CVE-2016-5166 log

Source
Severity Medium
Remote Yes
Type Information disclosure
Description
The download implementation in Chromium does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and conduct SMB relay attacks via a crafted web page that is accessed with the "Save page as" menu choice.
Group Package Affected Fixed Severity Status Ticket
AVG-109 qt5-webengine 5.7.0-7 5.7.1-1 Critical Fixed
Date Advisory Group Package Severity Description
17 Dec 2016 ASA-201612-18 AVG-109 qt5-webengine Critical multiple issues
References
https://bugs.chromium.org/p/chromium/issues/detail?id=616429