VuXML: chromium -- multiple vulnerabilities

VuXML ID	958b9cee-79da-11e6-bf75-3065ec8fd3ec
Discovery	2016-08-03
Entry	2016-09-13

Google Chrome Releases reports:

10 security fixes in this release, including:

[629542] High CVE-2016-5141 Address bar spoofing. Credit to anonymous

[626948] High CVE-2016-5142 Use-after-free in Blink. Credit to anonymous

[625541] High CVE-2016-5139 Heap overflow in pdfium. Credit to GiWan Go of Stealien

[619405] High CVE-2016-5140 Heap overflow in pdfium. Credit to Ke Liu of Tencent's Xuanwu LAB

[623406] Medium CVE-2016-5145 Same origin bypass for images in Blink. Credit to anonymous

[619414] Medium CVE-2016-5143 Parameter sanitization failure in DevTools. Credit to Gregory Panakkal

[618333] Medium CVE-2016-5144 Parameter sanitization failure in DevTools. Credit to Gregory Panakkal

[633486] CVE-2016-5146: Various fixes from internal audits, fuzzing and other initiatives.

[source]

CVE Name	CVE-2016-5139
CVE Name	CVE-2016-5140
CVE Name	CVE-2016-5141
CVE Name	CVE-2016-5142
CVE Name	CVE-2016-5143
CVE Name	CVE-2016-5144
CVE Name	CVE-2016-5145
CVE Name	CVE-2016-5146
URL	https://googlechromereleases.blogspot.nl/2016/08/stable-channel-update-for-desktop.html

chromium -- multiple vulnerabilities

Details

References