CVE-2016-5166 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Information disclosure |
| Description | The download implementation in Chromium does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and conduct SMB relay attacks via a crafted web page that is accessed with the "Save page as" menu choice. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-109 | qt5-webengine | 5.7.0-7 | 5.7.1-1 | Critical | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 17 Dec 2016 | ASA-201612-18 | AVG-109 | qt5-webengine | Critical | multiple issues |
| References |
|---|
https://bugs.chromium.org/p/chromium/issues/detail?id=616429 |