[manjaro-security] [arch-security] [ASA-201609-1] chromium: multiple issues
Levente Polyak
anthraxx at archlinux.org
Thu Sep 1 22:50:43 CEST 2016
Arch Linux Security Advisory ASA-201609-1
=========================================
Severity: Critical
Date : 2016-09-01
CVE-ID : CVE-2016-5147 CVE-2016-5148 CVE-2016-5149 CVE-2016-5150
CVE-2016-5151 CVE-2016-5152 CVE-2016-5153 CVE-2016-5154
CVE-2016-5155 CVE-2016-5156 CVE-2016-5157 CVE-2016-5158
CVE-2016-5159 CVE-2016-5160 CVE-2016-5161 CVE-2016-5162
CVE-2016-5163 CVE-2016-5164 CVE-2016-5165 CVE-2016-5166
CVE-2016-5167
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
Summary
=======
The package chromium before version 53.0.2785.89-1 is vulnerable to
multiple issues.
Resolution
==========
Upgrade to 53.0.2785.89-1.
# pacman -Syu "chromium>=53.0.2785.89-1"
The problems have been fixed upstream in version 53.0.2785.89.
Workaround
==========
None.
Description
===========
- CVE-2016-5147 CVE-2016-5148 (cross-site scripting)
Universal XSS in Blink.
- CVE-2016-5149 (script injection)
Script injection in extensions.
- CVE-2016-5150 (arbitrary code execution)
Use after free in Blink.
- CVE-2016-5151 (arbitrary code execution)
Use after free in PDFium.
- CVE-2016-5152 CVE-2016-5154 CVE-2016-5157 CVE-2016-5158 CVE-2016-5159
(arbitrary code execution)
Heap overflow in PDFium.
- CVE-2016-5153 (arbitrary code execution)
Use after destruction in Blink.
- CVE-2016-5155 CVE-2016-5163 (address bar spoofing)
Address bar spoofing.
- CVE-2016-5156 (arbitrary code execution)
Use after free in event bindings.
- CVE-2016-5160 CVE-2016-5162 (access restriction bypass)
Extensions web accessible resources bypass.
- CVE-2016-5161 (arbitrary code execution)
Type confusion in Blink.
- CVE-2016-5164 (address bar spoofing)
Universal XSS using DevTools.
- CVE-2016-5165 (script injection)
Script injection in DevTools.
- CVE-2016-5166 (smb relay attack)
SMB Relay Attack via Save Page As.
- CVE-2016-5167 (arbitrary code execution)
Various fixes from internal audits, fuzzing and other initiatives.
Impact
======
A remote attacker is able to execute arbitrary code on the affected
host, perform cross-site scripting attacks, spoof the address bar,
bypass access restrictions or have other unspecified impact.
References
==========
https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-
desktop_31.html
https://access.redhat.com/security/cve/CVE-2016-5147
https://access.redhat.com/security/cve/CVE-2016-5148
https://access.redhat.com/security/cve/CVE-2016-5149
https://access.redhat.com/security/cve/CVE-2016-5150
https://access.redhat.com/security/cve/CVE-2016-5151
https://access.redhat.com/security/cve/CVE-2016-5152
https://access.redhat.com/security/cve/CVE-2016-5153
https://access.redhat.com/security/cve/CVE-2016-5154
https://access.redhat.com/security/cve/CVE-2016-5155
https://access.redhat.com/security/cve/CVE-2016-5156
https://access.redhat.com/security/cve/CVE-2016-5157
https://access.redhat.com/security/cve/CVE-2016-5158
https://access.redhat.com/security/cve/CVE-2016-5159
https://access.redhat.com/security/cve/CVE-2016-5160
https://access.redhat.com/security/cve/CVE-2016-5161
https://access.redhat.com/security/cve/CVE-2016-5162
https://access.redhat.com/security/cve/CVE-2016-5163
https://access.redhat.com/security/cve/CVE-2016-5164
https://access.redhat.com/security/cve/CVE-2016-5165
https://access.redhat.com/security/cve/CVE-2016-5166
https://access.redhat.com/security/cve/CVE-2016-5167
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20160901/5209715c/attachment.pgp>
More information about the manjaro-security
mailing list