usn-2955-1
Vulnerability from osv_ubuntu
Published
2016-04-27 21:10
Modified
2026-04-22 07:36
Summary
oxide-qt vulnerabilities
Details

A use-after-free was discovered when responding synchronously to permission requests. An attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. (CVE-2016-1578)

An out-of-bounds read was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2016-1646)

A use-after-free was discovered in the navigation implementation in Chromium in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. (CVE-2016-1647)

A buffer overflow was discovered in ANGLE. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. (CVE-2016-1649)

An out-of-bounds write was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed renderer process. (CVE-2016-1653)

An invalid read was discovered in the media subsystem in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2016-1654)

It was discovered that frame removal during callback execution could trigger a use-after-free in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed renderer process. (CVE-2016-1655)

Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2016-1659)

Multiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2016-3679)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2016-1578",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1646",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1647",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1649",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1653",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1654",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1655",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1659",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3679",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:14.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "liboxideqt-qmlplugin",
            "binary_version": "1.14.7-0ubuntu0.14.04.1"
          },
          {
            "binary_name": "liboxideqtcore0",
            "binary_version": "1.14.7-0ubuntu0.14.04.1"
          },
          {
            "binary_name": "liboxideqtquick0",
            "binary_version": "1.14.7-0ubuntu0.14.04.1"
          },
          {
            "binary_name": "oxideqmlscene",
            "binary_version": "1.14.7-0ubuntu0.14.04.1"
          },
          {
            "binary_name": "oxideqt-chromedriver",
            "binary_version": "1.14.7-0ubuntu0.14.04.1"
          },
          {
            "binary_name": "oxideqt-codecs",
            "binary_version": "1.14.7-0ubuntu0.14.04.1"
          },
          {
            "binary_name": "oxideqt-codecs-extra",
            "binary_version": "1.14.7-0ubuntu0.14.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:14.04:LTS",
        "name": "oxide-qt",
        "purl": "pkg:deb/ubuntu/oxide-qt@1.14.7-0ubuntu0.14.04.1?arch=source\u0026distro=trusty"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.14.7-0ubuntu0.14.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.0.0~bzr437-0ubuntu1",
        "1.0.0~bzr452-0ubuntu1",
        "1.0.0~bzr475-0ubuntu1",
        "1.0.0~bzr490-0ubuntu1",
        "1.0.0~bzr501-0ubuntu1",
        "1.0.0~bzr501-0ubuntu2",
        "1.0.4-0ubuntu0.14.04.1",
        "1.0.5-0ubuntu0.14.04.1",
        "1.1.2-0ubuntu0.14.04.1",
        "1.2.5-0ubuntu0.14.04.1",
        "1.3.4-0ubuntu0.14.04.1",
        "1.4.2-0ubuntu0.14.04.1",
        "1.4.3-0ubuntu0.14.04.1",
        "1.5.5-0ubuntu0.14.04.3",
        "1.5.6-0ubuntu0.14.04.2",
        "1.6.5-0ubuntu0.14.04.1",
        "1.6.6-0ubuntu0.14.04.1",
        "1.7.8-0ubuntu0.14.04.1",
        "1.7.9-0ubuntu0.14.04.1",
        "1.8.4-0ubuntu0.14.04.2",
        "1.9.1-0ubuntu0.14.04.2",
        "1.9.5-0ubuntu0.14.04.1",
        "1.10.3-0ubuntu0.14.04.1",
        "1.11.3-0ubuntu0.14.04.1",
        "1.11.4-0ubuntu0.14.04.1",
        "1.12.5-0ubuntu0.14.04.1",
        "1.12.6-0ubuntu0.14.04.1",
        "1.12.7-0ubuntu0.14.04.1",
        "1.13.6-0ubuntu0.14.04.1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2016-1578",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1646",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1647",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1649",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1653",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1654",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1655",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1659",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-3679",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "liboxideqt-qmlplugin",
            "binary_version": "1.14.7-0ubuntu1"
          },
          {
            "binary_name": "liboxideqtcore0",
            "binary_version": "1.14.7-0ubuntu1"
          },
          {
            "binary_name": "liboxideqtquick0",
            "binary_version": "1.14.7-0ubuntu1"
          },
          {
            "binary_name": "oxideqt-codecs",
            "binary_version": "1.14.7-0ubuntu1"
          },
          {
            "binary_name": "oxideqt-codecs-extra",
            "binary_version": "1.14.7-0ubuntu1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:16.04:LTS",
        "name": "oxide-qt",
        "purl": "pkg:deb/ubuntu/oxide-qt@1.14.7-0ubuntu1?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.14.7-0ubuntu1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.9.5-0ubuntu1",
        "1.10.3-0ubuntu0.15.10.1",
        "1.10.3-0ubuntu0.15.10.2",
        "1.11.3-0ubuntu3",
        "1.11.4-0ubuntu1",
        "1.11.5-0ubuntu1",
        "1.12.5-0ubuntu1",
        "1.12.6-0ubuntu1",
        "1.12.7-0ubuntu1",
        "1.13.6-0ubuntu1"
      ]
    }
  ],
  "aliases": [],
  "details": "A use-after-free was discovered when responding synchronously to\npermission requests. An attacker could potentially exploit this to cause\na denial of service via application crash, or execute arbitrary code with\nthe privileges of the user invoking the program. (CVE-2016-1578)\n\nAn out-of-bounds read was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash. (CVE-2016-1646)\n\nA use-after-free was discovered in the navigation implementation in\nChromium in some circumstances. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this to\ncause a denial of service via application crash, or execute arbitrary code\nwith the privileges of the user invoking the program. (CVE-2016-1647)\n\nA buffer overflow was discovered in ANGLE. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking the program.\n(CVE-2016-1649)\n\nAn out-of-bounds write was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash, or execute arbitrary\ncode with the privileges of the sandboxed renderer process.\n(CVE-2016-1653)\n\nAn invalid read was discovered in the media subsystem in Chromium. If a\nuser were tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to cause a denial of service via\napplication crash. (CVE-2016-1654)\n\nIt was discovered that frame removal during callback execution could\ntrigger a use-after-free in Blink. If a user were tricked in to opening\na specially crafted website, an attacker could potentially exploit this\nto cause a denial of service via renderer crash, or execute arbitrary\ncode with the privileges of the sandboxed renderer process.\n(CVE-2016-1655)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2016-1659)\n\nMultiple security issues were discovered in V8. If a user were tricked\nin to opening a specially crafted website, an attacker could potentially\nexploit these to read uninitialized memory, cause a denial of service via\nrenderer crash or execute arbitrary code with the privileges of the\nsandboxed render process. (CVE-2016-3679)\n",
  "id": "USN-2955-1",
  "modified": "2026-04-22T07:36:33Z",
  "published": "2016-04-27T21:10:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-2955-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1578"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1646"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1647"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1649"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1653"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1654"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1655"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1659"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-3679"
    },
    {
      "type": "REPORT",
      "url": "https://launchpad.net/bugs/1561450"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "oxide-qt vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2016-1578",
    "UBUNTU-CVE-2016-1646",
    "UBUNTU-CVE-2016-1647",
    "UBUNTU-CVE-2016-1649",
    "UBUNTU-CVE-2016-1653",
    "UBUNTU-CVE-2016-1654",
    "UBUNTU-CVE-2016-1655",
    "UBUNTU-CVE-2016-1659",
    "UBUNTU-CVE-2016-3679"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…