USN-3041-1
- Source
- https://ubuntu.com/security/notices/USN-3041-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3041-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-3041-1
- Related
- Published
- 2016-08-05T13:29:13.607756Z
- Modified
- 2016-08-05T13:29:13.607756Z
- Summary
- oxide-qt vulnerabilities
- Details
-
Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service (application crash) or execute arbitrary code. (CVE-2016-1705)
It was discovered that the PPAPI implementation does not validate the origin of IPC messages to the plugin broker process. A remote attacker could potentially exploit this to bypass sandbox protection mechanisms. (CVE-2016-1706)
It was discovered that Blink does not prevent window creation by a deferred frame. A remote attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-1710)
It was discovered that Blink does not disable frame navigation during a detach operation on a DocumentLoader object. A remote attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-1711)
A use-after-free was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer process crash, or execute arbitrary code. (CVE-2016-5127)
It was discovered that objects.cc in V8 does not prevent API interceptors from modifying a store target without setting a property. A remote attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-5128)
A memory corruption was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer process crash, or execute arbitrary code. (CVE-2016-5129)
A security issue was discovered in Chromium. A remote attacker could potentially exploit this to spoof the currently displayed URL. (CVE-2016-5130)
A use-after-free was discovered in libxml. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer process crash, or execute arbitrary code. (CVE-2016-5131)
The Service Workers implementation in Chromium does not properly implement the Secure Contexts specification during decisions about whether to control a subframe. A remote attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-5132)
It was discovered that Chromium mishandles origin information during proxy authentication. A machine-in-the-middle attacker could potentially exploit this to spoof a proxy authentication login prompt. (CVE-2016-5133)
It was discovered that the Proxy Auto-Config (PAC) feature in Chromium does not ensure that URL information is restricted to a scheme, host and port. A remote attacker could potentially exploit this to obtain sensitive information. (CVE-2016-5134)
It was discovered that Blink does not consider referrer-policy information inside an HTML document during a preload request. A remote attacker could potentially exploit this to bypass Content Security Policy (CSP) protections. (CVE-2016-5135)
It was discovered that the Content Security Policy (CSP) implementation in Blink does not apply http :80 policies to https :443 URLs. A remote attacker could potentially exploit this to determine whether a specific HSTS web site has been visited by reading a CSP report. (CVE-2016-5137)
- References
-
- https://ubuntu.com/security/notices/USN-3041-1
- https://ubuntu.com/security/CVE-2016-1705
- https://ubuntu.com/security/CVE-2016-1706
- https://ubuntu.com/security/CVE-2016-1710
- https://ubuntu.com/security/CVE-2016-1711
- https://ubuntu.com/security/CVE-2016-5127
- https://ubuntu.com/security/CVE-2016-5128
- https://ubuntu.com/security/CVE-2016-5129
- https://ubuntu.com/security/CVE-2016-5130
- https://ubuntu.com/security/CVE-2016-5131
- https://ubuntu.com/security/CVE-2016-5132
- https://ubuntu.com/security/CVE-2016-5133
- https://ubuntu.com/security/CVE-2016-5134
- https://ubuntu.com/security/CVE-2016-5135
- https://ubuntu.com/security/CVE-2016-5137
Affected packages
Ubuntu:14.04:LTS / oxide-qt
Package
- Name
- oxide-qt
- Purl
- pkg:deb/ubuntu/oxide-qt?arch=src?distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.5-0ubuntu0.14.04.1
Affected versions
1.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqt-qmlplugin"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqtcore-dev"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqtcore0"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqtcore0-dbgsym"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqtquick-dev"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqtquick0"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "oxideqmlscene"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-chromedriver"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs-dbg"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs-dbgsym"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs-extra"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs-extra-dbg"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs-extra-dbgsym"
},
{
"binary_version": "1.16.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-dbg"
}
]
}
Ubuntu:16.04:LTS / oxide-qt
Package
- Name
- oxide-qt
- Purl
- pkg:deb/ubuntu/oxide-qt?arch=src?distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.5-0ubuntu0.16.04.1
Affected versions
1.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1.16.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqt-qmlplugin"
},
{
"binary_version": "1.16.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqtcore-dev"
},
{
"binary_version": "1.16.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqtcore0"
},
{
"binary_version": "1.16.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqtcore0-dbgsym"
},
{
"binary_version": "1.16.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqtquick-dev"
},
{
"binary_version": "1.16.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqtquick0"
},
{
"binary_version": "1.16.5-0ubuntu0.16.04.1",
"binary_name": "oxideqt-codecs"
},
{
"binary_version": "1.16.5-0ubuntu0.16.04.1",
"binary_name": "oxideqt-codecs-dbgsym"
},
{
"binary_version": "1.16.5-0ubuntu0.16.04.1",
"binary_name": "oxideqt-codecs-extra"
},
{
"binary_version": "1.16.5-0ubuntu0.16.04.1",
"binary_name": "oxideqt-codecs-extra-dbgsym"
}
]
}