[arch-security] [ASA-201609-1] chromium: multiple issues
anthraxx at archlinux.org
Thu Sep 1 20:50:43 UTC 2016
Arch Linux Security Advisory ASA-201609-1
Date : 2016-09-01
CVE-ID : CVE-2016-5147 CVE-2016-5148 CVE-2016-5149 CVE-2016-5150
CVE-2016-5151 CVE-2016-5152 CVE-2016-5153 CVE-2016-5154
CVE-2016-5155 CVE-2016-5156 CVE-2016-5157 CVE-2016-5158
CVE-2016-5159 CVE-2016-5160 CVE-2016-5161 CVE-2016-5162
CVE-2016-5163 CVE-2016-5164 CVE-2016-5165 CVE-2016-5166
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
The package chromium before version 53.0.2785.89-1 is vulnerable to
Upgrade to 53.0.2785.89-1.
# pacman -Syu "chromium>=53.0.2785.89-1"
The problems have been fixed upstream in version 53.0.2785.89.
- CVE-2016-5147 CVE-2016-5148 (cross-site scripting)
Universal XSS in Blink.
- CVE-2016-5149 (script injection)
Script injection in extensions.
- CVE-2016-5150 (arbitrary code execution)
Use after free in Blink.
- CVE-2016-5151 (arbitrary code execution)
Use after free in PDFium.
- CVE-2016-5152 CVE-2016-5154 CVE-2016-5157 CVE-2016-5158 CVE-2016-5159
(arbitrary code execution)
Heap overflow in PDFium.
- CVE-2016-5153 (arbitrary code execution)
Use after destruction in Blink.
- CVE-2016-5155 CVE-2016-5163 (address bar spoofing)
Address bar spoofing.
- CVE-2016-5156 (arbitrary code execution)
Use after free in event bindings.
- CVE-2016-5160 CVE-2016-5162 (access restriction bypass)
Extensions web accessible resources bypass.
- CVE-2016-5161 (arbitrary code execution)
Type confusion in Blink.
- CVE-2016-5164 (address bar spoofing)
Universal XSS using DevTools.
- CVE-2016-5165 (script injection)
Script injection in DevTools.
- CVE-2016-5166 (smb relay attack)
SMB Relay Attack via Save Page As.
- CVE-2016-5167 (arbitrary code execution)
Various fixes from internal audits, fuzzing and other initiatives.
A remote attacker is able to execute arbitrary code on the affected
host, perform cross-site scripting attacks, spoof the address bar,
bypass access restrictions or have other unspecified impact.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the arch-security