The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3067-1 advisory.

    Kostya Serebryany discovered that HarfBuzz incorrectly handled memory. A remote attacker could use this     issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code.
    (CVE-2015-8947)

    It was discovered that HarfBuzz incorrectly handled certain length checks. A remote attacker could use     this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary     code. This issue only applied to Ubuntu 16.04 LTS. (CVE-2016-2052)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

LibreOffice was updated to version 5.3.3.2, bringing new features and enhancements: Writer :

  - New 'Go to Page' dialog for quickly jumping to another     page.

  - Support for 'Table Styles'.

  - New drawing tools were added.

  - Improvements in the toolbar.

  - Borderless padding is displayed. Calc :

  - New drawing tools were added.

  - In new installations the default setting for new     documents is now 'Enable wildcards in formulas' instead     of regular expressions.

  - Improved compatibility with ODF 1.2 Impress :

  - Images inserted via 'Photo Album' can now be linked     instead of embedded in the document.

  - When launching Impress, a Template Selector allows you     to choose a Template to start with.

  - Two new default templates: Vivid and Pencil.

  - All existing templates have been improved. Draw :

  - New arrow endings, including Crow's foot notation's     ones. Base :

  - Firebird has been upgraded to version 3.0.0. It is     unable to read back Firebird 2.5 data, so embedded     Firebird odb files created in LibreOffice version up to     5.2 cannot be opened with LibreOffice 5.3. Some security     issues have also been fixed :

  - CVE-2017-7870: An out-of-bounds write caused by a     heap-based buffer overflow related to the     tools::Polygon::Insert function.

  - CVE-2017-7882: An out-of-bounds write related to the     HWPFile::TagsRead function.

  - CVE-2017-8358: an out-of-bounds write caused by a     heap-based buffer overflow related to the ReadJPEG     function.

  - CVE-2016-10327: An out-of-bounds write caused by a     heap-based buffer overflow related to the     EnhWMFReader::ReadEnhWMF function.

  - CVE-2017-9433: An out-of-bounds write caused by a     heap-based buffer overflow related to the     MsWrd1Parser::readFootnoteCorrespondance function in     libmwaw. A comprehensive list of new features and     changes in this release is available at:
    https://wiki.documentfoundation.org/ReleaseNotes/5.3

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-201701-76 (HarfBuzz: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in HarfBuzz. Please review       the CVE identifiers referenced below for details.
  Impact :

    Remote attackers, through the use of crafted data, could cause a Denial       of Service condition or have other unspecified impacts.
  Workaround :

    There is no known workaround at this time.

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6 (CVE-2015-8947,     CVE-2016-2052)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

LibreOffice was updated to version 5.3.5.2, bringing new features and enhancements :

Writer :

  - New 'Go to Page' dialog for quickly jumping to another     page.

  - Support for 'Table Styles'.

  - New drawing tools were added.

  - Improvements in the toolbar.

  - Borderless padding is displayed.

Calc :

  - New drawing tools were added.

  - In new installations the default setting for new     documents is now 'Enable wildcards in formulas' instead     of regular expressions.

  - Improved compatibility with ODF 1.2

Impress :

  - Images inserted via 'Photo Album' can now be linked     instead of embedded in the document.

  - When launching Impress, a Template Selector allows you     to choose a Template to start with.

  - Two new default templates: Vivid and Pencil.

  - All existing templates have been improved.

Draw :

  - New arrow endings, including Crow's foot notation's     ones.

Base :

  - Firebird has been upgraded to version 3.0.0. It is     unable to read back Firebird 2.5 data, so embedded     Firebird odb files created in LibreOffice version up to     5.2 cannot be opened with LibreOffice 5.3.

Some security issues have also been fixed :

  - CVE-2017-7870: An out-of-bounds write caused by a     heap-based buffer overflow related to the     tools::Polygon::Insert function.

  - CVE-2017-7882: An out-of-bounds write related to the     HWPFile::TagsRead function.

  - CVE-2017-8358: an out-of-bounds write caused by a     heap-based buffer overflow related to the ReadJPEG     function.

  - CVE-2016-10327: An out-of-bounds write caused by a     heap-based buffer overflow related to the     EnhWMFReader::ReadEnhWMF function.

  - CVE-2017-9433: An out-of-bounds write caused by a     heap-based buffer overflow related to the     MsWrd1Parser::readFootnoteCorrespondance function in     libmwaw.

A comprehensive list of new features and changes in this release is available at: https://wiki.documentfoundation.org/ReleaseNotes/5.3

This update contains binaries for the ports architectures only. This update was imported from the SUSE:SLE-12:Update update project.

An issue has been found in harfbuzz, an OpenType text shaping engine.

Due to a buffer over-read, remote attackers are able to cause a denial of service or possibly have other impact via crafted data.

For Debian 8 'Jessie', this problem has been fixed in version 0.9.35-2+deb8u1.

We recommend that you upgrade your harfbuzz packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for harfbuzz fixes the following security issues :

  - CVE-2016-2052: harfbuzz: Multiple unspecified     vulnerabilities in HarfBuzz before 1.0.6 (boo#963436)

  - CVE-2015-8947: harfbuzz: hb-ot-layout-gpos-table.hh     buffer over-read (boo#989564)

Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Chromium is an open source web browser, powered by WebKit (Blink).

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-1612, CVE-2016-1613, CVE-2016-1614, CVE-2016-1615, CVE-2016-1616, CVE-2016-1617, CVE-2016-1618, CVE-2016-1619, CVE-2016-1620, CVE-2016-2051, CVE-2016-2052)

All Chromium users should upgrade to these updated packages, which contain Chromium version 48.0.2564.82, which corrects these issues.
After installing the update, Chromium must be restarted for the changes to take effect.

LibreOffice was updated to version 5.3.5.2, bringing new features and enhancements: Writer :

  - New 'Go to Page' dialog for quickly jumping to another     page.

  - Support for 'Table Styles'.

  - New drawing tools were added.

  - Improvements in the toolbar.

  - Borderless padding is displayed. Calc :

  - New drawing tools were added.

  - In new installations the default setting for new     documents is now 'Enable wildcards in formulas' instead     of regular expressions.

  - Improved compatibility with ODF 1.2 Impress :

  - Images inserted via 'Photo Album' can now be linked     instead of embedded in the document.

  - When launching Impress, a Template Selector allows you     to choose a Template to start with.

  - Two new default templates: Vivid and Pencil.

  - All existing templates have been improved. Draw :

  - New arrow endings, including Crow's foot notation's     ones. Base :

  - Firebird has been upgraded to version 3.0.0. It is     unable to read back Firebird 2.5 data, so embedded     Firebird odb files created in LibreOffice version up to     5.2 cannot be opened with LibreOffice 5.3. Some security     issues have also been fixed :

  - CVE-2017-7870: An out-of-bounds write caused by a     heap-based buffer overflow related to the     tools::Polygon::Insert function.

  - CVE-2017-7882: An out-of-bounds write related to the     HWPFile::TagsRead function.

  - CVE-2017-8358: an out-of-bounds write caused by a     heap-based buffer overflow related to the ReadJPEG     function.

  - CVE-2016-10327: An out-of-bounds write caused by a     heap-based buffer overflow related to the     EnhWMFReader::ReadEnhWMF function.

  - CVE-2017-9433: An out-of-bounds write caused by a     heap-based buffer overflow related to the     MsWrd1Parser::readFootnoteCorrespondance function in     libmwaw. A comprehensive list of new features and     changes in this release is available at:
    https://wiki.documentfoundation.org/ReleaseNotes/5.3

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Google Chrome installed on the remote host is prior to 52.0.2743.82, and is affected by multiple vulnerabilities :

 - An out-of-bounds read flaw in the 'xmlParseEndTag2()' function in 'parser.c' is triggered when parsing an end tag. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.
 - An out-of-bounds read flaw in the 'xmlNextChar()' function in 'parserInternals.c' is triggered when parsing characters in an XML file. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.
 - An overflow condition in the 'htmlParseName()' and 'htmlParseNameComplex()' functions of 'HTMLparser.c' is triggered as user-supplied input is not properly validated when parsing characters in a range. With a specially crafted file, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
 - An integer overflow condition in the 'xmlParse3986Port()' function in 'uri.c' is triggered as user-supplied input is not properly validated when handling port numbers in the URL. This may allow a context-dependent attacker to have an unspecified impact.
 - An out-of-bounds under-read flaw in the 'xmlParseConditionalSections()' and 'xmlParseElementDecl()' functions in 'parser.c' may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.
 - A format string flaw in multiple functionalities is triggered as string format specifiers (e.g. %s and %x) are not properly used. This may allow a context-dependent attacker to potentially execute arbitrary code or cause a denial of service in a process linked against the library.
 - An out-of-bounds read flaw in the 'PairPosFormat1::sanitize()' function 'in hb-ot-layout-gpos-table.hh' may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.
 - A flaw in 'PPAPI' is triggered when handling certain messages not sent by the browser in the plugin broker process. This may allow a context-dependent attacker to bypass the sandbox.
 - A flaw in 'web/web_state/ui/crw_web_controller.mm' is triggered when handling invalid URLs. This may allow a context-dependent attacker to conduct URL spoofing attacks.
 - A use-after-free error related to extensions may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.
 - An array indexing error in the 'ByteArray::Get()' function in 'data/byte_array.cc' is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, crashing a process linked against the library or potentially allowing the execution of arbitrary code.
 - A flaw in 'web/ChromeClientImpl.cpp' is triggered when handling creation of new windows by deferred frames. This may allow a context-dependent attacker to bypass the same-origin policy.
 - A flaw in 'core/loader/FrameLoader.

ID	Name	Product	Family	Published	Updated	Severity
93106	Ubuntu 14.04 LTS / 16.04 LTS : HarfBuzz vulnerabilities (USN-3067-1)	Nessus	Ubuntu Local Security Checks	8/25/2016	8/27/2024	high
101353	SUSE SLED12 Security Update : libreoffice (SUSE-SU-2017:1821-1)	Nessus	SuSE Local Security Checks	7/10/2017	1/6/2021	critical
96914	GLSA-201701-76 : HarfBuzz: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	2/1/2017	1/11/2021	high
200006	RHEL 7 : harfbuzz (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	6/3/2024	6/3/2024	high
103284	openSUSE Security Update : libreoffice (openSUSE-2017-1048)	Nessus	SuSE Local Security Checks	9/18/2017	1/19/2021	critical
132107	Debian DLA-2040-1 : harfbuzz security update	Nessus	Debian Local Security Checks	12/18/2019	4/4/2024	high
92993	openSUSE Security Update : harfbuzz (openSUSE-2016-986)	Nessus	SuSE Local Security Checks	8/17/2016	1/19/2021	high
88447	RHEL 6 : chromium-browser (RHSA-2016:0072)	Nessus	Red Hat Local Security Checks	1/28/2016	5/29/2020	critical
102911	SUSE SLED12 Security Update : libreoffice (SUSE-SU-2017:2315-1)	Nessus	SuSE Local Security Checks	9/1/2017	1/6/2021	critical
9480	Google Chrome < 52.0.2743.82 Multiple Vulnerabilites	Nessus Network Monitor	Web Clients	8/12/2016	3/6/2019	critical

Detections

Analytics

Plugins Search

high

critical

high

high

critical

high

high

critical

critical

critical