Showing 1 - 3 of 3

CVE-2016-1706

Status Candidate

Overview

The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to broker_process_dispatcher.cc, ppapi_plugin_process_host.cc, ppapi_thread.cc, and render_frame_message_filter.cc.

Related Files

Ubuntu Security Notice USN-3041-1: Posted Aug 5, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3041-1 - Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service or execute arbitrary code. It was discovered that the PPAPI implementation does not validate the origin of IPC messages to the plugin broker process. A remote attacker could potentially exploit this to bypass sandbox protection mechanisms. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2016-1705, CVE-2016-1706, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5137; SHA-256 | a894dd337e1dbc99720884f2cbf398faec9048d78d41ec516e1a6b452cd51967; Download | Favorite | View

Debian Security Advisory 3637-1: Posted Aug 1, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3637-1 - Several vulnerabilities have been discovered in the chromium web browser.; tags | advisory, web, vulnerability; systems | linux, debian; advisories | CVE-2016-1704, CVE-2016-1705, CVE-2016-1706, CVE-2016-1707, CVE-2016-1708, CVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137; SHA-256 | 748ef387f802d90fbc8026d3fb606a43c65545e160b992be700aaaade69ada4d; Download | Favorite | View

Red Hat Security Advisory 2016-1485-01: Posted Jul 26, 2016; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2016-1485-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 52.0.2743.82. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.; tags | advisory, web, arbitrary; systems | linux, redhat; advisories | CVE-2016-1705, CVE-2016-1706, CVE-2016-1708, CVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137; SHA-256 | 79a0151a046d4d5d83278b6451a43ce51c7e4a3ae2044801f1685824657092b8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,333)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,578)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,460)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2016-1706

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems