vulnerability
FreeBSD: VID-9118961B-9FA5-11E6-A265-3065EC8FD3EC (CVE-2016-5194): chromium -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Oct 12, 2016 | Nov 14, 2016 | Nov 25, 2019 |
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-9118961B-9FA5-11E6-A265-3065EC8FD3EC:
Google Chrome Releases reports:
21 security fixes in this release, including:
[645211] High CVE-2016-5181: Universal XSS in Blink. Credit to
Anonymous
[638615] High CVE-2016-5182: Heap overflow in Blink. Credit to
Giwan Go of STEALIEN
[645122] High CVE-2016-5183: Use after free in PDFium. Credit
to Anonymous
[630654] High CVE-2016-5184: Use after free in PDFium. Credit
to Anonymous
[621360] High CVE-2016-5185: Use after free in Blink. Credit to
cloudfuzzer
[639702] High CVE-2016-5187: URL spoofing. Credit to Luan
Herrera
[565760] Medium CVE-2016-5188: UI spoofing. Credit to Luan
Herrera
[633885] Medium CVE-2016-5192: Cross-origin bypass in Blink.
Credit to [email protected]
[646278] Medium CVE-2016-5189: URL spoofing. Credit to xisigr
of Tencent's Xuanwu Lab
[644963] Medium CVE-2016-5186: Out of bounds read in DevTools.
Credit to Abdulrahman Alqabandi (@qab)
[639126] Medium CVE-2016-5191: Universal XSS in Bookmarks.
Credit to Gareth Hughes
[642067] Medium CVE-2016-5190: Use after free in Internals.
Credit to Atte Kettunen of OUSPG
[639658] Low CVE-2016-5193: Scheme bypass. Credit to Yuyang
ZHOU (martinzhou96)
[654782] CVE-2016-5194: Various fixes from internal audits,
fuzzing and other initiatives
Solutions
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.