{"id":"USN-3041-1","summary":"oxide-qt vulnerabilities","details":"Multiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service (application crash) or execute arbitrary code. (CVE-2016-1705)\n\nIt was discovered that the PPAPI implementation does not validate the\norigin of IPC messages to the plugin broker process. A remote attacker\ncould potentially exploit this to bypass sandbox protection mechanisms.\n(CVE-2016-1706)\n\nIt was discovered that Blink does not prevent window creation by a\ndeferred frame. A remote attacker could potentially exploit this to bypass\nsame origin restrictions. (CVE-2016-1710)\n\nIt was discovered that Blink does not disable frame navigation during a\ndetach operation on a DocumentLoader object. A remote attacker could\npotentially exploit this to bypass same origin restrictions.\n(CVE-2016-1711)\n\nA use-after-free was discovered in Blink. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer process crash, or execute\narbitrary code. (CVE-2016-5127)\n\nIt was discovered that objects.cc in V8 does not prevent API interceptors\nfrom modifying a store target without setting a property. A remote\nattacker could potentially exploit this to bypass same origin\nrestrictions. (CVE-2016-5128)\n\nA memory corruption was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer process crash, or execute\narbitrary code. (CVE-2016-5129)\n\nA security issue was discovered in Chromium. A remote attacker could\npotentially exploit this to spoof the currently displayed URL.\n(CVE-2016-5130)\n\nA use-after-free was discovered in libxml. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer process crash, or execute\narbitrary code. (CVE-2016-5131)\n\nThe Service Workers implementation in Chromium does not properly implement\nthe Secure Contexts specification during decisions about whether to\ncontrol a subframe. A remote attacker could potentially exploit this to\nbypass same origin restrictions. (CVE-2016-5132)\n\nIt was discovered that Chromium mishandles origin information during proxy\nauthentication. A machine-in-the-middle attacker could potentially exploit this\nto spoof a proxy authentication login prompt. (CVE-2016-5133)\n\nIt was discovered that the Proxy Auto-Config (PAC) feature in Chromium\ndoes not ensure that URL information is restricted to a scheme, host and\nport. A remote attacker could potentially exploit this to obtain sensitive\ninformation. (CVE-2016-5134)\n\nIt was discovered that Blink does not consider referrer-policy information\ninside an HTML document during a preload request. A remote attacker could\npotentially exploit this to bypass Content Security Policy (CSP)\nprotections. (CVE-2016-5135)\n\nIt was discovered that the Content Security Policy (CSP) implementation in\nBlink does not apply http :80 policies to https :443 URLs. A remote\nattacker could potentially exploit this to determine whether a specific\nHSTS web site has been visited by reading a CSP report. (CVE-2016-5137)\n","modified":"2026-02-10T04:41:01Z","published":"2016-08-05T13:29:13Z","related":["UBUNTU-CVE-2016-1705","UBUNTU-CVE-2016-1706","UBUNTU-CVE-2016-1710","UBUNTU-CVE-2016-1711","UBUNTU-CVE-2016-5127","UBUNTU-CVE-2016-5128","UBUNTU-CVE-2016-5129","UBUNTU-CVE-2016-5130","UBUNTU-CVE-2016-5131","UBUNTU-CVE-2016-5132","UBUNTU-CVE-2016-5133","UBUNTU-CVE-2016-5134","UBUNTU-CVE-2016-5135","UBUNTU-CVE-2016-5137"],"upstream":["CVE-2016-1705","CVE-2016-1706","CVE-2016-1710","CVE-2016-1711","CVE-2016-5127","CVE-2016-5128","CVE-2016-5129","CVE-2016-5130","CVE-2016-5131","CVE-2016-5132","CVE-2016-5133","CVE-2016-5134","CVE-2016-5135","CVE-2016-5137","UBUNTU-CVE-2016-1705","UBUNTU-CVE-2016-1706","UBUNTU-CVE-2016-1710","UBUNTU-CVE-2016-1711","UBUNTU-CVE-2016-5127","UBUNTU-CVE-2016-5128","UBUNTU-CVE-2016-5129","UBUNTU-CVE-2016-5130","UBUNTU-CVE-2016-5131","UBUNTU-CVE-2016-5132","UBUNTU-CVE-2016-5133","UBUNTU-CVE-2016-5134","UBUNTU-CVE-2016-5135","UBUNTU-CVE-2016-5137"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-3041-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1705"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1706"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1710"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1711"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-5127"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-5128"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-5129"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-5130"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-5131"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-5132"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-5133"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-5134"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-5135"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-5137"}],"affected":[{"package":{"name":"oxide-qt","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/oxide-qt@1.16.5-0ubuntu0.14.04.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.16.5-0ubuntu0.14.04.1"}]}],"versions":["1.0.0~bzr437-0ubuntu1","1.0.0~bzr452-0ubuntu1","1.0.0~bzr475-0ubuntu1","1.0.0~bzr490-0ubuntu1","1.0.0~bzr501-0ubuntu1","1.0.0~bzr501-0ubuntu2","1.0.4-0ubuntu0.14.04.1","1.0.5-0ubuntu0.14.04.1","1.1.2-0ubuntu0.14.04.1","1.2.5-0ubuntu0.14.04.1","1.3.4-0ubuntu0.14.04.1","1.4.2-0ubuntu0.14.04.1","1.4.3-0ubuntu0.14.04.1","1.5.5-0ubuntu0.14.04.3","1.5.6-0ubuntu0.14.04.2","1.6.5-0ubuntu0.14.04.1","1.6.6-0ubuntu0.14.04.1","1.7.8-0ubuntu0.14.04.1","1.7.9-0ubuntu0.14.04.1","1.8.4-0ubuntu0.14.04.2","1.9.1-0ubuntu0.14.04.2","1.9.5-0ubuntu0.14.04.1","1.10.3-0ubuntu0.14.04.1","1.11.3-0ubuntu0.14.04.1","1.11.4-0ubuntu0.14.04.1","1.12.5-0ubuntu0.14.04.1","1.12.6-0ubuntu0.14.04.1","1.12.7-0ubuntu0.14.04.1","1.13.6-0ubuntu0.14.04.1","1.14.7-0ubuntu0.14.04.1","1.14.9-0ubuntu0.14.04.1","1.15.7-0ubuntu0.14.04.1","1.15.8-0ubuntu0.14.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"liboxideqt-qmlplugin","binary_version":"1.16.5-0ubuntu0.14.04.1"},{"binary_name":"liboxideqtcore-dev","binary_version":"1.16.5-0ubuntu0.14.04.1"},{"binary_name":"liboxideqtcore0","binary_version":"1.16.5-0ubuntu0.14.04.1"},{"binary_name":"liboxideqtquick-dev","binary_version":"1.16.5-0ubuntu0.14.04.1"},{"binary_name":"liboxideqtquick0","binary_version":"1.16.5-0ubuntu0.14.04.1"},{"binary_name":"oxideqmlscene","binary_version":"1.16.5-0ubuntu0.14.04.1"},{"binary_name":"oxideqt-chromedriver","binary_version":"1.16.5-0ubuntu0.14.04.1"},{"binary_name":"oxideqt-codecs","binary_version":"1.16.5-0ubuntu0.14.04.1"},{"binary_name":"oxideqt-codecs-extra","binary_version":"1.16.5-0ubuntu0.14.04.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2016-1705","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-1706","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-1710","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-1711","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5127","severity":[{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5128","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5129","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5130","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5131","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5132","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5133","severity":[{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5134","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5135","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5137","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:14.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3041-1.json"}},{"package":{"name":"oxide-qt","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/oxide-qt@1.16.5-0ubuntu0.16.04.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.16.5-0ubuntu0.16.04.1"}]}],"versions":["1.9.5-0ubuntu1","1.10.3-0ubuntu0.15.10.1","1.10.3-0ubuntu0.15.10.2","1.11.3-0ubuntu3","1.11.4-0ubuntu1","1.11.5-0ubuntu1","1.12.5-0ubuntu1","1.12.6-0ubuntu1","1.12.7-0ubuntu1","1.13.6-0ubuntu1","1.14.7-0ubuntu1","1.14.9-0ubuntu0.16.04.1","1.15.7-0ubuntu0.16.04.1","1.15.8-0ubuntu0.16.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"liboxideqt-qmlplugin","binary_version":"1.16.5-0ubuntu0.16.04.1"},{"binary_name":"liboxideqtcore-dev","binary_version":"1.16.5-0ubuntu0.16.04.1"},{"binary_name":"liboxideqtcore0","binary_version":"1.16.5-0ubuntu0.16.04.1"},{"binary_name":"liboxideqtquick-dev","binary_version":"1.16.5-0ubuntu0.16.04.1"},{"binary_name":"liboxideqtquick0","binary_version":"1.16.5-0ubuntu0.16.04.1"},{"binary_name":"oxideqt-codecs","binary_version":"1.16.5-0ubuntu0.16.04.1"},{"binary_name":"oxideqt-codecs-extra","binary_version":"1.16.5-0ubuntu0.16.04.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2016-1705","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-1706","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-1710","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-1711","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5127","severity":[{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5128","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5129","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5130","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5131","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5132","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5133","severity":[{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5134","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5135","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2016-5137","severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:16.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3041-1.json"}}],"schema_version":"1.7.3"}