Download
| Alert*
oval:org.secpod.oval:def:505569
Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 50.0.2661.102. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or ... oval:org.secpod.oval:def:1800875 CVE-2016-1660: Out-of-bounds write in Blink. CVE-2016-1661: Memory corruption in cross-process frames. CVE-2016-1662: Use-after-free in extensions. CVE-2016-1663: Use-after-free in Blinks V8 bindings. CVE-2016-1664: Address bar spoofing. CVE-2016-1665: Information leak in V8. CVE-2016-1666: Various ... oval:org.secpod.oval:def:1800814 CVE-2016-1651: out-of-bounds read in Pdfium JPEG2000 decoding CVE-2016-1652: Universal XSS in extension bindings. CVE-2016-1653: Out-of-bounds write in V8. CVE-2016-1654: Uninitialized memory read in media. CVE-2016-1655: Use-after-free related to extensions. CVE-2016-1656: Android downloaded file p ... oval:org.secpod.oval:def:34401 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:34387 The host is installed with Google Chrome before 50.0.2661.102 and is prone to a same origin policy bypass vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation allows remote attackers to bypass the Same Origin Policy. oval:org.secpod.oval:def:34388 The host is installed with Google Chrome before 50.0.2661.102 and is prone to a same origin policy bypass vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation allows remote attackers to bypass the Same Origin Policy. oval:org.secpod.oval:def:34396 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:34397 The host is installed with Google Chrome before 50.0.2661.102 and is prone to a same origin policy bypass vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation allows remote attackers to bypass the Same Origin Policy. oval:org.secpod.oval:def:34395 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:34406 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:51566 oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:34402 The host is installed with Google Chrome before 50.0.2661.102 and is prone to a same origin policy bypass vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation allows remote attackers to bypass the Same Origin Policy. oval:org.secpod.oval:def:703118 oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:602520 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1667 Mariusz Mylinski discovered a cross-origin bypass. CVE-2016-1668 Mariusz Mylinski discovered a cross-origin bypass in bindings to v8. CVE-2016-1669 Choongwoo Han discovered a buffer overflow in the v8 javascript ... oval:org.secpod.oval:def:1800123 CVE-2016-1667: Same origin bypass in DOM. CVE-2016-1668: Same origin bypass in Blink V8 bindings. CVE-2016-1669: Buffer overflow in V8. CVE-2016-1670: Race condition in loader. CVE-2016-1671: Directory traversal using the file scheme on Android. Fixed In Version: 50.0.2661.102 oval:org.secpod.oval:def:1800824 CVE-2016-1667: Same origin bypass in DOM. CVE-2016-1668: Same origin bypass in Blink V8 bindings. CVE-2016-1669: Buffer overflow in V8. CVE-2016-1670: Race condition in loader. CVE-2016-1671: Directory traversal using the file scheme on Android. Fixed In Version: 50.0.2661.102 |