Oval Definition:oval:com.ubuntu.trusty:def:20165166000
Revision Date:2016-09-11Version:1
Title:CVE-2016-5166 on Ubuntu 14.04 LTS (trusty) - medium.
Description:The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and conduct SMB relay attacks via a crafted web page that is accessed with the "Save page as" menu choice.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-5166
Platform(s):Ubuntu 14.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 14.04 LTS (trusty) is installed.
  • AND Package Information
  • The 'chromium-browser' package in trusty was vulnerable but has been fixed (note: '53.0.2785.143-0ubuntu0.14.04.1.1142').
  • OR NOT While related to the CVE in some way, the 'oxide-qt' package in trusty is not affected.
  • BACK