Download
| Alert*
oval:org.secpod.oval:def:34764
The host is installed with Google Chrome before 51.0.2704.63 or Apple Mac OS X 10.9.5, 10.10.5 or 10.11.x before 10.11.6 and is prone to an out-of-bound vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have un ... oval:org.secpod.oval:def:703150 oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:2104564 The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue. oval:org.secpod.oval:def:51577 oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:1800123 CVE-2016-1667: Same origin bypass in DOM. CVE-2016-1668: Same origin bypass in Blink V8 bindings. CVE-2016-1669: Buffer overflow in V8. CVE-2016-1670: Race condition in loader. CVE-2016-1671: Directory traversal using the file scheme on Android. Fixed In Version: 50.0.2661.102 oval:org.secpod.oval:def:34777 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:1800824 CVE-2016-1667: Same origin bypass in DOM. CVE-2016-1668: Same origin bypass in Blink V8 bindings. CVE-2016-1669: Buffer overflow in V8. CVE-2016-1670: Race condition in loader. CVE-2016-1671: Directory traversal using the file scheme on Android. Fixed In Version: 50.0.2661.102 oval:org.secpod.oval:def:602520 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1667 Mariusz Mylinski discovered a cross-origin bypass. CVE-2016-1668 Mariusz Mylinski discovered a cross-origin bypass in bindings to v8. CVE-2016-1669 Choongwoo Han discovered a buffer overflow in the v8 javascript ... oval:org.secpod.oval:def:34752 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:34751 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:505630 Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 51.0.2704.63. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or d ... oval:org.secpod.oval:def:34802 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:34725 The host is installed with Google Chrome before 51.0.2704.63 and is prone to an out-of-bound vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:34726 The host is installed with Google Chrome before 51.0.2704.63 and is prone to an out-of-bound vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:34789 The host is installed with Google Chrome before 51.0.2704.63 or Apple iTunes before 12.4.2 and is prone to an out-of-bound vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:602541 Several vulnerabilities were discovered in libxslt, an XSLT processing runtime library, which could lead to information disclosure or denial-of-service against an application using the libxslt library. oval:org.secpod.oval:def:36326 The host is missing a security update according to Apple advisory APPLE-SA-2016-07-18-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted website. Successful exploitation allows attackers to crash the service, disclose th ... oval:org.secpod.oval:def:40418 libxslt: XSLT processing library Several security issues were fixed in Libxslt. oval:org.secpod.oval:def:40417 libxslt: XSLT processing library Several security issues were fixed in Libxslt. oval:org.secpod.oval:def:36255 The host is missing a security update according to Apple advisory APPLE-SA-2016-07-18-6. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the servi ... oval:org.secpod.oval:def:52188 libxslt: XSLT processing library Several security issues were fixed in Libxslt. oval:org.secpod.oval:def:116772 This C library allows to transform XML files into other XML files using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 >= 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine oval:org.secpod.oval:def:51523 libxslt: XSLT processing library Several security issues were fixed in Libxslt. |