CVE-2016-1190
published 2016-06-25CVE-2016-1190: Cybozu Garoon 3.1 through 4.2 allows remote authenticated users to bypass intended restrictions on MultiReport reading via unspecified vectors.
PriorityP433medium6.5CVSS 3.0
AVNACLPRLUINSUCHINAN
EPSS
1.06%
60.2th percentile
Cybozu Garoon 3.1 through 4.2 allows remote authenticated users to bypass intended restrictions on MultiReport reading via unspecified vectors.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2016-1676 chromium-browser: cross-origin bypass in extension bindings
bugzilla·2016-05-26·CVSS 8.8
CVE-2016-1676 [HIGH] CVE-2016-1676 chromium-browser: cross-origin bypass in extension bindings
CVE-2016-1676 chromium-browser: cross-origin bypass in extension bindings
A cross-origin bypass flaw was found in the extension bindings component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=604901
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1675 chromium-browser: cross-origin bypass in blink
bugzilla·2016-05-26·CVSS 8.8
CVE-2016-1675 [HIGH] CVE-2016-1675 chromium-browser: cross-origin bypass in blink
CVE-2016-1675 chromium-browser: cross-origin bypass in blink
A cross-origin bypass flaw was found in the Blink component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=600182
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1690 chromium-browser: heap use-after-free in autofill
bugzilla·2016-05-26·CVSS 7.5
CVE-2016-1690 [HIGH] CVE-2016-1690 chromium-browser: heap use-after-free in autofill
CVE-2016-1690 chromium-browser: heap use-after-free in autofill
A heap use-after-free flaw was found in the Autofill component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=608100
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1683 chromium-browser: out-of-bounds access in libxslt
bugzilla·2016-05-26·CVSS 7.5
CVE-2016-1683 [HIGH] CVE-2016-1683 chromium-browser: out-of-bounds access in libxslt
CVE-2016-1683 chromium-browser: out-of-bounds access in libxslt
An out-of-bounds access flaw was found in the libxslt component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=583156
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
---
Upstream commit:
https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242
---
Created libxslt tracking bugs for this issue:
Affects: fedora-all [bug 1349705]
---
Created mingw-libxslt tracking bugs for this issue:
Affects: fedora-all [bug 1
Bugzilla
CVE-2016-1673 chromium-browser: cross-origin bypass in blink
bugzilla·2016-05-26·CVSS 8.8
CVE-2016-1673 [HIGH] CVE-2016-1673 chromium-browser: cross-origin bypass in blink
CVE-2016-1673 chromium-browser: cross-origin bypass in blink
A cross-origin bypass flaw was found in the Blink component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=597532
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1695 chromium-browser: various fixes from internal audits
bugzilla·2016-05-26·CVSS 8.8
CVE-2016-1695 [HIGH] CVE-2016-1695 chromium-browser: various fixes from internal audits
CVE-2016-1695 chromium-browser: various fixes from internal audits
Various fixes from internal audits, fuzzing and other initiatives.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=614767
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1688 chromium-browser: out-of-bounds read in v8
bugzilla·2016-05-26·CVSS 6.5
CVE-2016-1688 [MEDIUM] CVE-2016-1688 chromium-browser: out-of-bounds read in v8
CVE-2016-1688 chromium-browser: out-of-bounds read in v8
An out-of-bounds read flaw was found in the V8 component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=604897
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1694 chromium-browser: hpkp pins removed on cache clearance
bugzilla·2016-05-26·CVSS 5.3
CVE-2016-1694 [MEDIUM] CVE-2016-1694 chromium-browser: hpkp pins removed on cache clearance
CVE-2016-1694 chromium-browser: hpkp pins removed on cache clearance
The following flaw was identified in the Chromium browser: hpkp pins removed on cache clearance.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=603682
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1692 chromium-browser: limited cross-origin bypass in serviceworker
bugzilla·2016-05-26·CVSS 5.3
CVE-2016-1692 [MEDIUM] CVE-2016-1692 chromium-browser: limited cross-origin bypass in serviceworker
CVE-2016-1692 chromium-browser: limited cross-origin bypass in serviceworker
A limited cross-origin bypass flaw was found in the ServiceWorker component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=598077
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1672 chromium-browser: cross-origin bypass in extension bindings
bugzilla·2016-05-26·CVSS 8.8
CVE-2016-1672 [HIGH] CVE-2016-1672 chromium-browser: cross-origin bypass in extension bindings
CVE-2016-1672 chromium-browser: cross-origin bypass in extension bindings
A cross-origin bypass flaw was found in the extension bindings component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=590118
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1678 chromium-browser: heap overflow in v8
bugzilla·2016-05-26·CVSS 8.8
CVE-2016-1678 [HIGH] CVE-2016-1678 chromium-browser: heap overflow in v8
CVE-2016-1678 chromium-browser: heap overflow in v8
A heap overflow flaw was found in the V8 component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=595259
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1680 chromium-browser: heap use-after-free in skia
bugzilla·2016-05-26·CVSS 8.8
CVE-2016-1680 [HIGH] CVE-2016-1680 chromium-browser: heap use-after-free in skia
CVE-2016-1680 chromium-browser: heap use-after-free in skia
A heap use-after-free flaw was found in the Skia component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=589848
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1686 chromium-browser: out-of-bounds read in pdfium
bugzilla·2016-05-26·CVSS 6.5
CVE-2016-1686 [MEDIUM] CVE-2016-1686 chromium-browser: out-of-bounds read in pdfium
CVE-2016-1686 chromium-browser: out-of-bounds read in pdfium
An out-of-bounds read flaw was found in the PDFium component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=603518
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1677 chromium-browser: type confusion in v8
bugzilla·2016-05-26·CVSS 6.5
CVE-2016-1677 [MEDIUM] CVE-2016-1677 chromium-browser: type confusion in v8
CVE-2016-1677 chromium-browser: type confusion in v8
A type confusion flaw was found in the V8 component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=602970
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1693 chromium-browser: http download of software removal tool
bugzilla·2016-05-26·CVSS 5.3
CVE-2016-1693 [MEDIUM] CVE-2016-1693 chromium-browser: http download of software removal tool
CVE-2016-1693 chromium-browser: http download of software removal tool
The following flaw was identified in the Chromium browser: http download of software removal tool.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=598752
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1682 chromium-browser: csp bypass for serviceworker
bugzilla·2016-05-26·CVSS 6.1
CVE-2016-1682 [MEDIUM] CVE-2016-1682 chromium-browser: csp bypass for serviceworker
CVE-2016-1682 chromium-browser: csp bypass for serviceworker
The following flaw was identified in the Chromium browser: csp bypass for serviceworker.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=579801
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1679 chromium-browser: heap use-after-free in v8 bindings
bugzilla·2016-05-26·CVSS 8.8
CVE-2016-1679 [HIGH] CVE-2016-1679 chromium-browser: heap use-after-free in v8 bindings
CVE-2016-1679 chromium-browser: heap use-after-free in v8 bindings
A heap use-after-free flaw was found in the V8 bindings component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=606390
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1687 chromium-browser: information leak in extensions
bugzilla·2016-05-26·CVSS 6.5
CVE-2016-1687 [MEDIUM] CVE-2016-1687 chromium-browser: information leak in extensions
CVE-2016-1687 chromium-browser: information leak in extensions
An information leak flaw was found in the extensions component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=603748
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1681 chromium-browser: heap overflow in pdfium
bugzilla·2016-05-26·CVSS 8.8
CVE-2016-1681 [HIGH] CVE-2016-1681 chromium-browser: heap overflow in pdfium
CVE-2016-1681 chromium-browser: heap overflow in pdfium
A heap overflow flaw was found in the PDFium component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=613160
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1689 chromium-browser: heap buffer overflow in media
bugzilla·2016-05-26·CVSS 6.5
CVE-2016-1689 [MEDIUM] CVE-2016-1689 chromium-browser: heap buffer overflow in media
CVE-2016-1689 chromium-browser: heap buffer overflow in media
A heap buffer overflow flaw was found in the media component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=606185
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1685 chromium-browser: out-of-bounds read in pdfium
bugzilla·2016-05-26·CVSS 6.5
CVE-2016-1685 [MEDIUM] CVE-2016-1685 chromium-browser: out-of-bounds read in pdfium
CVE-2016-1685 chromium-browser: out-of-bounds read in pdfium
An out-of-bounds read flaw was found in the PDFium component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=601362
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1691 chromium-browser: heap buffer-overflow in skia
bugzilla·2016-05-26·CVSS 7.5
CVE-2016-1691 [HIGH] CVE-2016-1691 chromium-browser: heap buffer-overflow in skia
CVE-2016-1691 chromium-browser: heap buffer-overflow in skia
A heap buffer-overflow flaw was found in the Skia component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=597926
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1674 chromium-browser: cross-origin bypass in extensions
bugzilla·2016-05-26·CVSS 8.8
CVE-2016-1674 [HIGH] CVE-2016-1674 chromium-browser: cross-origin bypass in extensions
CVE-2016-1674 chromium-browser: cross-origin bypass in extensions
A cross-origin bypass flaw was found in the extensions component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=598165
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
Bugzilla
CVE-2016-1684 chromium-browser: integer overflow in libxslt
bugzilla·2016-05-26·CVSS 7.5
CVE-2016-1684 [HIGH] CVE-2016-1684 chromium-browser: integer overflow in libxslt
CVE-2016-1684 chromium-browser: integer overflow in libxslt
An integer overflow flaw was found in the libxslt component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=583171
External References:
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190
---
Upstream commit:
https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d
---
Created libxslt tracking bugs for this issue:
Affects: fedora-all [bug 1349705]
---
Created mingw-libxslt tracking bugs for this issue:
Affects: fedora-all [bug 1349706]
http://jvn.jp/en/jp/JVN18975349/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2016-000094https://garoon.cybozu.co.jp/support/update/package/421sp1.html#03https://support.cybozu.com/ja-jp/article/8877http://jvn.jp/en/jp/JVN18975349/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2016-000094https://garoon.cybozu.co.jp/support/update/package/421sp1.html#03https://support.cybozu.com/ja-jp/article/8877
2016-06-25
Published