FreeBSD : chromium -- multiple vulnerablities (7da1da96-24bb-11e6-bd31-3065ec8fd3ec)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Google Chrome Releases reports :

9 security fixes in this release, including :

- [574802] High CVE-2016-1660: Out-of-bounds write in Blink. Credit to
Atte Kettunen of OUSPG.

- [601629] High CVE-2016-1661: Memory corruption in cross-process
frames. Credit to Wadih Matar.

- [603732] High CVE-2016-1662: Use-after-free in extensions. Credit to
Rob Wu.

- [603987] High CVE-2016-1663: Use-after-free in Blink's V8 bindings.
Credit to anonymous.

- [597322] Medium CVE-2016-1664: Address bar spoofing. Credit to Wadih
Matar.

- [606181] Medium CVE-2016-1665: Information leak in V8. Credit to
HyungSeok Han.

- [607652] CVE-2016-1666: Various fixes from internal audits, fuzzing
and other initiatives.

See also :

http://www.nessus.org/u?22d8d53b
http://www.nessus.org/u?aa041acf

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 91374 ()

Bugtraq ID:

CVE ID: CVE-2016-1660
CVE-2016-1661
CVE-2016-1662
CVE-2016-1663
CVE-2016-1664
CVE-2016-1665
CVE-2016-1666

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now