).\n\n - CVE-2014-7942: Uninitialized-value in Fonts (bnc#914468).\n\n - CVE-2014-7943: Out-of-bounds read in Skia\n\n - CVE-2014-7944: Out-of-bounds read in PDFium\n\n - CVE-2014-7945: Out-of-bounds read in PDFium\n\n - CVE-2014-7946: Out-of-bounds read in Fonts\n\n - CVE-2014-7947: Out-of-bounds read in PDFium\n\n - CVE-2014-7948: Caching error in AppCache\n\n - CVE-2015-1205: Various fixes from internal audits, fuzzing and other\n initiatives\n\n These non-security issues were fixed:\n\n - Fix using 'echo' command in chromium-browser.sh script\");\n script_tag(name:\"affected\", value:\"chromium on openSUSE 13.1\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:0441_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~40.0.2214.111~68.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~40.0.2214.111~68.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~40.0.2214.111~68.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~40.0.2214.111~68.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~40.0.2214.111~68.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-gnome\", rpm:\"chromium-desktop-gnome~40.0.2214.111~68.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-desktop-kde\", rpm:\"chromium-desktop-kde~40.0.2214.111~68.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo\", rpm:\"chromium-ffmpegsumo~40.0.2214.111~68.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-ffmpegsumo-debuginfo\", rpm:\"chromium-ffmpegsumo-debuginfo~40.0.2214.111~68.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:38:11", "references": ["http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.in/2015/01/stable-update.html", "https://code.google.com/p/chromium/issues/detail?id=380663", "http://www.google.com/chrome"], "pluginID": "1361412562310805421", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "edition": 9, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-27T00:00:00", "title": "Google Chrome Multiple Vulnerabilities -02 Jan15 (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-9646", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2015-1361", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-9654", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-9648", "CVE-2015-1248", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-9647", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805421", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_jan15_win.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities -02 Jan15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805421\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2015-1346\", \"CVE-2015-1205\", \"CVE-2014-7948\", \"CVE-2014-7947\",\n \"CVE-2014-7946\", \"CVE-2014-7945\", \"CVE-2014-7944\", \"CVE-2014-7943\",\n \"CVE-2014-7942\", \"CVE-2014-7941\", \"CVE-2014-7940\", \"CVE-2014-7939\",\n \"CVE-2014-7938\", \"CVE-2014-7937\", \"CVE-2014-7936\", \"CVE-2014-7935\",\n \"CVE-2014-7934\", \"CVE-2014-7933\", \"CVE-2014-7932\", \"CVE-2014-7931\",\n \"CVE-2014-7930\", \"CVE-2014-7929\", \"CVE-2014-7928\", \"CVE-2014-7927\",\n \"CVE-2014-7926\", \"CVE-2014-7925\", \"CVE-2014-7924\", \"CVE-2014-7923\",\n \"CVE-2014-9648\", \"CVE-2014-9647\", \"CVE-2014-9646\", \"CVE-2015-1361\",\n \"CVE-2015-1360\", \"CVE-2015-1359\", \"CVE-2015-1248\", \"CVE-2014-9654\");\n script_bugtraq_id(72288);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-27 17:11:51 +0530 (Tue, 27 Jan 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities -02 Jan15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For more details\n about the vulnerabilities, refer the reference section.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service attack, man-in-the-middle attack, bypass\n certain security restrictions and compromise a user's system, bypass the\n SafeBrowsing or possibly have unspecified other impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 40.0.2214.91 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 40.0.2214.91 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62383\");\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=380663\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2015/01/stable-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nchr_ver = infos['version'];\nchrPath = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"40.0.2214.91\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"40.0.2214.91\", install_path:chrPath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:39:36", "references": ["http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.in/2015/01/stable-update.html", "https://code.google.com/p/chromium/issues/detail?id=380663", "http://www.google.com/chrome"], "pluginID": "1361412562310805423", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "edition": 7, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-27T00:00:00", "title": "Google Chrome Multiple Vulnerabilities -02 Jan15 (Linux)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-9646", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2015-1361", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-9654", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-9648", "CVE-2015-1248", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-9647", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805423", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805423", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_jan15_lin.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities -02 Jan15 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805423\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2015-1346\", \"CVE-2015-1205\", \"CVE-2014-7948\", \"CVE-2014-7947\",\n \"CVE-2014-7946\", \"CVE-2014-7945\", \"CVE-2014-7944\", \"CVE-2014-7943\",\n \"CVE-2014-7942\", \"CVE-2014-7941\", \"CVE-2014-7940\", \"CVE-2014-7939\",\n \"CVE-2014-7938\", \"CVE-2014-7937\", \"CVE-2014-7936\", \"CVE-2014-7935\",\n \"CVE-2014-7934\", \"CVE-2014-7933\", \"CVE-2014-7932\", \"CVE-2014-7931\",\n \"CVE-2014-7930\", \"CVE-2014-7929\", \"CVE-2014-7928\", \"CVE-2014-7927\",\n \"CVE-2014-7926\", \"CVE-2014-7925\", \"CVE-2014-7924\", \"CVE-2014-7923\",\n \"CVE-2014-9648\", \"CVE-2014-9647\", \"CVE-2014-9646\", \"CVE-2015-1361\",\n \"CVE-2015-1360\", \"CVE-2015-1359\", \"CVE-2015-1248\", \"CVE-2014-9654\");\n script_bugtraq_id(72288);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-27 17:11:51 +0530 (Tue, 27 Jan 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities -02 Jan15 (Linux)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For more details\n about the vulnerabilities, refer the reference section.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service attack, man-in-the-middle attack, bypass\n certain security restrictions and compromise a user's system, bypass the\n SafeBrowsing or possibly have unspecified other impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 40.0.2214.91 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 40.0.2214.91 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62383\");\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=380663\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2015/01/stable-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nchr_ver = infos['version'];\nchrPath = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"40.0.2214.91\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"40.0.2214.91\", install_path:chrPath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:38:05", "references": ["http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.in/2015/01/stable-update.html", "https://code.google.com/p/chromium/issues/detail?id=380663", "http://www.google.com/chrome"], "pluginID": "1361412562310805422", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-27T00:00:00", "title": "Google Chrome Multiple Vulnerabilities -02 Jan15 (Mac OS X)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-9646", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2015-1361", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-9654", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-9648", "CVE-2015-1248", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-9647", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805422", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805422", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln02_jan15_macosx.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities -02 Jan15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805422\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2015-1346\", \"CVE-2015-1205\", \"CVE-2014-7948\", \"CVE-2014-7947\",\n \"CVE-2014-7946\", \"CVE-2014-7945\", \"CVE-2014-7944\", \"CVE-2014-7943\",\n \"CVE-2014-7942\", \"CVE-2014-7941\", \"CVE-2014-7940\", \"CVE-2014-7939\",\n \"CVE-2014-7938\", \"CVE-2014-7937\", \"CVE-2014-7936\", \"CVE-2014-7935\",\n \"CVE-2014-7934\", \"CVE-2014-7933\", \"CVE-2014-7932\", \"CVE-2014-7931\",\n \"CVE-2014-7930\", \"CVE-2014-7929\", \"CVE-2014-7928\", \"CVE-2014-7927\",\n \"CVE-2014-7926\", \"CVE-2014-7925\", \"CVE-2014-7924\", \"CVE-2014-7923\",\n \"CVE-2014-9648\", \"CVE-2014-9647\", \"CVE-2014-9646\", \"CVE-2015-1361\",\n \"CVE-2015-1360\", \"CVE-2015-1359\", \"CVE-2015-1248\", \"CVE-2014-9654\");\n script_bugtraq_id(72288);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-27 17:11:51 +0530 (Tue, 27 Jan 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities -02 Jan15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For more details\n about the vulnerabilities, refer the reference section.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service attack, man-in-the-middle attack, bypass\n certain security restrictions and compromise a user's system, bypass the\n SafeBrowsing or possibly have unspecified other impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 40.0.2214.91 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 40.0.2214.91 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62383\");\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=380663\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2015/01/stable-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nchr_ver = infos['version'];\nchrPath = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"40.0.2214.91\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"40.0.2214.91\", install_path:chrPath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-29T12:40:21", "references": ["https://security.gentoo.org/glsa/201502-13"], "pluginID": "1361412562310121352", "description": "Gentoo Linux Local Security Checks GLSA 201502-13", "edition": 7, "reporter": "Eero Volotinen", "published": "2015-09-29T00:00:00", "title": "Gentoo Security Advisory GLSA 201502-13", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7923", "CVE-2014-9646", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2015-1361", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2015-1210", "CVE-2015-1346", "CVE-2014-7933", "CVE-2014-7932", "CVE-2015-1212", "CVE-2014-9648", "CVE-2014-7941", "CVE-2014-7939", "CVE-2015-1209", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2015-1211", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-9647", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121352", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121352", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201502-13.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121352\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:34 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201502-13\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201502-13\");\n script_cve_id(\"CVE-2014-7923\", \"CVE-2014-7924\", \"CVE-2014-7925\", \"CVE-2014-7926\", \"CVE-2014-7927\", \"CVE-2014-7928\", \"CVE-2014-7929\", \"CVE-2014-7930\", \"CVE-2014-7931\", \"CVE-2014-7932\", \"CVE-2014-7933\", \"CVE-2014-7934\", \"CVE-2014-7935\", \"CVE-2014-7936\", \"CVE-2014-7937\", \"CVE-2014-7938\", \"CVE-2014-7939\", \"CVE-2014-7940\", \"CVE-2014-7941\", \"CVE-2014-7942\", \"CVE-2014-7943\", \"CVE-2014-7944\", \"CVE-2014-7945\", \"CVE-2014-7946\", \"CVE-2014-7947\", \"CVE-2014-7948\", \"CVE-2014-9646\", \"CVE-2014-9647\", \"CVE-2014-9648\", \"CVE-2015-1205\", \"CVE-2015-1209\", \"CVE-2015-1210\", \"CVE-2015-1211\", \"CVE-2015-1212\", \"CVE-2015-1346\", \"CVE-2015-1359\", \"CVE-2015-1360\", \"CVE-2015-1361\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201502-13\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 40.0.2214.111\"), vulnerable: make_list(\"lt 40.0.2214.111\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:39:23", "references": ["http://googlechromereleases.blogspot.in/2015/02/stable-update.html", "http://www.google.com/chrome"], "pluginID": "1361412562310805449", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "edition": 6, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-02-10T00:00:00", "title": "Google Chrome Multiple Vulnerabilities-01 Feb15 (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1210", "CVE-2015-1212", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805449", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805449", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln01_feb15_win.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities-01 Feb15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805449\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2015-1212\", \"CVE-2015-1211\", \"CVE-2015-1210\", \"CVE-2015-1209\");\n script_bugtraq_id(72497);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-02-10 18:10:13 +0530 (Tue, 10 Feb 2015)\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_name(\"Google Chrome Multiple Vulnerabilities-01 Feb15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple unspecified vulnerabilities in Google Chrome.\n\n - The 'OriginCanAccessServiceWorkers' function in\n content/browser/service_worker/service_worker_dispatcher_host.cc script\n does not properly restrict the URI scheme during a ServiceWorker\n registration.\n\n - The 'V8ThrowException::createDOMException' function in\n bindings/core/v8/V8ThrowException.cpp script in the V8 bindings in Blink\n does not properly consider frame access restrictions during the throwing\n of an exception.\n\n - A use-after-free flaw in the 'VisibleSelection::nonBoundaryShadowTreeRootNode'\n function in editing/VisibleSelection.cpp script is triggered when a selection's\n anchor is a shadow root\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers gain elevated privileges, bypass cross-origin policies, to cause a\n denial of service or possibly have unspecified other impact via different\n crafted dimensions.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 40.0.2214.111 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 40.0.2214.111 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2015/02/stable-update.html\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"40.0.2214.111\"))\n{\n report = 'Installed version: ' + chromeVer + '\\n' +\n 'Fixed version: 40.0.2214.111' + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:40:08", "references": ["http://googlechromereleases.blogspot.in/2015/02/stable-update.html", "http://www.google.com/chrome"], "pluginID": "1361412562310805456", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "edition": 7, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-02T00:00:00", "title": "Google Chrome Multiple Vulnerabilities-01 Feb15 (Mac OS X)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1210", "CVE-2015-1212", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805456", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805456", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln01_feb15_macosx.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities-01 Feb15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805456\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2015-1212\", \"CVE-2015-1211\", \"CVE-2015-1210\", \"CVE-2015-1209\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-02 12:58:34 +0530 (Fri, 02 Jan 2015)\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_name(\"Google Chrome Multiple Vulnerabilities-01 Feb15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple unspecified vulnerabilities in Google Chrome.\n\n - The 'OriginCanAccessServiceWorkers' function in\n content/browser/service_worker/service_worker_dispatcher_host.cc script\n does not properly restrict the URI scheme during a ServiceWorker registration.\n\n - The 'V8ThrowException::createDOMException' function in\n bindings/core/v8/V8ThrowException.cpp script in the V8 bindings in Blink does\n not properly consider frame access restrictions during the throwing of an\n exception.\n\n - A use-after-free flaw in the 'VisibleSelection::nonBoundaryShadowTreeRootNode'\n function in editing/VisibleSelection.cpp script is triggered when a selection's\n anchor is a shadow root.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers gain elevated privileges, bypass cross-origin policies, to cause a\n denial of service or possibly have unspecified other impact via different\n crafted dimensions.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 40.0.2214.111 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 40.0.2214.111 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2015/02/stable-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"40.0.2214.111\"))\n{\n report = 'Installed version: ' + chromeVer + '\\n' +\n 'Fixed version: 40.0.2214.111' + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:38:03", "references": ["http://googlechromereleases.blogspot.in/2015/02/stable-update.html", "http://www.google.com/chrome"], "pluginID": "1361412562310805450", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-02-10T00:00:00", "title": "Google Chrome Multiple Vulnerabilities-01 Feb15 (Linux)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1210", "CVE-2015-1212", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805450", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805450", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln01_feb15_lin.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities-01 Feb15 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805450\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2015-1212\", \"CVE-2015-1211\", \"CVE-2015-1210\", \"CVE-2015-1209\");\n script_bugtraq_id(72497);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-02-10 18:17:50 +0530 (Tue, 10 Feb 2015)\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_name(\"Google Chrome Multiple Vulnerabilities-01 Feb15 (Linux)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple unspecified vulnerabilities in Google Chrome.\n\n - The 'OriginCanAccessServiceWorkers' function in\n content/browser/service_worker/service_worker_dispatcher_host.cc script\n does not properly restrict the URI scheme during a ServiceWorker registration.\n\n - The 'V8ThrowException::createDOMException' function in\n bindings/core/v8/V8ThrowException.cpp script in the V8 bindings in Blink does\n not properly consider frame access restrictions during the throwing of an\n exception.\n\n - A use-after-free flaw in the 'VisibleSelection::nonBoundaryShadowTreeRootNode'\n function in editing/VisibleSelection.cpp script is triggered when a selection's\n anchor is a shadow root\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers gain elevated privileges, bypass cross-origin policies, to cause a\n denial of service or possibly have unspecified other impact via different\n crafted dimensions.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 40.0.2214.111 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 40.0.2214.111 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2015/02/stable-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"40.0.2214.112\"))\n{\n report = 'Installed version: ' + chromeVer + '\\n' +\n 'Fixed version: 40.0.2214.111' + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:49:04", "references": ["2495-1", "http://www.ubuntu.com/usn/usn-2495-1/"], "pluginID": "1361412562310842090", "description": "Check the version of oxide-qt", "edition": 8, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-02-11T00:00:00", "title": "Ubuntu Update for oxide-qt USN-2495-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1210", "CVE-2015-1212", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2018-08-17T00:00:00", "id": "OPENVAS:1361412562310842090", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842090", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for oxide-qt USN-2495-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842090\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-02-11 05:39:51 +0100 (Wed, 11 Feb 2015)\");\n script_cve_id(\"CVE-2015-1209\", \"CVE-2015-1210\", \"CVE-2015-1211\", \"CVE-2015-1212\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for oxide-qt USN-2495-1\");\n script_tag(name:\"summary\", value:\"Check the version of oxide-qt\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A use-after-free bug was discovered in the\nDOM implementation in Blink. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to cause a denial of\nservice via renderer crash or execute arbitrary code with the privileges of the\nsandboxed render process. (CVE-2015-1209)\n\nIt was discovered that V8 did not properly consider frame access\nrestrictions when throwing exceptions in some circumstances. If a user\nwere tricked in to opening a specially crafted website, an attacker could\npotentially exploit this to bypass same origin restrictions.\n(CVE-2015-1210)\n\nIt was discovered that Chromium did not properly restrict the URI scheme\nduring ServiceWorker registration. If a user were tricked in to\ndownloading and opening a specially crafted HTML file, an attacker could\npotentially exploit this to bypass security restrictions. (CVE-2015-1211)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2015-1212)\");\n script_tag(name:\"affected\", value:\"oxide-qt on Ubuntu 14.10,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2495-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2495-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.4.3-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.4.3-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:amd64\", ver:\"1.4.3-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:i386\", ver:\"1.4.3-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:amd64\", ver:\"1.4.3-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:i386\", ver:\"1.4.3-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.4.3-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.4.3-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:amd64\", ver:\"1.4.3-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:i386\", ver:\"1.4.3-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:amd64\", ver:\"1.4.3-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:i386\", ver:\"1.4.3-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-06-07T05:57:28", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "40.0.2214.91-1.el6_6", "arch": "i686", "packageName": "chromium-browser-debuginfo", "packageFilename": "chromium-browser-debuginfo-40.0.2214.91-1.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "40.0.2214.91-1.el6_6", "arch": "src", "packageName": "chromium-browser", "packageFilename": "chromium-browser-40.0.2214.91-1.el6_6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "40.0.2214.91-1.el6_6", "arch": "x86_64", "packageName": "chromium-browser-debuginfo", "packageFilename": "chromium-browser-debuginfo-40.0.2214.91-1.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "40.0.2214.91-1.el6_6", "arch": "i686", "packageName": "chromium-browser", "packageFilename": "chromium-browser-40.0.2214.91-1.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "40.0.2214.91-1.el6_6", "arch": "x86_64", "packageName": "chromium-browser", "packageFilename": "chromium-browser-40.0.2214.91-1.el6_6.x86_64.rpm", "operator": "lt"}], "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Chromium to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nChromium. (CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926,\nCVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931,\nCVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7935, CVE-2014-7936,\nCVE-2014-7937, CVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941,\nCVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945, CVE-2014-7946,\nCVE-2014-7947, CVE-2014-7948)\n\nAll Chromium users should upgrade to these updated packages, which contain\nChromium version 40.0.2214.91, which corrects these issues. After\ninstalling the update, Chromium must be restarted for the changes to take\neffect.\n", "reporter": "RedHat", "published": "2015-01-27T05:00:00", "type": "redhat", "title": "(RHSA-2015:0093) Important: chromium-browser security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7923", "CVE-2014-7924", "CVE-2014-7925", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7928", "CVE-2014-7929", "CVE-2014-7930", "CVE-2014-7931", "CVE-2014-7932", "CVE-2014-7933", "CVE-2014-7934", "CVE-2014-7935", "CVE-2014-7936", "CVE-2014-7937", "CVE-2014-7938", "CVE-2014-7939", "CVE-2014-7940", "CVE-2014-7941", "CVE-2014-7942", "CVE-2014-7943", "CVE-2014-7944", "CVE-2014-7945", "CVE-2014-7946", "CVE-2014-7947", "CVE-2014-7948"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T09:04:29", "id": "RHSA-2015:0093", "href": "https://access.redhat.com/errata/RHSA-2015:0093", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-06-13T00:00:52", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "40.0.2214.111-1.el6_6", "arch": "i686", "packageName": "chromium-browser-debuginfo", "packageFilename": "chromium-browser-debuginfo-40.0.2214.111-1.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "40.0.2214.111-1.el6_6", "arch": "src", "packageName": "chromium-browser", "packageFilename": "chromium-browser-40.0.2214.111-1.el6_6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "40.0.2214.111-1.el6_6", "arch": "x86_64", "packageName": "chromium-browser-debuginfo", "packageFilename": "chromium-browser-debuginfo-40.0.2214.111-1.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "40.0.2214.111-1.el6_6", "arch": "i686", "packageName": "chromium-browser", "packageFilename": "chromium-browser-40.0.2214.111-1.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "40.0.2214.111-1.el6_6", "arch": "x86_64", "packageName": "chromium-browser", "packageFilename": "chromium-browser-40.0.2214.111-1.el6_6.x86_64.rpm", "operator": "lt"}], "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Chromium to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nChromium. (CVE-2015-1209, CVE-2015-1210, CVE-2015-1211, CVE-2015-1212)\n\nAll Chromium users should upgrade to these updated packages, which contain\nChromium version 40.0.2214.111, which corrects these issues. After\ninstalling the update, Chromium must be restarted for the changes to take\neffect.\n", "reporter": "RedHat", "published": "2015-02-10T05:00:00", "type": "redhat", "title": "(RHSA-2015:0163) Important: chromium-browser security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-1209", "CVE-2015-1210", "CVE-2015-1211", "CVE-2015-1212"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T09:04:33", "id": "RHSA-2015:0163", "href": "https://access.redhat.com/errata/RHSA-2015:0163", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:45", "references": ["http://googlechromereleases.blogspot.nl"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "40.0.2214.91", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "chromium", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "40.0.2214.91", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "chromium-pulse", "operator": "lt"}], "description": "\nGoogle Chrome Releases reports:\n\n62 security fixes in this release, including:\n\n[430353] High CVE-2014-7923: Memory corruption in ICU. Credit\n\t to yangdingning.\n[435880] High CVE-2014-7924: Use-after-free in IndexedDB.\n\t Credit to Collin Payne.\n[434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit\n\t to mark.buer.\n[422824] High CVE-2014-7926: Memory corruption in ICU. Credit\n\t to yangdingning.\n[444695] High CVE-2014-7927: Memory corruption in V8. Credit to\n\t Christian Holler.\n[435073] High CVE-2014-7928: Memory corruption in V8. Credit to\n\t Christian Holler.\n[442806] High CVE-2014-7930: Use-after-free in DOM. Credit to\n\t cloudfuzzer.\n[442710] High CVE-2014-7931: Memory corruption in V8. Credit to\n\t cloudfuzzer.\n[443115] High CVE-2014-7929: Use-after-free in DOM. Credit to\n\t cloudfuzzer.\n[429666] High CVE-2014-7932: Use-after-free in DOM. Credit to\n\t Atte Kettunen of OUSPG.\n[427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit\n\t to aohelin.\n[427249] High CVE-2014-7934: Use-after-free in DOM. Credit to\n\t cloudfuzzer.\n[402957] High CVE-2014-7935: Use-after-free in Speech. Credit\n\t to Khalil Zhani.\n[428561] High CVE-2014-7936: Use-after-free in Views. Credit\n\t to Christoph Diehl.\n[419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit\n\t to Atte Kettunen of OUSPG.\n[416323] High CVE-2014-7938: Memory corruption in Fonts. Credit\n\t to Atte Kettunen of OUSPG.\n[399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit\n\t to Takeshi Terada.\n[433866] Medium CVE-2014-7940: Uninitialized-value in ICU.\n\t Credit to miaubiz.\n[428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit\n\t to Atte Kettunen of OUSPG and Christoph Diehl.\n[426762] Medium CVE-2014-7942: Uninitialized-value in Fonts.\n\t Credit to miaubiz.\n[422492] Medium CVE-2014-7943: Out-of-bounds read in Skia.\n\t Credit to Atte Kettunen of OUSPG.\n[418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium.\n\t Credit to cloudfuzzer.\n[414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium.\n\t Credit to cloudfuzzer.\n[414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts.\n\t Credit to miaubiz.\n[430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium.\n\t Credit to fuzztercluck.\n[414026] Medium CVE-2014-7948: Caching error in AppCache.\n\t Credit to jiayaoqijia.\n[449894] CVE-2015-1205: Various fixes from internal audits,\n\t fuzzing and other initiatives.\nMultiple vulnerabilities in V8 fixed at the tip of the 3.30\n\t branch (currently 3.30.33.15).\n\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2015-01-21T00:00:00", "title": "chromium -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2014-7948", "CVE-2014-7940", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2015-01-21T00:00:00", "id": "E30E0C99-A1B7-11E4-B85C-00262D5ED8EE", "href": "https://vuxml.freebsd.org/freebsd/e30e0c99-a1b7-11e4-b85c-00262d5ed8ee.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:14:44", "references": ["http://googlechromereleases.blogspot.nl"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "40.0.2214.111", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "chromium-pulse", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "40.0.2214.111", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "chromium", "operator": "lt"}], "description": "\nChrome Releases reports:\n\n11 security fixes in this release, including:\n\n[447906] High CVE-2015-1209: Use-after-free in DOM. Credit to\n\t Maksymillian.\n[453979] High CVE-2015-1210: Cross-origin-bypass in V8\n\t bindings. Credit to anonymous.\n[453982] High CVE-2015-1211: Privilege escalation using service\n\t workers. Credit to anonymous.\n[455225] CVE-2015-1212: Various fixes from internal audits,\n\t fuzzing and other initiatives.\n\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2015-02-05T00:00:00", "title": "chromium -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-1210", "CVE-2015-1212", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2015-02-05T00:00:00", "id": "A6EB239F-ADBE-11E4-9FCE-080027593B9A", "href": "https://vuxml.freebsd.org/freebsd/a6eb239f-adbe-11e4-9fce-080027593b9a.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:14:44", "references": ["http://googlechromereleases.blogspot.nl"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "41.0.2272.76", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "chromium-npapi", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "41.0.2272.76", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "chromium-pulse", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "41.0.2272.76", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "chromium", "operator": "lt"}], "description": "\nChrome Releases reports:\n\n51 security fixes in this release, including:\n\n[456516] High CVE-2015-1212: Out-of-bounds write in media.\n\t Credit to anonymous.\n[448423] High CVE-2015-1213: Out-of-bounds write in skia\n\t filters. Credit to cloudfuzzer.\n[445810] High CVE-2015-1214: Out-of-bounds write in skia\n\t filters. Credit to cloudfuzzer.\n[445809] High CVE-2015-1215: Out-of-bounds write in skia\n\t filters. Credit to cloudfuzzer.\n[454954] High CVE-2015-1216: Use-after-free in v8 bindings.\n\t Credit to anonymous.\n[456192] High CVE-2015-1217: Type confusion in v8 bindings.\n\t Credit to anonymous.\n[456059] High CVE-2015-1218: Use-after-free in dom.\n\t Credit to cloudfuzzer.\n[446164] High CVE-2015-1219: Integer overflow in webgl.\n\t Credit to Chen Zhang (demi6od) of NSFOCUS Security Team.\n[437651] High CVE-2015-1220: Use-after-free in gif decoder.\n\t Credit to Aki Helin of OUSPG.\n[455368] High CVE-2015-1221: Use-after-free in web databases.\n\t Credit to Collin Payne.\n[448082] High CVE-2015-1222: Use-after-free in service workers.\n\t Credit to Collin Payne.\n[454231] High CVE-2015-1223: Use-after-free in dom.\n\t Credit to Maksymillian Motyl.\nHigh CVE-2015-1230: Type confusion in v8.\n\t Credit to Skylined working with HP's Zero Day Initiative.\n[449958] Medium CVE-2015-1224: Out-of-bounds read in vpxdecoder.\n\t Credit to Aki Helin of OUSPG.\n[446033] Medium CVE-2015-1225: Out-of-bounds read in pdfium.\n\t Credit to cloudfuzzer.\n[456841] Medium CVE-2015-1226: Validation issue in debugger.\n\t Credit to Rob Wu.\n[450389] Medium CVE-2015-1227: Uninitialized value in blink.\n\t Credit to Christoph Diehl.\n[444707] Medium CVE-2015-1228: Uninitialized value in rendering.\n\t Credit to miaubiz.\n[431504] Medium CVE-2015-1229: Cookie injection via proxies.\n\t Credit to iliwoy.\n[463349] CVE-2015-1231: Various fixes from internal audits,\n\t fuzzing, and other initiatives.\n\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2015-03-03T00:00:00", "title": "chromium -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-1220", "CVE-2015-1218", "CVE-2015-1214", "CVE-2015-1223", "CVE-2015-1225", "CVE-2015-1231", "CVE-2015-1217", "CVE-2015-1213", "CVE-2015-1227", "CVE-2015-1212", "CVE-2015-1228", "CVE-2015-1224", "CVE-2015-1215", "CVE-2015-1222", "CVE-2015-1226", "CVE-2015-1219", "CVE-2015-1229", "CVE-2015-1221", "CVE-2015-1216", "CVE-2015-1230"], "modified": "2015-03-03T00:00:00", "id": "8505E013-C2B3-11E4-875D-000C6E25E3E9", "href": "https://vuxml.freebsd.org/freebsd/8505e013-c2b3-11e4-875d-000c6e25e3e9.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:39", "references": ["https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7928", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7944", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7936", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7933", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7945", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7925", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7943", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7924", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7937", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7941", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7940", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7947", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7932", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7946", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7939", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7931", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7938", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7935", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7948", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7929", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7926", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7934", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7930", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7923", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7927", "http://googlechromereleases.blogspot.fr/2015/01/stable-update.html", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7942", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1205"], "affectedPackage": [{"OS": "any", "OSVersion": "any", "packageVersion": "40.0.2214.91-1", "packageName": "chromium", "arch": "any", "packageFilename": "UNKNOWN", "operator": "lt"}], "edition": 1, "description": "- CVE-2014-7923 (memory corruption)\nThe Regular Expressions package in International Components for Unicode\n(ICU) 52, allows remote attackers to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact via vectors\nrelated to a (1) zero-length quantifier or (2) look-behind expression.\n\n- CVE-2014-7924 (use-after-free)\nUse-after-free vulnerability in the IndexedDB implementation allows\nremote attackers to cause a denial of service or possibly have\nunspecified other impact by triggering duplicate BLOB references.\n\n- CVE-2014-7925 (use-after-free)\nUse-after-free vulnerability in the WebAudio implementation in Blink\nallows remote attackers to cause a denial of service or possibly have\nunspecified other impact via vectors that trigger an audio-rendering\nthread in which AudioNode data is improperly maintained.\n\n- CVE-2014-7926 (memory corruption)\nThe Regular Expressions package in International Components for Unicode\n(ICU) 52 allows remote attackers to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact via vectors\nrelated to a (1) zero-length quantifier or (2) look-behind expression, a\ndifferent vulnerability than CVE-2014-7923.\n\n- CVE-2014-7927 (memory corruption)\nThe SimplifiedLowering::DoLoadBuffer function in\ncompiler/simplified-lowering.cc in Google V8 does not properly choose an\ninteger data type, which allows remote attackers to cause a denial of\nservice (memory corruption) or possibly have unspecified other impact\nvia crafted JavaScript code.\n\n- CVE-2014-7928 (memory corruption)\nhydrogen.cc in Google V8 does not properly handle arrays with holes,\nwhich allows remote attackers to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact via crafted\nJavaScript code that triggers an array copy.\n\n- CVE-2014-7930 (use-after-free)\nUse-after-free vulnerability in core/events/TreeScopeEventContext.cpp in\nthe DOM implementation in Blink allows remote attackers to cause a\ndenial of service or possibly have unspecified other impact via crafted\nJavaScript code that triggers improper maintenance of TreeScope data.\n\n- CVE-2014-7931 (memory corruption)\nfactory.cc in Google V8 allows remote attackers to cause a denial of\nservice (memory corruption) or possibly have unspecified other impact\nvia crafted JavaScript code that triggers improper maintenance of\nbacking-store pointers.\n\n- CVE-2014-7929 (use-after-free)\nUse-after-free vulnerability in the\nHTMLScriptElement::didMoveToNewDocument function in\ncore/html/HTMLScriptElement.cpp in the DOM implementation in Blink\nallows remote attackers to cause a denial of service or possibly have\nunspecified other impact via vectors involving movement of a SCRIPT\nelement across documents.\n\n- CVE-2014-7932 (use-after-free)\nUse-after-free vulnerability in the Element::detach function in\ncore/dom/Element.cpp in the DOM implementation in Blink allows remote\nattackers to cause a denial of service or possibly have unspecified\nother impact via vectors involving pending updates of detached elements.\n\n- CVE-2014-7933 (use-after-free)\nUse-after-free vulnerability in the matroska_read_seek function in\nlibavformat/matroskadec.c in FFmpeg before 2.5.1 allows remote attackers\nto cause a denial of service or possibly have unspecified other impact\nvia a crafted Matroska file that triggers improper maintenance of tracks\ndata.\n\n- CVE-2014-7934 (use-after-free)\nUse-after-free vulnerability in the DOM implementation in Blink allows\nremote attackers to cause a denial of service or possibly have\nunspecified other impact via vectors related to unexpected absence of\ndocument data structures.\n\n- CVE-2014-7935 (use-after-free)\nUse-after-free vulnerability in browser/speech/tts_message_filter.cc in\nthe Speech implementation allows remote attackers to cause a denial of\nservice or possibly have unspecified other impact via vectors involving\nutterances from a closed tab.\n\n- CVE-2014-7936 (use-after-free)\nUse-after-free vulnerability in the ZoomBubbleView::Close function in\nbrowser/ui/views/location_bar/zoom_bubble_view.cc in the Views\nimplementation allows remote attackers to cause a denial of service or\npossibly have unspecified other impact via a crafted document that\ntriggers improper maintenance of a zoom bubble.\n\n- CVE-2014-7937 (use-after-free)\nMultiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before\n2.4.2 allow remote attackers to cause a denial of service\n(use-after-free) or possibly have unspecified other impact via crafted\nVorbis I data.\n\n- CVE-2014-7938 (memory corruption)\nThe Fonts implementation allows remote attackers to cause a denial of\nservice (memory corruption) or possibly have unspecified other impact\nvia unknown vectors.\n\n- CVE-2014-7939 (same-origin bypass)\nWhen the Harmony proxy in Google V8 is enabled, allows remote attackers\nto bypass the Same Origin Policy via crafted JavaScript code with\nProxy.create and console.log calls, related to HTTP responses that lack\nan "X-Content-Type-Options: nosniff" header.\n\n- CVE-2014-7940 (uninitialized-value)\nThe collator implementation in i18n/ucol.cpp in International Components\nfor Unicode (ICU) 52 does not initialize memory for a data structure,\nwhich allows remote attackers to cause a denial of service or possibly\nhave unspecified other impact via a crafted character sequence.\n\n- CVE-2014-7941 (out-of-bounds read)\nThe SelectionOwner::ProcessTarget function in\nui/base/x/selection_owner.cc in the UI implementation uses an incorrect\ndata type for a certain length value, which allows remote attackers to\ncause a denial of service (out-of-bounds read) via crafted X11 data.\n\n- CVE-2014-7942 (uninitialized-value)\nThe Fonts implementation does not initialize memory for a data\nstructure, which allows remote attackers to cause a denial of service or\npossibly have unspecified other impact via unknown vectors.\n\n- CVE-2014-7943 (out-of-bounds read)\nSkia allows remote attackers to cause a denial of service (out-of-bounds\nread) via unspecified vectors.\n\n- CVE-2014-7944 (out-of-bounds read)\nThe sycc422_to_rgb function in fxcodec/codec/fx_codec_jpx_opj.cpp in\nPDFium does not properly handle odd values of image width, which allows\nremote attackers to cause a denial of service (out-of-bounds read) via a\ncrafted PDF document.\n\n- CVE-2014-7945 (out-of-bounds read)\nOpenJPEG before r2908, as used in PDFium, allows remote attackers to\ncause a denial of service (out-of-bounds read) via a crafted PDF\ndocument, related to j2k.c, jp2.c, and t2.c.\n\n- CVE-2014-7946 (out-of-bounds read)\nThe RenderTable::simplifiedNormalFlowLayout function in\ncore/rendering/RenderTable.cpp in Blink skips captions during table\nlayout in certain situations, which allows remote attackers to cause a\ndenial of service (out-of-bounds read) via unspecified vectors related\nto the Fonts implementation.\n\n- CVE-2014-7947 (out-of-bounds read)\nOpenJPEG before r2944, as used in PDFium, allows remote attackers to\ncause a denial of service (out-of-bounds read) via a crafted PDF\ndocument, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c.\n\n- CVE-2014-7948 (caching error)\nThe AppCacheUpdateJob::URLFetcher::OnResponseStarted function in\ncontent/browser/appcache/appcache_update_job.cc proceeds with AppCache\ncaching for SSL sessions even if there is an X.509 certificate error,\nwhich allows man-in-the-middle attackers to spoof HTML5 application\ncontent via a crafted certificate.\n\n- CVE-2015-1205 (denial of service)\nMultiple unspecified vulnerabilities allow attackers to cause a\ndenial-of-service or possibly have other impact via unknown vectors.", "reporter": "Arch Linux", "published": "2015-01-25T00:00:00", "title": "chromium: multiple issues", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "archlinux", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2014-7948", "CVE-2014-7940", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2015-01-25T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html", "id": "ASA-201501-21", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-02T18:44:39", "references": ["https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1212", "http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1209", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1211", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1210"], "affectedPackage": [{"OS": "any", "OSVersion": "any", "packageVersion": "40.0.2214.111-1", "packageName": "chromium", "arch": "any", "packageFilename": "UNKNOWN", "operator": "lt"}], "edition": 1, "description": "- CVE-2015-1209 (use-after-free)\n\nUse-after-free in DOM, possibly leading to arbitrary code execution.\nCredit to Maksymillian Motyl.\n\n- CVE-2015-1210 (cross-origin bypass)\n\nCross-origin-bypass in V8 bindings allows an attacker to bypass the\nsame-origin policy.\n\n- CVE-2015-1211 (privilege escalation)\n\nPrivilege escalation using service workers.\n\n- CVE-2015-1212\n\nVarious fixes from internal audits, fuzzing and other initiatives,\nfixing unspecified vulnerabilities not disclosed by upstream.", "reporter": "Arch Linux", "published": "2015-02-06T00:00:00", "title": "chromium: multiple issues", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "archlinux", "bulletinFamily": "unix", "cvelist": ["CVE-2015-1210", "CVE-2015-1212", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2015-02-06T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html", "id": "ASA-201502-5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-02T18:44:46", "references": ["http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1217", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1226", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1230", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1219", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1228", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1231", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1222", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1215", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1214", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1218", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1216", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1227", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1223", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1229", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1224", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1221", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1225", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1212", "http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1213", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1220"], "affectedPackage": [{"OS": "any", "OSVersion": "any", "packageVersion": "41.0.2272.76-1", "packageName": "chromium", "arch": "any", "packageFilename": "UNKNOWN", "operator": "lt"}], "edition": 1, "description": "- CVE-2015-1212:\n\nOut-of-bounds write in media.\n\n- CVE-2015-1213, CVE-2015-1214, CVE-2015-1215:\n\nOut-of-bounds write in skia filters.\n\n- CVE-2015-1216:\n\nUse-after-free in v8 bindings.\n\n- CVE-2015-1217:\n\nType confusion in v8 bindings.\n\n- CVE-2015-1218:\n\nUse-after-free in dom.\n\n- CVE-2015-1219:\n\nInteger overflow in webgl.\n\n- CVE-2015-1220:\n\nUse-after-free in gif decoder.\n\n- CVE-2015-1221:\n\nUse-after-free in web databases.\n\n- CVE-2015-1222:\n\nUse-after-free in service workers.\n\n- CVE-2015-1223:\n\nUse-after-free in dom.\n\n- CVE-2015-1224:\n\nOut-of-bounds read in vpxdecoder.\n\n- CVE-2015-1225:\n\nOut-of-bounds read in pdfium.\n\n- CVE-2015-1226:\n\nValidation issue in debugger.\n\n- CVE-2015-1227:\n\nUninitialized value in blink.\n\n- CVE-2015-1228:\n\nUninitialized value in rendering.\n\n- CVE-2015-1229:\n\n Cookie injection via proxies.\n\n- CVE-2015-1230:\n\n Type confusion in v8.\n\n- CVE-2015-1231:\n\nVarious fixes from internal audits, fuzzing and other initiatives.", "reporter": "Arch Linux", "published": "2015-03-05T00:00:00", "title": "chromium: multiple issues", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "archlinux", "bulletinFamily": "unix", "cvelist": ["CVE-2015-1220", "CVE-2015-1218", "CVE-2015-1214", "CVE-2015-1223", "CVE-2015-1225", "CVE-2015-1231", "CVE-2015-1217", "CVE-2015-1213", "CVE-2015-1227", "CVE-2015-1212", "CVE-2015-1228", "CVE-2015-1224", "CVE-2015-1215", "CVE-2015-1222", "CVE-2015-1226", "CVE-2015-1219", "CVE-2015-1229", "CVE-2015-1221", "CVE-2015-1216", "CVE-2015-1230"], "modified": "2015-03-05T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html", "id": "ASA-201503-5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "threatpost": [{"lastseen": "2018-10-06T22:57:30", "_object_types": ["robots.models.base.Bulletin", "robots.models.threatpost.ThreatpostBulletin"], "references": ["http://googlechromereleases.blogspot.ro/2015/01/stable-update.html", "http://threatpost.com/bypass-demonstrated-for-microsoft-use-after-free-mitigation-in-ie/110570", "https://code.google.com/p/chromium/issues/detail?id=430353", "https://code.google.com/p/chromium/issues/detail?id=435880", "https://code.google.com/p/chromium/issues/detail?id=434136", "https://code.google.com/p/chromium/issues/detail?id=422824", "https://code.google.com/p/chromium/issues/detail?id=444695", "https://code.google.com/p/chromium/issues/detail?id=435073", "https://code.google.com/p/chromium/issues/detail?id=442806", "https://code.google.com/p/chromium/issues/detail?id=442710", "https://code.google.com/p/chromium/issues/detail?id=443115", "https://code.google.com/p/chromium/issues/detail?id=429666", "https://code.google.com/p/chromium/issues/detail?id=427266", "https://code.google.com/p/chromium/issues/detail?id=427249", "https://code.google.com/p/chromium/issues/detail?id=402957", "https://code.google.com/p/chromium/issues/detail?id=428561", "https://code.google.com/p/chromium/issues/detail?id=419060", "https://code.google.com/p/chromium/issues/detail?id=416323", "https://code.google.com/p/chromium/issues/detail?id=399951", "https://code.google.com/p/chromium/issues/detail?id=433866", "https://code.google.com/p/chromium/issues/detail?id=428557", "https://code.google.com/p/chromium/issues/detail?id=426762", "https://code.google.com/p/chromium/issues/detail?id=422492", "https://code.google.com/p/chromium/issues/detail?id=418881", "https://code.google.com/p/chromium/issues/detail?id=414310", "https://code.google.com/p/chromium/issues/detail?id=414109", "https://code.google.com/p/chromium/issues/detail?id=430566", "https://code.google.com/p/chromium/issues/detail?id=414026", "http://threatpost.com/google-removes-sslv3-fallback-support-from-chrome/109455"], "description": "Google pushed out on Wednesday a new version of its Chrome browser (40.0.2214.91) and along with it paid out more than two dozen bounties, including 16 for memory corruption vulnerabilities.\n\nIn all, [62 security vulnerabilities were patched](<http://googlechromereleases.blogspot.ro/2015/01/stable-update.html>), 17 of those considered high severity bugs by Google.\n\nMost of those high-severity vulnerabilities were memory corruption or [use-after-free vulnerabilities](<http://threatpost.com/bypass-demonstrated-for-microsoft-use-after-free-mitigation-in-ie/110570>) in a number of Chrome components, including ICU, V8, FFmpeg and DOM.\n\nA researcher credited as cloudfuzzer cashed in with $12,000 worth of bounties, including three critical bugs. Another reporter known as yangdingning was awarded $9,000 for his finds.\n\nHere is the list of public vulnerabilities patched in Chrome 40.\n\n[$5000][[430353](<https://code.google.com/p/chromium/issues/detail?id=430353>)] **High** CVE-2014-7923: Memory corruption in ICU. _Credit to yangdingning._ \n[$4500][[435880](<https://code.google.com/p/chromium/issues/detail?id=435880>)] **High** CVE-2014-7924: Use-after-free in IndexedDB. _Credit to Collin Payne._ \n[$4000][[434136](<https://code.google.com/p/chromium/issues/detail?id=434136>)] **High** CVE-2014-7925: Use-after-free in WebAudio. _Credit to mark.buer._ \n[$4000][[422824](<https://code.google.com/p/chromium/issues/detail?id=422824>)] **High** CVE-2014-7926: Memory corruption in ICU. _Credit to yangdingning._ \n[$3500][[444695](<https://code.google.com/p/chromium/issues/detail?id=444695>)] **High** CVE-2014-7927: Memory corruption in V8. _Credit to Christian Holler._ \n[$3500][[435073](<https://code.google.com/p/chromium/issues/detail?id=435073>)] **High** CVE-2014-7928: Memory corruption in V8. _Credit to Christian Holler._ \n[$3000][[442806](<https://code.google.com/p/chromium/issues/detail?id=442806>)] **High** CVE-2014-7930: Use-after-free in DOM. _Credit to cloudfuzzer._ \n[$3000][[442710](<https://code.google.com/p/chromium/issues/detail?id=442710>)] **High** CVE-2014-7931: Memory corruption in V8. _Credit to cloudfuzzer._ \n[$2000][[443115](<https://code.google.com/p/chromium/issues/detail?id=443115>)] **High** CVE-2014-7929: Use-after-free in DOM. _Credit to cloudfuzzer._ \n[$2000][[429666](<https://code.google.com/p/chromium/issues/detail?id=429666>)] **High** CVE-2014-7932: Use-after-free in DOM. _Credit to Atte Kettunen of OUSPG._ \n[$2000][[427266](<https://code.google.com/p/chromium/issues/detail?id=427266>)] **High** CVE-2014-7933: Use-after-free in FFmpeg. _Credit to aohelin._ \n[$2000][[427249](<https://code.google.com/p/chromium/issues/detail?id=427249>)] **High** CVE-2014-7934: Use-after-free in DOM. _Credit to cloudfuzzer._ \n[$2000][[402957](<https://code.google.com/p/chromium/issues/detail?id=402957>)] **High** CVE-2014-7935: Use-after-free in Speech. _Credit to Khalil Zhani._ \n[$1500][[428561](<https://code.google.com/p/chromium/issues/detail?id=428561>)] **High** CVE-2014-7936: Use-after-free in Views. _Credit to Christoph Diehl._ \n[$1500][[419060](<https://code.google.com/p/chromium/issues/detail?id=419060>)] **High** CVE-2014-7937: Use-after-free in FFmpeg. _Credit to Atte Kettunen of OUSPG._ \n[$1000][[416323](<https://code.google.com/p/chromium/issues/detail?id=416323>)] **High** CVE-2014-7938: Memory corruption in Fonts. _Credit to Atte Kettunen of OUSPG._ \n[$1000][[399951](<https://code.google.com/p/chromium/issues/detail?id=399951>)] **High** CVE-2014-7939: Same-origin-bypass in V8. _Credit to Takeshi Terada._ \n[$1000][[433866](<https://code.google.com/p/chromium/issues/detail?id=433866>)] **Medium** CVE-2014-7940: Uninitialized-value in ICU. _Credit to miaubiz._ \n[$1000][[428557](<https://code.google.com/p/chromium/issues/detail?id=428557>)] **Medium** CVE-2014-7941: Out-of-bounds read in UI. _Credit to Atte Kettunen of OUSPG and Christoph Diehl._ \n[$1000][[426762](<https://code.google.com/p/chromium/issues/detail?id=426762>)] **Medium** CVE-2014-7942: Uninitialized-value in Fonts. _Credit to miaubiz._ \n[$1000][[422492](<https://code.google.com/p/chromium/issues/detail?id=422492>)] **Medium** CVE-2014-7943: Out-of-bounds read in Skia. _Credit to Atte Kettunen of OUSPG._ \n[$1000][[418881](<https://code.google.com/p/chromium/issues/detail?id=418881>)] **Medium** CVE-2014-7944: Out-of-bounds read in PDFium. _Credit to cloudfuzzer._ \n[$1000][[414310](<https://code.google.com/p/chromium/issues/detail?id=414310>)] **Medium** CVE-2014-7945: Out-of-bounds read in PDFium. _Credit to cloudfuzzer._ \n[$1000][[414109](<https://code.google.com/p/chromium/issues/detail?id=414109>)] **Medium** CVE-2014-7946: Out-of-bounds read in Fonts. _Credit to miaubiz._\n\n[$500][[430566](<https://code.google.com/p/chromium/issues/detail?id=430566>)] **Medium** CVE-2014-7947: Out-of-bounds read in PDFium. _Credit to fuzztercluck._ \n[$500][[414026](<https://code.google.com/p/chromium/issues/detail?id=414026>)] **Medium** CVE-2014-7948: Caching error in AppCache. _Credit to jiayaoqijia._\n\nGoogle said it awarded an additional $35,000 in bounties to Atte Kettunen of OUSPG, Christian Holler, cloudfuzzer and Khalil Zhani for work done during the development cycle to keep vulnerabilities out of the stable release.\n\nThis is the first Chrome release of the year; in November, [Chrome 39](<http://threatpost.com/google-removes-sslv3-fallback-support-from-chrome/109455>) was released and included removal of support for the fallback to SSL 3.0, the target of the POODLE attack.\n", "reporter": "Michael Mimoso", "published": "2015-01-22T12:45:41", "type": "threatpost", "title": "Chrome 40 Patches 62 Security Vulnerabilities", "enchantments": {"score": {"modified": "2018-10-06T22:57:30", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-7923", "CVE-2014-7924", "CVE-2014-7925", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7928", "CVE-2014-7929", "CVE-2014-7930", "CVE-2014-7931", "CVE-2014-7932", "CVE-2014-7933", "CVE-2014-7934", "CVE-2014-7935", "CVE-2014-7936", "CVE-2014-7937", "CVE-2014-7938", "CVE-2014-7939", "CVE-2014-7940", "CVE-2014-7941", "CVE-2014-7942", "CVE-2014-7943", "CVE-2014-7944", "CVE-2014-7945", "CVE-2014-7946", "CVE-2014-7947", "CVE-2014-7948"], "_object_type": "robots.models.threatpost.ThreatpostBulletin", "modified": "2015-01-27T15:10:55", "id": "THREATPOST:07D5CDF62B74AB909C2F522C97F98BDF", "href": "https://threatpost.com/chrome-40-patches-62-security-vulnerabilities-pays-bounties-aplenty/110594/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-06T22:57:16", "_object_types": ["robots.models.base.Bulletin", "robots.models.threatpost.ThreatpostBulletin"], "references": ["http://googlechromereleases.blogspot.ro/2015/03/stable-channel-update.html", "https://code.google.com/p/chromium/issues/detail?id=456516", "https://code.google.com/p/chromium/issues/detail?id=448423", "https://code.google.com/p/chromium/issues/detail?id=445810", "https://code.google.com/p/chromium/issues/detail?id=445809", "https://code.google.com/p/chromium/issues/detail?id=454954", "https://code.google.com/p/chromium/issues/detail?id=456192", "https://code.google.com/p/chromium/issues/detail?id=456059", "https://code.google.com/p/chromium/issues/detail?id=446164", "https://code.google.com/p/chromium/issues/detail?id=437651", "https://code.google.com/p/chromium/issues/detail?id=455368", "https://code.google.com/p/chromium/issues/detail?id=448082", "https://code.google.com/p/chromium/issues/detail?id=454231", "https://code.google.com/p/chromium/issues/detail?id=449610", "https://code.google.com/p/chromium/issues/detail?id=449958", "https://code.google.com/p/chromium/issues/detail?id=446033", "https://code.google.com/p/chromium/issues/detail?id=456841", "https://code.google.com/p/chromium/issues/detail?id=450389", "https://code.google.com/p/chromium/issues/detail?id=444707", "https://code.google.com/p/chromium/issues/detail?id=431504", "https://chromium.googlesource.com/chromium/src/+log/40.0.2214.115..41.0.2272.76?pretty=fuller&n=10000", "http://threatpost.com/new-freak-attack-threatens-many-ssl-clients/111390"], "description": "Google released the latest build of its browser Tuesday, Chrome 41.0.2272.76, patching 51 different bugs and paying out over $50,000 in bounties.\n\nGoogle paid bounties for 18 bugs ranging from medium to high severity. The bounties for all of the vulnerabilities totaled $52,000.\n\n13 of those bugs came marked with a severity rating of high and largely stem from either an out-of-bounds, use-after-free or integer overflow vulnerability.\n\n[According to a blog](<http://googlechromereleases.blogspot.ro/2015/03/stable-channel-update.html>) posted by Google\u2019s Penny MacNeil yesterday, Chrome\u2019s team also implemented a handful of fixes from internal audits and fuzzing. Additionally, Chrome developers also made updates to the company\u2019s open source JavaScript engine, V8.\n\nHere\u2019s the full rundown of bugs contributed by external researchers fixed in this edition of Chrome:\n\n[$7500][[456516](<https://code.google.com/p/chromium/issues/detail?id=456516>)] **High** CVE-2015-1212: Out-of-bounds write in media. Credit to anonymous. \n[$5000][[448423](<https://code.google.com/p/chromium/issues/detail?id=448423>)] **High** CVE-2015-1213: Out-of-bounds write in skia filters. Credit to cloudfuzzer. \n[$5000][[445810](<https://code.google.com/p/chromium/issues/detail?id=445810>)] **High** CVE-2015-1214: Out-of-bounds write in skia filters. Credit to cloudfuzzer. \n[$5000][[445809](<https://code.google.com/p/chromium/issues/detail?id=445809>)] **High** CVE-2015-1215: Out-of-bounds write in skia filters. Credit to cloudfuzzer. \n[$4000][[454954](<https://code.google.com/p/chromium/issues/detail?id=454954>)] **High** CVE-2015-1216: Use-after-free in v8 bindings. Credit to anonymous. \n[$3000][[456192](<https://code.google.com/p/chromium/issues/detail?id=456192>)] **High** CVE-2015-1217: Type confusion in v8 bindings. Credit to anonymous. \n[$3000][[456059](<https://code.google.com/p/chromium/issues/detail?id=456059>)] **High** CVE-2015-1218: Use-after-free in dom. Credit to cloudfuzzer. \n[$3000][[446164](<https://code.google.com/p/chromium/issues/detail?id=446164>)] **High** CVE-2015-1219: Integer overflow in webgl. Credit to Chen Zhang (demi6od) of NSFOCUS Security Team. \n[$3000][[437651](<https://code.google.com/p/chromium/issues/detail?id=437651>)] **High** CVE-2015-1220: Use-after-free in gif decoder. Credit to Aki Helin of OUSPG. \n[$2500][[455368](<https://code.google.com/p/chromium/issues/detail?id=455368>)] **High** CVE-2015-1221: Use-after-free in web databases. Credit to Collin Payne. \n[$2500][[448082](<https://code.google.com/p/chromium/issues/detail?id=448082>)] **High** CVE-2015-1222: Use-after-free in service workers. Credit to Collin Payne. \n[$2000][[454231](<https://code.google.com/p/chromium/issues/detail?id=454231>)] **High** CVE-2015-1223: Use-after-free in dom. Credit to Maksymillian Motyl. \n[[449610](<https://code.google.com/p/chromium/issues/detail?id=449610>)] **High** CVE-2015-1230: Type confusion in v8. Credit to Skylined working with HP\u2019s Zero Day Initiative. \n[$2000][[449958](<https://code.google.com/p/chromium/issues/detail?id=449958>)] **Medium** CVE-2015-1224: Out-of-bounds read in vpxdecoder. Credit to Aki Helin of OUSPG. \n[$1000][[446033](<https://code.google.com/p/chromium/issues/detail?id=446033>)] **Medium** CVE-2015-1225: Out-of-bounds read in pdfium. Credit to cloudfuzzer. \n[$1000][[456841](<https://code.google.com/p/chromium/issues/detail?id=456841>)] **Medium** CVE-2015-1226: Validation issue in debugger. Credit to Rob Wu. \n[$1000][[450389](<https://code.google.com/p/chromium/issues/detail?id=450389>)] **Medium** CVE-2015-1227: Uninitialized value in blink. Credit to Christoph Diehl. \n[$1000][[444707](<https://code.google.com/p/chromium/issues/detail?id=444707>)] **Medium** CVE-2015-1228: Uninitialized value in rendering. Credit to miaubiz. \n[$500][[431504](<https://code.google.com/p/chromium/issues/detail?id=431504>)] **Medium** CVE-2015-1229: Cookie injection via proxies. Credit to iliwoy.\n\nThose looking for a full list of changes can find them in the [Chromium changelog](<https://chromium.googlesource.com/chromium/src/+log/40.0.2214.115..41.0.2272.76?pretty=fuller&n=10000>).\n\nA Google spokesperson on Wednesday claimed that the way Android connects to most websites, including Google sites and others without export certificates are not subject to the [FREAK flaw](<http://threatpost.com/new-freak-attack-threatens-many-ssl-clients/111390>) that\u2019s dominated headlines this week. The flaw enables attackers to downgrade their victims\u2019 SSL clients RSA key and compromise their connections with a man-in-the-middle attack.\n\n\u201cWe encourage all websites to disable support for export certificates, Google said before adding that its \u201cdeveloped a patch to protect Android\u2019s connection to sites that do expose export certs and that patch has been provided to partners.\u201d\n", "reporter": "Chris Brook", "published": "2015-03-04T13:58:40", "type": "threatpost", "title": "Google Fixes 51 Bugs in Chrome 41", "enchantments": {"score": {"modified": "2018-10-06T22:57:16", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2015-1212", "CVE-2015-1213", "CVE-2015-1214", "CVE-2015-1215", "CVE-2015-1216", "CVE-2015-1217", "CVE-2015-1218", "CVE-2015-1219", "CVE-2015-1220", "CVE-2015-1221", "CVE-2015-1222", "CVE-2015-1223", "CVE-2015-1224", "CVE-2015-1225", "CVE-2015-1226", "CVE-2015-1227", "CVE-2015-1228", "CVE-2015-1229", "CVE-2015-1230"], "_object_type": "robots.models.threatpost.ThreatpostBulletin", "modified": "2015-03-04T18:59:59", "id": "THREATPOST:DD4B8BE5C0517D67B4F100DACE2F22CB", "href": "https://threatpost.com/google-fixes-51-bugs-in-chrome-41/111428/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T12:06:50", "references": ["https://bugzilla.suse.com/916840", "https://bugzilla.suse.com/916841", "https://bugzilla.suse.com/916843", "https://bugzilla.suse.com/916838", "https://bugzilla.suse.com/914468"], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromedriver", "packageFilename": "chromedriver-40.0.2214.111-13.4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-ffmpegsumo", "packageFilename": "chromium-ffmpegsumo-40.0.2214.111-13.4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-desktop-kde", "packageFilename": "chromium-desktop-kde-40.0.2214.111-68.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-desktop-gnome", "packageFilename": "chromium-desktop-gnome-40.0.2214.111-68.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium", "packageFilename": "chromium-40.0.2214.111-13.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-ffmpegsumo", "packageFilename": "chromium-ffmpegsumo-40.0.2214.111-13.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-desktop-kde", "packageFilename": "chromium-desktop-kde-40.0.2214.111-68.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromedriver", "packageFilename": "chromedriver-40.0.2214.111-68.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromedriver", "packageFilename": "chromedriver-40.0.2214.111-13.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromedriver-debuginfo", "packageFilename": "chromedriver-debuginfo-40.0.2214.111-13.4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-ffmpegsumo", "packageFilename": "chromium-ffmpegsumo-40.0.2214.111-68.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-ffmpegsumo-debuginfo", "packageFilename": "chromium-ffmpegsumo-debuginfo-40.0.2214.111-13.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromedriver-debuginfo", "packageFilename": "chromedriver-debuginfo-40.0.2214.111-68.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-desktop-kde", "packageFilename": "chromium-desktop-kde-40.0.2214.111-13.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-ffmpegsumo-debuginfo", "packageFilename": "chromium-ffmpegsumo-debuginfo-40.0.2214.111-68.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-debuginfo", "packageFilename": "chromium-debuginfo-40.0.2214.111-68.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-desktop-kde", "packageFilename": "chromium-desktop-kde-40.0.2214.111-13.4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-desktop-gnome", "packageFilename": "chromium-desktop-gnome-40.0.2214.111-13.4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromedriver-debuginfo", "packageFilename": "chromedriver-debuginfo-40.0.2214.111-68.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-debugsource", "packageFilename": "chromium-debugsource-40.0.2214.111-68.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium", "packageFilename": "chromium-40.0.2214.111-13.4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-ffmpegsumo-debuginfo", "packageFilename": "chromium-ffmpegsumo-debuginfo-40.0.2214.111-68.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-ffmpegsumo-debuginfo", "packageFilename": "chromium-ffmpegsumo-debuginfo-40.0.2214.111-13.4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-debuginfo", "packageFilename": "chromium-debuginfo-40.0.2214.111-13.4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromedriver-debuginfo", "packageFilename": "chromedriver-debuginfo-40.0.2214.111-13.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-debugsource", "packageFilename": "chromium-debugsource-40.0.2214.111-13.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-debugsource", "packageFilename": "chromium-debugsource-40.0.2214.111-68.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-ffmpegsumo", "packageFilename": "chromium-ffmpegsumo-40.0.2214.111-68.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-desktop-gnome", "packageFilename": "chromium-desktop-gnome-40.0.2214.111-68.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium", "packageFilename": "chromium-40.0.2214.111-68.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-desktop-gnome", "packageFilename": "chromium-desktop-gnome-40.0.2214.111-13.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromedriver", "packageFilename": "chromedriver-40.0.2214.111-68.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium-debuginfo", "packageFilename": "chromium-debuginfo-40.0.2214.111-68.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-debuginfo", "packageFilename": "chromium-debuginfo-40.0.2214.111-13.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "40.0.2214.111-13.4", "packageName": "chromium-debugsource", "packageFilename": "chromium-debugsource-40.0.2214.111-13.4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "40.0.2214.111-68.2", "packageName": "chromium", "packageFilename": "chromium-40.0.2214.111-68.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "chromium was updated to version 40.0.2214.111 to fix 31 vulnerabilities.\n\n These security issues were fixed:\n - CVE-2015-1209: Use-after-free in DOM (bnc#916841).\n - CVE-2015-1210: Cross-origin-bypass in V8 bindings (bnc#916843).\n - CVE-2015-1211: Privilege escalation using service workers (bnc#916838).\n - CVE-2015-1212: Various fixes from internal audits, fuzzing and other\n initiatives (bnc#916840).\n - CVE-2014-7923: Memory corruption in ICU (bnc#914468).\n - CVE-2014-7924: Use-after-free in IndexedDB (bnc#914468).\n - CVE-2014-7925: Use-after-free in WebAudio (bnc#914468).\n - CVE-2014-7926: Memory corruption in ICU (bnc#914468).\n - CVE-2014-7927: Memory corruption in V8 (bnc#914468).\n - CVE-2014-7928: Memory corruption in V8 (bnc#914468).\n - CVE-2014-7930: Use-after-free in DOM (bnc#914468).\n - CVE-2014-7931: Memory corruption in V8 (bnc#914468).\n - CVE-2014-7929: Use-after-free in DOM (bnc#914468).\n - CVE-2014-7932: Use-after-free in DOM (bnc#914468).\n - CVE-2014-7933: Use-after-free in FFmpeg (bnc#914468).\n - CVE-2014-7934: Use-after-free in DOM (bnc#914468).\n - CVE-2014-7935: Use-after-free in Speech (bnc#914468).\n - CVE-2014-7936: Use-after-free in Views (bnc#914468).\n - CVE-2014-7937: Use-after-free in FFmpeg (bnc#914468).\n - CVE-2014-7938: Memory corruption in Fonts (bnc#914468).\n - CVE-2014-7939: Same-origin-bypass in V8 (bnc#914468).\n - CVE-2014-7940: Uninitialized-value in ICU (bnc#914468).\n - CVE-2014-7941: Out-of-bounds read in UI (bnc#914468).\n - CVE-2014-7942: Uninitialized-value in Fonts (bnc#914468).\n - CVE-2014-7943: Out-of-bounds read in Skia\n - CVE-2014-7944: Out-of-bounds read in PDFium\n - CVE-2014-7945: Out-of-bounds read in PDFium\n - CVE-2014-7946: Out-of-bounds read in Fonts\n - CVE-2014-7947: Out-of-bounds read in PDFium\n - CVE-2014-7948: Caching error in AppCache\n - CVE-2015-1205: Various fixes from internal audits, fuzzing and other\n initiatives\n\n These non-security issues were fixed:\n - Fix using 'echo' command in chromium-browser.sh script\n\n", "edition": 1, "reporter": "Suse", "published": "2015-03-06T13:04:51", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7923", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2014-7948", "CVE-2014-7940", "CVE-2015-1210", "CVE-2014-7933", "CVE-2014-7932", "CVE-2015-1212", "CVE-2014-7941", "CVE-2014-7939", "CVE-2015-1209", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2015-1211", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2015-03-06T13:04:51", "id": "OPENSUSE-SU-2015:0441-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:14:55", "references": ["https://bugzilla.suse.com/920825"], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromedriver", "packageFilename": "chromedriver-41.0.2272.76-72.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium", "packageFilename": "chromium-41.0.2272.76-72.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-debuginfo", "packageFilename": "chromium-debuginfo-41.0.2272.76-72.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-ffmpegsumo", "packageFilename": "chromium-ffmpegsumo-41.0.2272.76-72.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-desktop-kde", "packageFilename": "chromium-desktop-kde-41.0.2272.76-72.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-debuginfo", "packageFilename": "chromium-debuginfo-41.0.2272.76-72.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-desktop-gnome", "packageFilename": "chromium-desktop-gnome-41.0.2272.76-72.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-ffmpegsumo", "packageFilename": "chromium-ffmpegsumo-41.0.2272.76-72.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-desktop-kde", "packageFilename": "chromium-desktop-kde-41.0.2272.76-17.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-ffmpegsumo", "packageFilename": "chromium-ffmpegsumo-41.0.2272.76-17.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromedriver", "packageFilename": "chromedriver-41.0.2272.76-72.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-desktop-gnome", "packageFilename": "chromium-desktop-gnome-41.0.2272.76-17.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-debuginfo", "packageFilename": "chromium-debuginfo-41.0.2272.76-17.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-debugsource", "packageFilename": "chromium-debugsource-41.0.2272.76-72.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-ffmpegsumo", "packageFilename": "chromium-ffmpegsumo-41.0.2272.76-17.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-debugsource", "packageFilename": "chromium-debugsource-41.0.2272.76-17.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-desktop-kde", "packageFilename": "chromium-desktop-kde-41.0.2272.76-72.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-ffmpegsumo-debuginfo", "packageFilename": "chromium-ffmpegsumo-debuginfo-41.0.2272.76-72.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromedriver-debuginfo", "packageFilename": "chromedriver-debuginfo-41.0.2272.76-17.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-ffmpegsumo-debuginfo", "packageFilename": "chromium-ffmpegsumo-debuginfo-41.0.2272.76-17.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-ffmpegsumo-debuginfo", "packageFilename": "chromium-ffmpegsumo-debuginfo-41.0.2272.76-72.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-desktop-gnome", "packageFilename": "chromium-desktop-gnome-41.0.2272.76-17.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium", "packageFilename": "chromium-41.0.2272.76-17.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromedriver", "packageFilename": "chromedriver-41.0.2272.76-17.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium", "packageFilename": "chromium-41.0.2272.76-72.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-debugsource", "packageFilename": "chromium-debugsource-41.0.2272.76-72.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromedriver", "packageFilename": "chromedriver-41.0.2272.76-17.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromedriver-debuginfo", "packageFilename": "chromedriver-debuginfo-41.0.2272.76-17.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium", "packageFilename": "chromium-41.0.2272.76-17.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-debugsource", "packageFilename": "chromium-debugsource-41.0.2272.76-17.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-desktop-kde", "packageFilename": "chromium-desktop-kde-41.0.2272.76-17.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-ffmpegsumo-debuginfo", "packageFilename": "chromium-ffmpegsumo-debuginfo-41.0.2272.76-17.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "41.0.2272.76-17.1", "packageName": "chromium-debuginfo", "packageFilename": "chromium-debuginfo-41.0.2272.76-17.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromium-desktop-gnome", "packageFilename": "chromium-desktop-gnome-41.0.2272.76-72.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromedriver-debuginfo", "packageFilename": "chromedriver-debuginfo-41.0.2272.76-72.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "41.0.2272.76-72.1", "packageName": "chromedriver-debuginfo", "packageFilename": "chromedriver-debuginfo-41.0.2272.76-72.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "Chromium was updated to 41.0.2272.76 (bnc#920825)\n\n Security fixes:\n * CVE-2015-1212: Out-of-bounds write in media\n * CVE-2015-1213: Out-of-bounds write in skia filters\n * CVE-2015-1214: Out-of-bounds write in skia filters\n * CVE-2015-1215: Out-of-bounds write in skia filters\n * CVE-2015-1216: Use-after-free in v8 bindings\n * CVE-2015-1217: Type confusion in v8 bindings\n * CVE-2015-1218: Use-after-free in dom\n * CVE-2015-1219: Integer overflow in webgl\n * CVE-2015-1220: Use-after-free in gif decoder\n * CVE-2015-1221: Use-after-free in web databases\n * CVE-2015-1222: Use-after-free in service workers\n * CVE-2015-1223: Use-after-free in dom\n * CVE-2015-1230: Type confusion in v8\n * CVE-2015-1224: Out-of-bounds read in vpxdecoder\n * CVE-2015-1225: Out-of-bounds read in pdfium\n * CVE-2015-1226: Validation issue in debugger\n * CVE-2015-1227: Uninitialized value in blink\n * CVE-2015-1228: Uninitialized value in rendering\n * CVE-2015-1229: Cookie injection via proxies\n * CVE-2015-1231: Various fixes from internal audits\n * Multiple vulnerabilities in V8 fixed at the tip of the 4.1 branch\n\n", "edition": 1, "reporter": "Suse", "published": "2015-03-16T16:05:28", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "suse", "title": "Security update to Chromium 41.0.2272.76 (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2015-1220", "CVE-2015-1218", "CVE-2015-1214", "CVE-2015-1223", "CVE-2015-1225", "CVE-2015-1231", "CVE-2015-1217", "CVE-2015-1213", "CVE-2015-1227", "CVE-2015-1212", "CVE-2015-1228", "CVE-2015-1224", "CVE-2015-1215", "CVE-2015-1222", "CVE-2015-1226", "CVE-2015-1219", "CVE-2015-1229", "CVE-2015-1221", "CVE-2015-1216", "CVE-2015-1230"], "modified": "2015-03-16T16:05:28", "id": "OPENSUSE-SU-2015:0505-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00019.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2017-04-18T15:55:22", "references": ["https://src.chromium.org/viewvc/blink?revision=187509&view=revision", "http://rhn.redhat.com/errata/RHSA-2015-0093.html", "http://www.securitytracker.com/id/1031623", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "http://security.gentoo.org/glsa/glsa-201502-13.xml", "http://www.securityfocus.com/bid/72288", "http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "http://www.ubuntu.com/usn/USN-2476-1", "https://code.google.com/p/chromium/issues/detail?id=414109", "http://secunia.com/advisories/62665"], "edition": 2, "description": "The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors related to the Fonts implementation.", "reporter": "NVD", "published": "2015-01-22T17:59:26", "title": "CVE-2014-7946", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7946"], "scanner": [], "modified": "2017-01-02T21:59:15", "cpe": ["cpe:/a:google:chrome:40.0.2214.85"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7946", "id": "CVE-2014-7946", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:55:22", "references": ["http://rhn.redhat.com/errata/RHSA-2015-0093.html", "http://www.securitytracker.com/id/1031623", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "http://security.gentoo.org/glsa/glsa-201502-13.xml", "https://code.google.com/p/chromium/issues/detail?id=427249", "http://www.securityfocus.com/bid/72288", "http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "http://www.ubuntu.com/usn/USN-2476-1", "https://src.chromium.org/viewvc/blink?revision=185598&view=revision", "https://src.chromium.org/viewvc/blink?revision=185504&view=revision", "http://secunia.com/advisories/62665"], "edition": 2, "description": "Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures.", "reporter": "NVD", "published": "2015-01-22T17:59:15", "title": "CVE-2014-7934", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7934"], "scanner": [], "modified": "2017-01-02T21:59:14", "cpe": ["cpe:/a:google:chrome:40.0.2214.85"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7934", "id": "CVE-2014-7934", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:55:22", "references": ["http://rhn.redhat.com/errata/RHSA-2015-0093.html", "http://www.securitytracker.com/id/1031623", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "http://security.gentoo.org/glsa/glsa-201502-13.xml", "http://www.securityfocus.com/bid/72288", "http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "https://codereview.chromium.org/824843002", "http://www.ubuntu.com/usn/USN-2476-1", "http://secunia.com/advisories/62665", "https://code.google.com/p/chromium/issues/detail?id=444695"], "edition": 2, "description": "The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.", "reporter": "NVD", "published": "2015-01-22T17:59:08", "title": "CVE-2014-7927", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7927"], "scanner": [], "modified": "2017-01-02T21:59:13", "cpe": ["cpe:/a:google:chrome:40.0.2214.85"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7927", "id": "CVE-2014-7927", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:55:22", "references": ["http://rhn.redhat.com/errata/RHSA-2015-0093.html", "http://www.securitytracker.com/id/1031623", "https://code.google.com/p/chromium/issues/detail?id=435073", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "http://security.gentoo.org/glsa/glsa-201502-13.xml", "http://www.securityfocus.com/bid/72288", "http://secunia.com/advisories/62383", "https://codereview.chromium.org/737383002", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "http://www.ubuntu.com/usn/USN-2476-1", "http://secunia.com/advisories/62665"], "edition": 2, "description": "hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, does not properly handle arrays with holes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers an array copy.", "reporter": "NVD", "published": "2015-01-22T17:59:09", "title": "CVE-2014-7928", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7928"], "scanner": [], "modified": "2017-01-02T21:59:13", "cpe": ["cpe:/a:google:chrome:40.0.2214.85"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7928", "id": "CVE-2014-7928", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:55:22", "references": ["http://rhn.redhat.com/errata/RHSA-2015-0093.html", "https://code.google.com/p/chromium/issues/detail?id=419060", "http://www.securitytracker.com/id/1031623", "https://chromium.googlesource.com/chromium/third_party/ffmpeg/+/d4608b7c83f56b17f14fdd94990341f62bb52f92", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "http://security.gentoo.org/glsa/glsa-201502-13.xml", "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c50704ebf1777bee76772c4835d9760b3721057", "http://www.securityfocus.com/bid/72288", "http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "https://security.gentoo.org/glsa/201603-06", "http://www.ubuntu.com/usn/USN-2476-1", "http://secunia.com/advisories/62665"], "edition": 2, "description": "Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorbis I data.", "reporter": "NVD", "published": "2015-01-22T17:59:18", "title": "CVE-2014-7937", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7937"], "scanner": [], "modified": "2017-01-02T21:59:14", "cpe": ["cpe:/a:google:chrome:40.0.2214.85", "cpe:/a:ffmpeg:ffmpeg:2.4.1"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7937", "id": "CVE-2014-7937", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:55:22", "references": ["http://rhn.redhat.com/errata/RHSA-2015-0093.html", "http://www.securitytracker.com/id/1031623", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "http://security.gentoo.org/glsa/glsa-201502-13.xml", "http://www.securityfocus.com/bid/72288", "http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "http://www.ubuntu.com/usn/USN-2476-1", "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682", "https://code.google.com/p/chromium/issues/detail?id=427266", "http://secunia.com/advisories/62665"], "edition": 2, "description": "Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data.", "reporter": "NVD", "published": "2015-01-22T17:59:14", "title": "CVE-2014-7933", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7933"], "scanner": [], "modified": "2017-01-02T21:59:14", "cpe": ["cpe:/a:google:chrome:40.0.2214.85", "cpe:/a:ffmpeg:ffmpeg:2.5.0"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7933", "id": "CVE-2014-7933", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:55:22", "references": ["http://rhn.redhat.com/errata/RHSA-2015-0093.html", "http://www.securitytracker.com/id/1031623", "https://src.chromium.org/viewvc/blink?revision=187435&view=revision", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "http://security.gentoo.org/glsa/glsa-201502-13.xml", "http://www.securityfocus.com/bid/72288", "http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "http://www.ubuntu.com/usn/USN-2476-1", "https://code.google.com/p/chromium/issues/detail?id=442806", "http://secunia.com/advisories/62665"], "edition": 2, "description": "Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data.", "reporter": "NVD", "published": "2015-01-22T17:59:11", "title": "CVE-2014-7930", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7930"], "scanner": [], "modified": "2017-01-02T21:59:13", "cpe": ["cpe:/a:google:chrome:40.0.2214.85"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7930", "id": "CVE-2014-7930", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:55:23", "references": ["http://rhn.redhat.com/errata/RHSA-2015-0093.html", "http://www.securitytracker.com/id/1031623", "https://codereview.chromium.org/725573004", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "https://codereview.chromium.org/579593003", "http://security.gentoo.org/glsa/glsa-201502-13.xml", "http://www.securityfocus.com/bid/72288", "http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "https://code.google.com/p/chromium/issues/detail?id=414026", "http://www.ubuntu.com/usn/USN-2476-1", "https://codereview.chromium.org/645123003", "http://secunia.com/advisories/62665"], "edition": 2, "description": "The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcache_update_job.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5 application content via a crafted certificate.", "reporter": "NVD", "published": "2015-01-22T17:59:27", "title": "CVE-2014-7948", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7948"], "scanner": [], "modified": "2017-01-02T21:59:15", "cpe": ["cpe:/a:google:chrome:40.0.2214.85"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7948", "id": "CVE-2014-7948", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-18T15:55:22", "references": ["http://rhn.redhat.com/errata/RHSA-2015-0093.html", "http://www.securitytracker.com/id/1031623", "https://codereview.chromium.org/813023002", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "http://security.gentoo.org/glsa/glsa-201502-13.xml", "http://www.securityfocus.com/bid/72288", "http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "https://code.google.com/p/chromium/issues/detail?id=442710", "http://www.ubuntu.com/usn/USN-2476-1", "http://secunia.com/advisories/62665"], "edition": 2, "description": "factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of backing-store pointers.", "reporter": "NVD", "published": "2015-01-22T17:59:12", "title": "CVE-2014-7931", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7931"], "scanner": [], "modified": "2017-01-02T21:59:13", "cpe": ["cpe:/a:google:chrome:40.0.2214.85"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7931", "id": "CVE-2014-7931", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:55:22", "references": ["http://rhn.redhat.com/errata/RHSA-2015-0093.html", "http://www.securitytracker.com/id/1031623", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html", "http://security.gentoo.org/glsa/glsa-201502-13.xml", "https://src.chromium.org/viewvc/blink?revision=185670&view=revision", "http://www.securityfocus.com/bid/72288", "http://secunia.com/advisories/62383", "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "https://code.google.com/p/chromium/issues/detail?id=429666", "http://www.ubuntu.com/usn/USN-2476-1", "http://secunia.com/advisories/62665"], "edition": 2, "description": "Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving pending updates of detached elements.", "reporter": "NVD", "published": "2015-01-22T17:59:13", "title": "CVE-2014-7932", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-7932"], "scanner": [], "modified": "2017-01-02T21:59:13", "cpe": ["cpe:/a:google:chrome:40.0.2214.85"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7932", "id": "CVE-2014-7932", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:16", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7923", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7924", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7943", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9647", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1210", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7926", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7927", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7944", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7932", "https://bugs.gentoo.org/show_bug.cgi?id=537366", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7938", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7936", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7940", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7939", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1209", "https://bugs.gentoo.org/show_bug.cgi?id=539094", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9648", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9646", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7934", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1359", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7925", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7945", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7946", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7929", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1346", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7928", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7933", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7931", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1361", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7947", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1212", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7948", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1211", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7942", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7937", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7935", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7930", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1205", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1360", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7941"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "40.0.2214.111", "packageName": "www-client/chromium", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nChromium is an open-source web browser project.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker may be able to cause a Denial of Service condition, gain privileges via a filesystem: URI, or have other unspecified impact. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-40.0.2214.111\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2015-02-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "Chromium: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7923", "CVE-2014-9646", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2015-1361", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2015-1210", "CVE-2015-1346", "CVE-2014-7933", "CVE-2014-7932", "CVE-2015-1212", "CVE-2014-9648", "CVE-2014-7941", "CVE-2014-7939", "CVE-2015-1209", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2015-1211", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-9647", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2015-02-17T00:00:00", "id": "GLSA-201502-13", "href": "https://security.gentoo.org/glsa/201502-13", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:03", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7923", "https://bugs.gentoo.org/show_bug.cgi?id=539108", "https://bugs.gentoo.org/show_bug.cgi?id=537560", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7926", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7940", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9654"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "54.1-r1", "packageName": "dev-libs/icu", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nICU is a mature, widely used set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. \n\n### Description\n\nMultiple vulnerabilities have been discovered in ICU. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker can cause Denial of Service.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll ICU users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/icu-54.1-r1\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2015-03-14T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "gentoo", "title": "ICU: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7923", "CVE-2014-7940", "CVE-2014-9654", "CVE-2014-7926"], "modified": "2015-03-14T00:00:00", "id": "GLSA-201503-06", "href": "https://security.gentoo.org/glsa/201503-06", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:01", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9603", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7023", "https://bugs.gentoo.org/show_bug.cgi?id=493452", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9317", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0878", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0866", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5272", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7016", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8548", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0864", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7011", "https://bugs.gentoo.org/show_bug.cgi?id=485228", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3395", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4264", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7024", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0868", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4263", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0876", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5271", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0861", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0863", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0872", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8542", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8543", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8547", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7020", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0865", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2098", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8546", "https://bugs.gentoo.org/show_bug.cgi?id=553734", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7013", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0867", "https://bugs.gentoo.org/show_bug.cgi?id=520132", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7008", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7021", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0873", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0877", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7018", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2263", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0874", "https://bugs.gentoo.org/show_bug.cgi?id=548006", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2097", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8541", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7012", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7009", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7014", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9316", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0875", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4265", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9604", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9602", "https://bugs.gentoo.org/show_bug.cgi?id=494038", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9318", "https://bugs.gentoo.org/show_bug.cgi?id=536218", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0860", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8545", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7019", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7015", "https://bugs.gentoo.org/show_bug.cgi?id=488052", "https://bugs.gentoo.org/show_bug.cgi?id=515282", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7937", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8549", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7010", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0862", "https://bugs.gentoo.org/show_bug.cgi?id=486692", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8544", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7017", "https://bugs.gentoo.org/show_bug.cgi?id=537558", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7022", "https://bugs.gentoo.org/show_bug.cgi?id=492742", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9319"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "2.6.3", "packageName": "media-video/ffmpeg", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nFFmpeg is a complete, cross-platform solution to record, convert and stream audio and video. \n\n### Description\n\nMultiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll FFmpeg users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-video/ffmpeg-2.6.3\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2016-03-12T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "gentoo", "title": "FFmpeg: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8547", "CVE-2013-0861", "CVE-2014-9602", "CVE-2014-8544", "CVE-2014-8542", "CVE-2014-8545", "CVE-2013-7021", "CVE-2014-7937", "CVE-2013-0862", "CVE-2013-7022", "CVE-2014-2263", "CVE-2014-9316", "CVE-2014-8543", "CVE-2014-2098", "CVE-2014-2097", "CVE-2013-0863", "CVE-2014-9319", "CVE-2013-7015", "CVE-2013-0877", "CVE-2013-0875", "CVE-2013-7012", "CVE-2013-0866", "CVE-2013-0873", "CVE-2014-9604", "CVE-2013-0872", "CVE-2013-4264", "CVE-2013-4265", "CVE-2013-7019", "CVE-2013-7018", "CVE-2013-7017", "CVE-2015-3395", "CVE-2013-7016", "CVE-2014-8549", "CVE-2013-0860", "CVE-2013-7010", "CVE-2013-7023", "CVE-2014-8546", "CVE-2014-8548", "CVE-2014-9318", "CVE-2014-9317", "CVE-2014-5272", "CVE-2014-5271", "CVE-2013-0865", "CVE-2013-0867", "CVE-2013-7024", "CVE-2013-0878", "CVE-2013-7008", "CVE-2013-7011", "CVE-2014-9603", "CVE-2014-8541", "CVE-2013-7009", "CVE-2013-0876", "CVE-2013-0874", "CVE-2013-0864", "CVE-2013-0868", "CVE-2013-7014", "CVE-2013-7020", "CVE-2013-4263", "CVE-2013-7013"], "modified": "2016-03-12T00:00:00", "id": "GLSA-201603-06", "href": "https://security.gentoo.org/glsa/201603-06", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2018-11-14T14:42:27", "references": [], "description": "### *CVSS*:\n7.5\n\n### *Detect date*:\n02/06/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Google Chrome. By exploiting these vulnerabilities malicious users can gain privilleges, bypass security and cause denial of service.\n\n### *Affected products*:\nGoogle Chrome versions earlier than 40.0.2214.111\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Get Google Chrome](<https://www.google.ru/chrome/browser/desktop/>)\n\n### *Original advisories*:\n[Google blog](<http://googlechromereleases.blogspot.ru/2015/02/stable-channel-update.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2015-1211](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1211>) \n[CVE-2015-1209](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1209>) \n[CVE-2015-1210](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1210>)", "edition": 22, "reporter": "Kaspersky Lab", "published": "2015-02-06T00:00:00", "title": "\r KLA10443Multiple vulnerabilities in Google Chrome ", "type": "kaspersky", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2015-1210", "CVE-2015-1209", "CVE-2015-1211"], "modified": "2018-11-06T00:00:00", "id": "KLA10443", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10443", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-14T14:42:40", "references": [], "description": "### *CVSS*:\n7.5\n\n### *Detect date*:\n03/03/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple critical vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or inject arbitrary code.\n\n### *Affected products*:\nGoogle Chrome versions earlier than 41.0.2272.76\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.\n\n### *Original advisories*:\n[Google blog entry](<http://googlechromereleases.blogspot.ru/2015/03/stable-channel-update.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2015-1223](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1223>) \n[CVE-2015-1222](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1222>) \n[CVE-2015-1218](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1218>) \n[CVE-2015-1230](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1230>) \n[CVE-2015-1227](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1227>) \n[CVE-2015-1226](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1226>) \n[CVE-2015-1225](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1225>) \n[CVE-2015-1224](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1224>) \n[CVE-2015-1221](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1221>) \n[CVE-2015-1213](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1213>) \n[CVE-2015-1212](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1212>) \n[CVE-2015-1228](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1228>) \n[CVE-2015-1229](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1229>) \n[CVE-2015-1214](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1214>) \n[CVE-2015-1220](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1220>) \n[CVE-2015-1219](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1219>) \n[CVE-2015-1217](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1217>) \n[CVE-2015-1215](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1215>) \n[CVE-2015-1216](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1216>)", "edition": 22, "reporter": "Kaspersky Lab", "published": "2015-03-03T00:00:00", "title": "\r KLA10463Multiple vulnerabilities in Google Chrome ", "type": "kaspersky", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2015-1220", "CVE-2015-1218", "CVE-2015-1214", "CVE-2015-1223", "CVE-2015-1225", "CVE-2015-1217", "CVE-2015-1213", "CVE-2015-1227", "CVE-2015-1212", "CVE-2015-1228", "CVE-2015-1224", "CVE-2015-1215", "CVE-2015-1222", "CVE-2015-1226", "CVE-2015-1219", "CVE-2015-1229", "CVE-2015-1221", "CVE-2015-1216", "CVE-2015-1230"], "modified": "2018-11-06T00:00:00", "id": "KLA10463", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10463", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-14T14:42:33", "references": [], "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n09/16/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information.\n\n### *Affected products*:\nApple iTunes versions earlier than 12.3\n\n### *Solution*:\nUpdate to the latest version \n[Get iTunes](<http://www.apple.com/itunes/download/>)\n\n### *Original advisories*:\n[Apple advisory](<https://support.apple.com/en-us/HT205221>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iTunes](<https://threats.kaspersky.com/en/product/Apple-iTunes/>)\n\n### *CVE-IDS*:\n[CVE-2015-1152](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1152>) \n[CVE-2015-1153](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153>) \n[CVE-2015-3741](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741>) \n[CVE-2015-3746](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3746>) \n[CVE-2015-3743](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743>) \n[CVE-2015-5755](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5755>) \n[CVE-2015-3688](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3688>) \n[CVE-2015-1205](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1205>) \n[CVE-2015-3747](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747>) \n[CVE-2015-3744](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3744>) \n[CVE-2015-5806](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5806>) \n[CVE-2015-3734](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3734>) \n[CVE-2015-3748](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748>) \n[CVE-2015-3742](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3742>) \n[CVE-2015-3738](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3738>) \n[CVE-2015-3740](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3740>) \n[CVE-2015-3733](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3733>) \n[CVE-2015-5822](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822>) \n[CVE-2015-5803](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5803>) \n[CVE-2015-5823](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5823>) \n[CVE-2015-5804](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5804>) \n[CVE-2015-5797](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5797>) \n[CVE-2015-5796](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5796>) \n[CVE-2015-1157](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1157>) \n[CVE-2015-3745](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745>) \n[CVE-2015-5790](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5790>) \n[CVE-2015-5810](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5810>) \n[CVE-2015-5811](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5811>) \n[CVE-2015-5795](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5795>) \n[CVE-2015-5794](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794>) \n[CVE-2015-5793](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5793>) \n[CVE-2015-5792](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5792>) \n[CVE-2015-5920](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5920>) \n[CVE-2015-5805](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5805>) \n[CVE-2015-3730](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3730>) \n[CVE-2015-5761](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5761>) \n[CVE-2015-5813](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5813>) \n[CVE-2015-5812](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5812>) \n[CVE-2015-5791](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5791>) \n[CVE-2015-5789](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5789>) \n[CVE-2015-5814](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5814>) \n[CVE-2015-5819](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5819>) \n[CVE-2015-5799](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5799>) \n[CVE-2015-3686](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3686>) \n[CVE-2015-3687](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3687>) \n[CVE-2015-5815](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5815>) \n[CVE-2015-5807](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5807>) \n[CVE-2015-5817](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5817>) \n[CVE-2015-5816](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5816>) \n[CVE-2015-3735](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3735>) \n[CVE-2015-3736](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3736>) \n[CVE-2015-5801](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801>) \n[CVE-2015-5802](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5802>) \n[CVE-2015-5798](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5798>) \n[CVE-2015-5808](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5808>) \n[CVE-2015-5818](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5818>) \n[CVE-2015-3749](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749>) \n[CVE-2015-3737](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3737>) \n[CVE-2015-3731](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731>) \n[CVE-2015-3739](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3739>) \n[CVE-2014-8146](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146>) \n[CVE-2010-3190](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3190>) \n[CVE-2015-5800](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5800>) \n[CVE-2015-5821](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5821>) \n[CVE-2015-5874](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5874>) \n[CVE-2015-5809](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809>)", "edition": 22, "reporter": "Kaspersky Lab", "published": "2015-09-16T00:00:00", "title": "\r KLA10669Multiple vulnerabilities in Apple iTunes ", "type": "kaspersky", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2015-3733", "CVE-2015-1157", "CVE-2015-3736", "CVE-2015-3686", "CVE-2015-5798", "CVE-2015-3688", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-5796", "CVE-2015-1205", "CVE-2015-5874", "CVE-2015-5808", "CVE-2015-5812", "CVE-2015-3731", "CVE-2015-3687", "CVE-2015-5805", "CVE-2015-3738", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-3740", "CVE-2015-3739", "CVE-2015-5807", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-3730", "CVE-2015-5802", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5789", "CVE-2015-5761", "CVE-2015-5813", "CVE-2015-5821", "CVE-2015-3749", "CVE-2015-3742", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-3748", "CVE-2014-8146", "CVE-2015-1152", "CVE-2015-5815", "CVE-2015-3746", "CVE-2015-5920", "CVE-2015-5755", "CVE-2015-5810", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5823", "CVE-2015-3735", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-3737", "CVE-2010-3190"], "modified": "2018-11-06T00:00:00", "id": "KLA10669", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10669", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:42", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "6", "packageVersion": "4.4.1-8+squeeze3", "arch": "all", "packageFilename": "icu_4.4.1-8+squeeze3_all.deb", "packageName": "icu", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "4.4.1-8+squeeze3", "arch": "all", "packageFilename": "icu-doc_4.4.1-8+squeeze3_all.deb", "packageName": "icu-doc", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "4.4.1-8+squeeze3", "arch": "all", "packageFilename": "libicu-dev_4.4.1-8+squeeze3_all.deb", "packageName": "libicu-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "4.4.1-8+squeeze3", "arch": "all", "packageFilename": "libicu44-dbg_4.4.1-8+squeeze3_all.deb", "packageName": "libicu44-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "4.4.1-8+squeeze3", "arch": "all", "packageFilename": "libicu44_4.4.1-8+squeeze3_all.deb", "packageName": "libicu44", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "4.4.1-8+squeeze3", "arch": "all", "packageFilename": "lib32icu-dev_4.4.1-8+squeeze3_all.deb", "packageName": "lib32icu-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "4.4.1-8+squeeze3", "arch": "all", "packageFilename": "lib32icu44_4.4.1-8+squeeze3_all.deb", "packageName": "lib32icu44", "operator": "lt"}], "description": "Package : icu\nVersion : 4.4.1-8+squeeze3\nCVE ID : CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419\n CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926\n CVE-2014-7940 CVE-2014-9654\n\nSeveral vulnerabilities were discovered in the International Components\nfor Unicode (ICU) library:\n\nCVE-2013-1569\n\n Glyph table issue.\n\nCVE-2013-2383\n\n Glyph table issue.\n\nCVE-2013-2384\n\n Font layout issue.\n\nCVE-2013-2419\n\n Font processing issue.\n\nCVE-2014-6585\n\n Out-of-bounds read.\n\nCVE-2014-6591\n\n Additional out-of-bounds reads.\n\nCVE-2014-7923\n\n Memory corruption in regular expression comparison.\n\nCVE-2014-7926\n\n Memory corruption in regular expression comparison.\n\nCVE-2014-7940\n\n Uninitialized memory.\n\nCVE-2014-9654\n\n More regular expression flaws.\n\nFor Debian 6 \u201cSqueeze\u201d, these issues have been fixed in icu version\n4.4.1-8+squeeze3.\n", "edition": 1, "reporter": "Debian", "published": "2015-05-14T09:45:48", "title": "[SECURITY] [DLA 219-1] icu security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:42", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-05-14T09:45:48", "id": "DEBIAN:DLA-219-1:C7AC1", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201505/msg00003.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-18T13:50:00", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "7", "packageVersion": "4.8.1.1-12+deb7u2", "arch": "all", "packageFilename": "icu_4.8.1.1-12+deb7u2_all.deb", "packageName": "icu", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3187-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nMarch 15, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : icu\nCVE ID : CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419\n CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926\n CVE-2014-7940 CVE-2014-9654\nDebian Bug : 775884 776264 776265 776719\n\nSeveral vulnerabilities were discovered in the International Components\nfor Unicode (ICU) library.\n\nCVE-2013-1569\n\n Glyph table issue.\n\nCVE-2013-2383\n\n Glyph table issue.\n\nCVE-2013-2384\n\n Font layout issue.\n\nCVE-2013-2419\n\n Font processing issue.\n\nCVE-2014-6585\n\n Out-of-bounds read.\n\nCVE-2014-6591\n\n Additional out-of-bounds reads.\n\nCVE-2014-7923\n\n Memory corruption in regular expression comparison.\n\nCVE-2014-7926\n\n Memory corruption in regular expression comparison.\n\nCVE-2014-7940\n\n Uninitialized memory.\n\nCVE-2014-9654\n\n More regular expression flaws.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 4.8.1.1-12+deb7u2.\n\nFor the upcoming stable (jessie) and unstable (sid) distributions, these\nproblems have been fixed in version 52.1-7.1.\n\nWe recommend that you upgrade your icu packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "reporter": "Debian", "published": "2015-03-15T05:02:46", "title": "[SECURITY] [DSA 3187-1] icu security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:50:00", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-2384", "CVE-2014-7923", "CVE-2014-6585", "CVE-2014-7940", "CVE-2014-9654", "CVE-2013-2419", "CVE-2014-7926", "CVE-2014-6591", "CVE-2013-2383", "CVE-2013-1569"], "modified": "2015-03-15T05:02:46", "id": "DEBIAN:DSA-3187-1:97BB3", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00072.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-18T13:48:30", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "7", "packageVersion": "6:0.8.17-1", "arch": "all", "packageFilename": "libav_6:0.8.17-1_all.deb", "packageName": "libav", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3189-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 15, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libav\nCVE ID : CVE-2014-7933 CVE-2014-8543 CVE-2014-8544 CVE-2014-8547 \n CVE-2014-8548 CVE-2014-9604\n\nSeveral security issues have been corrected in multiple demuxers and\ndecoders of the libav multimedia library. A full list of the changes is\navailable at\nhttp://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.17\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 6:0.8.17-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 6:11.3-1.\n\nWe recommend that you upgrade your libav packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "reporter": "Debian", "published": "2015-03-15T19:49:57", "title": "[SECURITY] [DSA 3189-1] libav security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:48:30", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8547", "CVE-2014-8544", "CVE-2014-8543", "CVE-2014-9604", "CVE-2014-7933", "CVE-2014-8548"], "modified": "2015-03-15T19:49:57", "id": "DEBIAN:DSA-3189-1:D7FDF", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00074.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oracle": [{"lastseen": "2018-08-31T04:13:56", "references": [], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n \n\n\n**Oracle continues to periodically receive reports of malicious exploitation of vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that malicious attackers have been successful because customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\n \n\n\nThis Critical Patch Update contains 153 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n \n\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\n \n\n", "edition": 3, "reporter": "Oracle", "published": "2015-10-20T00:00:00", "title": "Oracle Critical Patch Update - October 2015", "type": "oracle", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Oracle Access Manager", "version": "11.1.2.3", "operator": "le"}, {"name": "Oracle Configurator", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.3.0.0", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "7.6.2", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "12.2.2", "operator": "le"}, {"name": "Database Scheduler", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "3.0", "operator": "le"}, {"name": "Java SE, JavaFX", "version": "2.2.85", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.4", "operator": "le"}, {"name": "Java SE", "version": "6u101", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.6.1.0.0", "operator": "le"}, {"name": "Oracle Outside In Technology", "version": "8.5.1", "operator": "le"}, {"name": "Mobile Server", "version": "12.1.0.0", "operator": "le"}, {"name": "XDB - XML Database", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "11.1.1.8.0", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "13.3", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "13.0", "operator": "le"}, {"name": "Oracle Utilities Work and Asset Management", "version": "1.9.1.1.2", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "13.1", "operator": "le"}, {"name": "Siebel Core - Server Framework", "version": "2015", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Communications Diameter Signaling Router (DSR)", "version": "4.1.6", "operator": "le"}, {"name": "Oracle Payments", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Communications Diameter Signaling Router (DSR)", "version": "6.0.2", "operator": "le"}, {"name": "Siebel Core - Server Framework", "version": "2014", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "8u51", "operator": "le"}, {"name": "Oracle iSupplier Portal", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Retail Returns Management:", "version": "2.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "12.0", "operator": "le"}, {"name": "Java VM", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle FS1-2 Flash Storage System", "version": "6.2", "operator": "le"}, {"name": "Oracle Outside In Technology", "version": "8.5.2", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "12.1.2.0", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Configurator", "version": "12.0.6", "operator": "le"}, {"name": "Mobile Server", "version": "11.3.0.2", "operator": "le"}, {"name": "Oracle Configurator", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.4", "operator": "le"}, {"name": "Oracle FS1-2 Flash Storage System", "version": "6.3", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.20", "operator": "le"}, {"name": "Oracle Identity Manager", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Enterprise Data Quality", "version": "8.1", "operator": "le"}, {"name": "Java SE", "version": "8u60", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "12.0IN", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.4.0.0", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.2", "operator": "le"}, {"name": "Oracle Report Manager", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Retail Returns Management:", "version": "14.0.", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "6u101", "operator": "le"}, {"name": "Oracle Communications Policy Management", "version": "12.1.0", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.0.30", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "13.3", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.0.6", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "5.0.8", "operator": "le"}, {"name": "Oracle Exalogic Infrastructure", "version": "2.0.6.2.3", "operator": "le"}, {"name": "Oracle Communications LSMS", "version": "13.1", "operator": "le"}, {"name": "Oracle Communications Diameter Signaling Router (DSR)", "version": "5.1.0", "operator": "le"}, {"name": "XDB - XML Database", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Report Manager", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.5.1.1", "operator": "le"}, {"name": "RDBMS", "version": "12.1.0.2", "operator": "le"}, {"name": "Portable Clusterware", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle iSupplier Portal", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.1", "operator": "le"}, {"name": "Oracle Agile Engineering Data Management", "version": "6.2.0.0", "operator": "le"}, {"name": "Oracle Payments", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Communications Policy Management", "version": "10.5.0", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "12.1.0.4", "operator": "le"}, {"name": "Oracle Report Manager", "version": "12.2.3", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.54", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "5.0.0", "operator": "le"}, {"name": "Oracle Communications Policy Management", "version": "9.9.0", "operator": "le"}, {"name": "Oracle Access Manager", "version": "11.1.2.2", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.44", "operator": "le"}, {"name": "Java VM", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.4", "operator": "le"}, {"name": "Oracle Traffic Director", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "11.1.2.4.0", "operator": "le"}, {"name": "Oracle Communications Performance Intelligence Center Software", "version": "10.1.5", "operator": "le"}, {"name": "Oracle Agile Engineering Data Management", "version": "6.1.2.2", "operator": "le"}, {"name": "Oracle Communications Diameter Signaling Router (DSR)", "version": "7.1.0", "operator": "le"}, {"name": "Oracle iSupplier Portal", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "2.0", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "28.3.7", "operator": "le"}, {"name": "Oracle Communications Messaging Server", "version": "7.0.5", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.1.3", "operator": "le"}, {"name": "Solaris", "version": "10", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.1.38", "operator": "le"}, {"name": "Oracle Applications Technology Stack", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.1.42", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.2.34", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.0.6", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "8u60", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.3.32", "operator": "le"}, {"name": "Oracle Identity Manager", "version": "11.1.2.3", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Payments", "version": "12.1.3", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM Talent Acquistion Managment", "version": "9.2", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "12.0IN", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.23", "operator": "le"}, {"name": "Integrated Lights Out Manager (ILOM)", "version": "3.1", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.24", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.25", "operator": "le"}, {"name": "Portable Clusterware", "version": "12.1.0.1", "operator": "le"}, {"name": "Integrated Lights Out Manager (ILOM)", "version": "3.2", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.0.34", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "2.0", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "11.1.1.6.1", "operator": "le"}, {"name": "Oracle Enterprise Data Quality", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Oracle Traffic Director", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Fujitsu M10-1, M10-4, M10-4S Servers", "version": "2271", "operator": "le"}, {"name": "Oracle Enterprise Data Quality", "version": "11.1.1.7.4", "operator": "le"}, {"name": "Oracle Communications Messaging Server", "version": "8.0", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.3", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "8u60", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "13.4", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "13.2", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "12.1.2.0.0", "operator": "le"}, {"name": "PeopleSoft Enterprise FIN Expenses", "version": "9.2", "operator": "le"}, {"name": "Oracle WebCenter Content", "version": "10.1.3.5.1", "operator": "le"}, {"name": "Oracle Enterprise Data Quality", "version": "9.0", "operator": "le"}, {"name": "Solaris", "version": "11.2", "operator": "le"}, {"name": "Oracle Retail Returns Management:", "version": "13.0", "operator": "le"}, {"name": "Oracle Retail Returns Management:", "version": "13.1", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Report Manager", "version": "12.2.4", "operator": "le"}, {"name": "RDBMS", "version": "12.1.0.1", "operator": "le"}, {"name": "OSS Support Tools", "version": "8.8.15.7.15", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.2.30", "operator": "le"}, {"name": "Oracle iSupplier Portal", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "14.0.", "operator": "le"}, {"name": "XDB - XML Database", "version": "12.1.0.2", "operator": "le"}, {"name": "Database Scheduler", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1.1.9", "operator": "le"}, {"name": "Oracle Outside In Technology", "version": "8.5.0", "operator": "le"}, {"name": "Mobile Server", "version": "10.3.0.3", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.45", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "6u101", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.0.20", "operator": "le"}, {"name": "Oracle Retail Returns Management:", "version": "12.0", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "2.3.20", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.53", "operator": "le"}, {"name": "Oracle FS1-2 Flash Storage System", "version": "6.1", "operator": "le"}, {"name": "Oracle Mobile Security Suite", "version": "3.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.0.6", "operator": "le"}, {"name": "Portable Clusterware", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Retail Returns Management:", "version": "13.3", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "14.0.", "operator": "le"}, {"name": "Oracle Agile Engineering Data Management", "version": "6.1.3.0", "operator": "le"}, {"name": "Database Scheduler", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.3", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM", "version": "9.2", "operator": "le"}, {"name": "Oracle Retail Returns Management:", "version": "13.4", "operator": "le"}, {"name": "Integrated Lights Out Manager (ILOM)", "version": "3.0", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "13.1", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.0.1", "operator": "le"}, {"name": "Oracle Retail Returns Management:", "version": "12.0IN", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.0.22", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "13.0", "operator": "le"}, {"name": "Oracle Communications Policy Management", "version": "11.5.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.1.3", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.26", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "12.1.0.5", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "13.2", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "8u51", "operator": "le"}, {"name": "Oracle Communications Convergence", "version": "2.0", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Payments", "version": "12.2.3", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "7u85", "operator": "le"}, {"name": "Oracle Communications Convergence", "version": "3.0.1", "operator": "le"}, {"name": "PeopleSoft Enterprise FSCM", "version": "9.2", "operator": "le"}, {"name": "Oracle Configurator", "version": "12.2.3", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "12.1.3.0", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.3.26", "operator": "le"}, {"name": "Oracle Retail Central Office", "version": "12.0", "operator": "le"}, {"name": "Oracle Retail Returns Management:", "version": "13.2", "operator": "le"}, {"name": "Oracle Payments", "version": "11.5.10.2", "operator": "le"}, {"name": "Java VM", "version": "12.1.0.1", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.43", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "10.1.3.5", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "11.5.10.2", "operator": "le"}, {"name": "Java SE, JavaFX", "version": "8u60", "operator": "le"}, {"name": "Java SE", "version": "7u85", "operator": "le"}, {"name": "Oracle Communications Tekelec HLR Router", "version": "4.0.0", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.4", "operator": "le"}, {"name": "Hyperion Installation Technology", "version": "11.1.2.3", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "7u85", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.4", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.1.2", "operator": "le"}, {"name": "Oracle Retail Back Office", "version": "13.4", "operator": "le"}, {"name": "Oracle Communications Performance Intelligence Center Software", "version": "9.0.3", "operator": "le"}, {"name": "Oracle Identity Manager", "version": "11.1.2.2", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Report Manager", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "11.1.1.9", "operator": "le"}], "cvelist": ["CVE-2015-4894", "CVE-2015-4000", "CVE-2015-4851", "CVE-2015-4895", "CVE-2015-4905", "CVE-2015-4866", "CVE-2015-4832", "CVE-2015-4822", "CVE-2015-4830", "CVE-2015-1792", "CVE-2015-4804", "CVE-2015-4816", "CVE-2015-0235", "CVE-2015-1793", "CVE-2015-4793", "CVE-2015-4863", "CVE-2014-7923", "CVE-2015-4913", "CVE-2015-4892", "CVE-2014-0191", "CVE-2015-4796", "CVE-2015-4864", "CVE-2015-4794", "CVE-2015-4887", "CVE-2015-2642", "CVE-2015-4860", "CVE-2015-3236", "CVE-2015-4868", "CVE-2014-3572", "CVE-2015-0206", "CVE-1999-0377", "CVE-2015-1789", "CVE-2015-4820", "CVE-2015-4903", "CVE-2015-0286", "CVE-2015-4906", "CVE-2014-8150", "CVE-2015-4843", "CVE-2015-4842", "CVE-2015-4910", "CVE-2015-4872", "CVE-2015-4846", "CVE-2014-3576", "CVE-2015-2522", "CVE-2015-4876", "CVE-2014-3571", "CVE-2015-4883", "CVE-2015-0288", "CVE-2014-7940", "CVE-2015-4858", "CVE-2015-4802", "CVE-2015-4882", "CVE-2015-4801", "CVE-2015-4878", "CVE-2015-4799", "CVE-2015-4811", "CVE-2015-4834", "CVE-2015-4762", "CVE-2015-0285", "CVE-2015-4815", "CVE-2015-4812", "CVE-2015-4839", "CVE-2015-4798", "CVE-2015-4891", "CVE-2015-4734", "CVE-2015-4899", "CVE-2015-3153", "CVE-2015-0207", "CVE-2015-4865", "CVE-2015-4915", "CVE-2015-4871", "CVE-2015-4800", "CVE-2014-8275", "CVE-2015-4869", "CVE-2015-0208", "CVE-2015-4828", "CVE-2015-4803", "CVE-2015-4875", "CVE-2015-4902", "CVE-2014-3570", "CVE-2015-4917", "CVE-2015-4909", "CVE-2015-4791", "CVE-2015-4805", "CVE-2015-4849", "CVE-2015-4879", "CVE-2015-4888", "CVE-2015-4838", "CVE-2015-4850", "CVE-2014-8147", "CVE-2015-4806", "CVE-2015-4825", "CVE-2015-3144", "CVE-2015-4797", "CVE-2015-4792", "CVE-2015-4837", "CVE-2015-4904", "CVE-2015-4810", "CVE-2015-4827", "CVE-2014-0050", "CVE-2015-4817", "CVE-2015-4908", "CVE-2014-3707", "CVE-2015-4912", "CVE-2015-0293", "CVE-2015-4833", "CVE-2015-4847", "CVE-2015-4848", "CVE-2015-4730", "CVE-2015-4819", "CVE-2015-4896", "CVE-2015-1788", "CVE-2015-2633", "CVE-2015-4807", "CVE-2014-8146", "CVE-2015-4901", "CVE-2015-4835", "CVE-2015-0209", "CVE-2015-3183", "CVE-2015-4873", "CVE-2015-4766", "CVE-2015-4795", "CVE-2015-4907", "CVE-2015-0204", "CVE-2014-7926", "CVE-2015-4859", "CVE-2015-1829", "CVE-2015-4898", "CVE-2015-4874", "CVE-2015-4836", "CVE-2015-4824", "CVE-2015-1790", "CVE-2015-4900", "CVE-2015-4831", "CVE-2015-4861", "CVE-2015-0291", "CVE-2015-4911", "CVE-2015-4886", "CVE-2015-2608", "CVE-2015-4809", "CVE-2015-4877", "CVE-2015-4844", "CVE-2015-4870", "CVE-2015-4881", "CVE-2015-4840", "CVE-2015-4854", "CVE-2015-0287", "CVE-2015-4856", "CVE-2015-4845", "CVE-2015-4914", "CVE-2015-4893", "CVE-2015-0289", "CVE-2015-4916", "CVE-2015-4826", "CVE-2015-0292", "CVE-2014-1569", "CVE-2015-4862", "CVE-2010-1622", "CVE-2015-4857", "CVE-2015-4890", "CVE-2015-4867", "CVE-2015-0290", "CVE-2015-0205", "CVE-2015-4884", "CVE-2015-4813", "CVE-2015-4841", "CVE-2015-1787", "CVE-2014-3569", "CVE-2015-4818", "CVE-2015-4880", "CVE-2015-1791", "CVE-2015-4823", "CVE-2015-4821"], "modified": "2016-09-29T00:00:00", "id": "ORACLE:CPUOCT2015-2367953", "href": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
