Detections
Analytics
openSUSE Security Update : Chromium (openSUSE-2017-420)
critical Nessus Plugin ID 99158
Language:
Synopsis
The remote openSUSE host is missing a security update.Description
This update to Chromium 57.0.2987.133 fixes the following issues (boo#1031677) :- CVE-2017-5055: Use after free in printing
- CVE-2017-5054: Heap buffer overflow in V8
- CVE-2017-5052: Bad cast in Blink
- CVE-2017-5056: Use after free in Blink
- CVE-2017-5053: Out of bounds memory access in V8
The following packaging changes are included :
- No longer claim to provide browser(npapi)
Solution
Update the affected Chromium packages.See Also
Plugin Details
Severity: Critical
ID: 99158
File Name: openSUSE-2017-420.nasl
Version: 3.9
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 4/3/2017
Updated: 12/26/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.8
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 8.1
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2017-5055
CVSS v3
Risk Factor: Critical
Base Score: 9.6
Temporal Score: 9.2
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS Score Source: CVE-2017-5053
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:chromedriver-debuginfo, p-cpe:/a:novell:opensuse:chromium, p-cpe:/a:novell:opensuse:chromium-debugsource, p-cpe:/a:novell:opensuse:chromedriver, cpe:/o:novell:opensuse:42.1, cpe:/o:novell:opensuse:42.2, p-cpe:/a:novell:opensuse:chromium-debuginfo
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/1/2017
Vulnerability Publication Date: 10/27/2017
Reference Information
CVE: CVE-2017-5052, CVE-2017-5053, CVE-2017-5054, CVE-2017-5055, CVE-2017-5056