what you don't know can hurt you
Showing 1 - 4 of 4 RSS Feed

CVE-2016-5142

Status Candidate

Overview

The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code, related to NormalizeAlgorithm.cpp and SubtleCrypto.cpp.

Related Files

Gentoo Linux Security Advisory 201610-09
Posted Oct 29, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201610-9 - Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 54.0.2840.59 are affected.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137, CVE-2016-5138, CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145, CVE-2016-5146, CVE-2016-5147, CVE-2016-5148, CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153, CVE-2016-5154
MD5 | 8ce6136d34a7ae20b1bde0370c1687b2
Ubuntu Security Notice USN-3058-1
Posted Sep 15, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3058-1 - An issue was discovered in Blink involving the provisional URL for an initially empty document. An attacker could potentially exploit this to spoof the currently displayed URL. A use-after-free was discovered in the WebCrypto implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2016-5141, CVE-2016-5142, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145, CVE-2016-5146, CVE-2016-5147, CVE-2016-5148, CVE-2016-5150, CVE-2016-5153, CVE-2016-5155, CVE-2016-5156, CVE-2016-5161, CVE-2016-5164, CVE-2016-5165, CVE-2016-5167
MD5 | 6558e054a291ad0d1146bf2dc4645f0b
Red Hat Security Advisory 2016-1580-01
Posted Aug 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1580-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 52.0.2743.116. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145, CVE-2016-5146
MD5 | 8ae44ad6eecdc112a90f2af907e2c1a6
Debian Security Advisory 3645-1
Posted Aug 8, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3645-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5143, CVE-2016-5144
MD5 | acc926e8c726ef99b2e5d418a36ffe57
Page 1 of 1
Back1Next

File Archive:

January 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    15 Files
  • 2
    Jan 2nd
    15 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    1 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    24 Files
  • 8
    Jan 8th
    15 Files
  • 9
    Jan 9th
    16 Files
  • 10
    Jan 10th
    23 Files
  • 11
    Jan 11th
    17 Files
  • 12
    Jan 12th
    3 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    33 Files
  • 16
    Jan 16th
    23 Files
  • 17
    Jan 17th
    29 Files
  • 18
    Jan 18th
    15 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    3 Files
  • 21
    Jan 21st
    17 Files
  • 22
    Jan 22nd
    19 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close