FreeBSD : chromium -- multiple vulnerabilities (371bbea9-3836-4832-9e70-e8e928727f8c)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Google Chrome Releases reports :

This update includes 37 security fixes, including :

- [497632] High CVE-2016-1612: Bad cast in V8.

- [572871] High CVE-2016-1613: Use-after-free in PDFium.

- [544691] Medium CVE-2016-1614: Information leak in Blink.

- [468179] Medium CVE-2016-1615: Origin confusion in Omnibox.

- [541415] Medium CVE-2016-1616: URL Spoofing.

- [544765] Medium CVE-2016-1617: History sniffing with HSTS and CSP.

- [552749] Medium CVE-2016-1618: Weak random number generator in
Blink.

- [557223] Medium CVE-2016-1619: Out-of-bounds read in PDFium.

- [579625] CVE-2016-1620: Various fixes from internal audits, fuzzing
and other initiatives.

- Multiple vulnerabilities in V8 fixed at the tip of the 4.8 branch.

See also :

http://www.nessus.org/u?be197a18
http://www.nessus.org/u?5e8b52d0

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 88067 ()

Bugtraq ID:

CVE ID: CVE-2016-1612
CVE-2016-1613
CVE-2016-1614
CVE-2016-1615
CVE-2016-1616
CVE-2016-1617
CVE-2016-1618
CVE-2016-1619
CVE-2016-1620

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now