Debian Security Advisory DSA 3315-1 (chromium-browser - security update)

Published: 2015-07-22 22:00:00
CVE Author: NIST National Vulnerability Database

CVSS Base Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

Affected Versions:
chromium-browser on Debian Linux

Recommendations:
For the stable distribution (jessie), these problems have been fixed in version 44.0.2403.89-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 44.0.2403.89-1. We recommend that you upgrade your chromium-browser Linux Distribution Packages.

Summary:
Several vulnerabilities were discovered in the chromium web browser. CVE-2015-1266 Intended access restrictions could be bypassed for certain URLs like chrome://gpu. CVE-2015-1267 A way to bypass the Same Origin Policy was discovered. CVE-2015-1268 Mariusz Mlynski also discovered a way to bypass the Same Origin Policy. CVE-2015-1269 Mike Rudy discovered that hostnames were not properly compared in the HTTP Strict Transport Policy and HTTP Public Key Pinning features, which could allow those access restrictions to be bypassed. CVE-2015-1270 Atte Kettunen discovered an uninitialized memory read in the ICU library. CVE-2015-1271 cloudfuzzer discovered a buffer overflow in the pdfium library. CVE-2015-1272 Chamal de Silva discovered race conditions in the GPU process implementation. CVE-2015-1273 makosoft discovered a buffer overflow in openjpeg, which is used by the pdfium library embedded in chromium. CVE-2015-1274 andrewm.bpi discovered that the auto-open list allowed certain file types to be executed immediately after download. CVE-2015-1276 Colin Payne discovered a use-after-free issue in the IndexedDB implementation. CVE-2015-1277 SkyLined discovered a use-after-free issue in chromium's accessibility implementation. CVE-2015-1278 Chamal de Silva discovered a way to use PDF documents to spoof a URL. CVE-2015-1279 mlafon discovered a buffer overflow in the pdfium library. CVE-2015-1280 cloudfuzzer discovered a memory corruption issue in the SKIA library. CVE-2015-1281 Masato Knugawa discovered a way to bypass the Content Security Policy. CVE-2015-1282 Chamal de Silva discovered multiple use-after-free issues in the pdfium library. CVE-2015-1283 Huzaifa Sidhpurwala discovered a buffer overflow in the expat library. CVE-2015-1284 Atte Kettunen discovered that the maximum number of page frames was not correctly checked. CVE-2015-1285 gazheyes discovered an information leak in the XSS auditor, which normally helps to prevent certain classes of cross-site scripting problems. CVE-2015-1286 A cross-site scripting issue was discovered in the interface to the v8 javascript library. CVE-2015-1287 filedescriptor discovered a way to bypass the Same Origin Policy. CVE-2015-1288Mike Ruddy discovered that the spellchecking dictionaries could still be downloaded over plain HTTP (related to CVE-2015-1263 ). CVE-2015-1289 The chrome 44 development team found and fixed various issues during internal auditing. In addition to the above issues, Google disabled the hotword extension by default in this version, which if enabled downloads files without the user's intervention.

Detection Method:
This check tests the installed software version using the apt Linux Distribution Package manager.

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2015-1263
https://nvd.nist.gov/vuln/detail/CVE-2015-1266
https://nvd.nist.gov/vuln/detail/CVE-2015-1267
https://nvd.nist.gov/vuln/detail/CVE-2015-1268
https://nvd.nist.gov/vuln/detail/CVE-2015-1269
https://nvd.nist.gov/vuln/detail/CVE-2015-1270
https://nvd.nist.gov/vuln/detail/CVE-2015-1271
https://nvd.nist.gov/vuln/detail/CVE-2015-1272
https://nvd.nist.gov/vuln/detail/CVE-2015-1273
https://nvd.nist.gov/vuln/detail/CVE-2015-1274
https://nvd.nist.gov/vuln/detail/CVE-2015-1276
https://nvd.nist.gov/vuln/detail/CVE-2015-1277
https://nvd.nist.gov/vuln/detail/CVE-2015-1278
https://nvd.nist.gov/vuln/detail/CVE-2015-1279
https://nvd.nist.gov/vuln/detail/CVE-2015-1280
https://nvd.nist.gov/vuln/detail/CVE-2015-1281
https://nvd.nist.gov/vuln/detail/CVE-2015-1282
https://nvd.nist.gov/vuln/detail/CVE-2015-1283
https://nvd.nist.gov/vuln/detail/CVE-2015-1284
https://nvd.nist.gov/vuln/detail/CVE-2015-1285
https://nvd.nist.gov/vuln/detail/CVE-2015-1286
https://nvd.nist.gov/vuln/detail/CVE-2015-1287
https://nvd.nist.gov/vuln/detail/CVE-2015-1288
https://nvd.nist.gov/vuln/detail/CVE-2015-1289

References:

http://www.debian.org/security/2015/dsa-3315.html

Severity
High
CVSS Score
7.5
Published
2015-07-22
Modified
2019-03-18
Category
Debian Local Security Checks

Free Vulnerability Scanning, Assessment and Management

Mageni's Platform is packed with all the features you need to scan, assess and manage vulnerabilities like this - it is free, open source, lightning fast, reliable and scalable.

Router
Servers
Laptop
Database
Group
Cloud

Frequently Asked Questions

No, you can scan concurrently as many assets as you want. Please note that you must be aware of the hardware requeriments of the platform to ensure a good performance.

No, you can add as many assest as you want. It doesn't matters if you have millions of assets, we won't charge you for that.

No. The software is completely free. We have no intention to charge you to use the software, in fact - it completely goes against our beliefs and business model.

A vulnerability is defined in the ISO 27002 standard as “A weakness of an asset or group of assets that can be exploited by one or more threats” (International Organization for Standardization, 2005)

We generate revenue by providing support and other services for customers that require a subscription so they get guaranteed support and enterprise services. To use Mageni's Platform is completely free, with no limits at all.

Yes. Mageni understands that there are professionals and businesses that need commercial support so Mageni provides an active support subscription with everything needed to run Mageni's Platform reliably and securely. More than software, it's access to security experts, knowledge resources, security updates, and support tools you can't get anywhere else. The subscription includes:

  • Ongoing delivery
    • Patches
    • Bug fixes
    • Updates
    • Upgrades
  • Technical support
    • 24/7 availability
    • Unlimited Incidents
    • Specialty-based routing
    • Multi-Channel
  • Commitments
    • Software certifications
    • Software assurance
    • SLA

No, we don't store the information of your vulnerabilities in our servers.

Vulnerability management is the process in which vulnerabilities in IT are identified and the risks of these vulnerabilities are evaluated. This evaluation leads to correcting the vulnerabilities and removing the risk or a formal risk acceptance by the management of an organization. The term vulnerability management is often confused with vulnerability scanning. Despite the fact both are related, there is an important difference between the two. Vulnerability scanning consists of using a computer program to identify vulnerabilities in networks, computer infrastructure or applications. Vulnerability management is the process surrounding vulnerability scanning, also taking into account other aspects such as risk acceptance, remediation etc. Source: "Implementing a Vulnerability Management Process". SANS Institute.

I am ready to start scanning for vulnerabilities