Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian Security Advisory DSA 3810-1 (chromium-browser - security update)

Information

Severity

Severity

Medium

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

6.8

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

7 years ago

Modified

Modified

2 years ago

Summary

Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5029 Holger Fuhrmannek discovered an integer overflow issue in the libxslt library. CVE-2017-5030 Brendon Tiszka discovered a memory corruption issue in the v8 javascript library. CVE-2017-5031 Looben Yang discovered a use-after-free issue in the ANGLE library. CVE-2017-5032 Ashfaq Ansari discovered an out-of-bounds write in the pdfium library. CVE-2017-5033 Nicolai Grodum discovered a way to bypass the Content Security Policy. CVE-2017-5034 Ke Liu discovered an integer overflow issue in the pdfium library. CVE-2017-5035 Enzo Aguado discovered an issue with the omnibox. CVE-2017-5036 A use-after-free issue was discovered in the pdfium library. CVE-2017-5037 Yongke Wang discovered multiple out-of-bounds write issues. CVE-2017-5038 A use-after-free issue was discovered in the guest view. CVE-2017-5039 jinmo123 discovered a use-after-free issue in the pdfium library. CVE-2017-5040 Choongwoo Han discovered an information disclosure issue in the v8 javascript library. CVE-2017-5041 Jordi Chancel discovered an address spoofing issue. CVE-2017-5042 Mike Ruddy discovered incorrect handling of cookies. CVE-2017-5043 Another use-after-free issue was discovered in the guest view. CVE-2017-5044 Kushal Arvind Shah discovered a heap overflow issue in the skia library. CVE-2017-5045 Dhaval Kapil discovered an information disclosure issue. CVE-2017-5046 Masato Kinugawa discovered an information disclosure issue.

Affected Software

Affected Software

chromium-browser on Debian Linux

Detection Method

Detection Method

This check tests the installed software version using the apt package manager.

Solution

Solution

For the stable distribution (jessie), these problems have been fixed in version 57.0.2987.98-1~deb8u1. For the upcoming stable (stretch) and unstable (sid) distributions, these problems have been fixed in version 57.0.2987.98-1. We recommend that you upgrade your chromium-browser packages.