Ubuntu 16.04 LTS: USN-4584-1 Critical: HtmlUnit Program Execution Risk

ubuntu

October 15, 2020

HtmlUnit could be made to crash or run programs as an administrator if it opened a specially crafted file.

Summary

HtmlUnit could be made to crash or run programs as an administrator

if it opened a specially crafted file.

Software Description:

- htmlunit: headless web browser written in Java

Details:

It was discovered that HtmlUnit incorrectly initialized Rhino engine. An

attacker could possibly use this issue to execute arbitrary Java code.

Topics Covered

security advisory ubuntu program execution administrative access htmlunit

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  libhtmlunit-java                2.8-1ubuntu2.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4584-1

CVE-2020-5529

Severity

critical

Lowest

Low

Medium

High

Critical

October 15, 2020

Topics Covered

security advisory ubuntu program execution administrative access htmlunit

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Ubuntu 16.04 LTS: USN-4584-1 Critical: HtmlUnit Program Execution Risk

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Ubuntu 16.04 LTS: USN-4584-1 Critical: HtmlUnit Program Execution Risk

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!