Debian: DSA-3660-1 Critical: Chromium Browser Cross-Site Scripting
debian
September 5, 2016
Several vulnerabilities have been discovered in the chromium web browser
Summary
CVE-2016-5147
A cross-site scripting issue was discovered.
CVE-2016-5148
Another cross-site scripting issue was discovered.
CVE-2016-5149
Max Justicz discovered a script injection issue in extension handling.
CVE-2016-5150
A use-after-free issue was discovered in Blink/Webkit.
CVE-2016-5151
A use-after-free issue was discovered in the pdfium library.
CVE-2016-5152
GiWan Go discovered a heap overflow issue in the pdfium library.
CVE-2016-5153
Atte Kettunen discovered a use-after-destruction issue.
CVE-2016-5154
A heap overflow issue was discovered in the pdfium library.
CVE-2016-5155
An address bar spoofing issue was discovered.
CVE-2016-5156
jinmo123 discovered a use-after-free issue.
CVE-2016-5157
A heap overflow issue was discovered in the pdfium library.
CVE-2016-5158
GiWan Go discovered a heap overflow issue in the pdfium library.
CVE-2016-5159
GiWan Go discovered another heap overflow issue in the pdfium library.
CVE-2016-5160
@l33terally discovered...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: chromium-browser
CVE ID: CVE-2016-5147 CVE-2016-5148 CVE-2016-5149 CVE-2016-5150
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!