FreeBSD : chromium -- multiple vulnerabilities (9118961b-9fa5-11e6-a265-3065ec8fd3ec)
Critical Nessus Plugin ID 94450
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionGoogle Chrome Releases reports :
21 security fixes in this release, including :
-  High CVE-2016-5181: Universal XSS in Blink. Credit to Anonymous
-  High CVE-2016-5182: Heap overflow in Blink. Credit to Giwan Go of STEALIEN
-  High CVE-2016-5183: Use after free in PDFium. Credit to Anonymous
-  High CVE-2016-5184: Use after free in PDFium. Credit to Anonymous
-  High CVE-2016-5185: Use after free in Blink. Credit to cloudfuzzer
-  High CVE-2016-5187: URL spoofing. Credit to Luan Herrera
-  Medium CVE-2016-5188: UI spoofing. Credit to Luan Herrera
-  Medium CVE-2016-5192: Cross-origin bypass in Blink. Credit to [email protected]
-  Medium CVE-2016-5189: URL spoofing. Credit to xisigr of Tencent's Xuanwu Lab
-  Medium CVE-2016-5186: Out of bounds read in DevTools.
Credit to Abdulrahman Alqabandi (@qab)
-  Medium CVE-2016-5191: Universal XSS in Bookmarks. Credit to Gareth Hughes
-  Medium CVE-2016-5190: Use after free in Internals. Credit to Atte Kettunen of OUSPG
-  Low CVE-2016-5193: Scheme bypass. Credit to Yuyang ZHOU (martinzhou96)
-  CVE-2016-5194: Various fixes from internal audits, fuzzing and other initiatives
SolutionUpdate the affected packages.