DSA-3660-1 chromium-browser -- chromium-browserID: oval:org.secpod.oval:def:602605 | Date: (C)2016-09-12 (M)2023-11-13 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5147 A cross-site scripting issue was discovered. CVE-2016-5148 Another cross-site scripting issue was discovered. CVE-2016-5149 Max Justicz discovered a script injection issue in extension handling. CVE-2016-5150 A use-after-free issue was discovered in Blink/Webkit. CVE-2016-5151 A use-after-free issue was discovered in the pdfium library. CVE-2016-5152 GiWan Go discovered a heap overflow issue in the pdfium library. CVE-2016-5153 Atte Kettunen discovered a use-after-destruction issue. CVE-2016-5154 A heap overflow issue was discovered in the pdfium library. CVE-2016-5155 An address bar spoofing issue was discovered. CVE-2016-5156 jinmo123 discovered a use-after-free issue. CVE-2016-5157 A heap overflow issue was discovered in the pdfium library. CVE-2016-5158 GiWan Go discovered a heap overflow issue in the pdfium library. CVE-2016-5159 GiWan Go discovered another heap overflow issue in the pdfium library. CVE-2016-5160 @l33terally discovered an extensions resource bypass. CVE-2016-5161 A type confusion issue was discovered. CVE-2016-5162 Nicolas Golubovic discovered an extensions resource bypass. CVE-2016-5163 Rafay Baloch discovered an address bar spoofing issue. CVE-2016-5164 A cross-site scripting issue was discovered in the developer tools. CVE-2016-5165 Gregory Panakkal discovered a script injection issue in the developer tools. CVE-2016-5166 Gregory Panakkal discovered an issue with the Save Page As feature. CVE-2016-5167 The chrome development team found and fixed various issues during internal auditing.