chromium: multiple issues

2015-12-09T00:00:00
ID ASA-201512-5
Type archlinux
Reporter Arch Linux
Modified 2015-12-09T00:00:00

Description

  • CVE-2015-6788 (arbitrary code execution)

A type confusion vulnerability has been discovered in the handling of extensions that could possibly lead to arbitrary code execution.

  • CVE-2015-6789 (arbitrary code execution)

A use-after free vulnerability has been discovered in Blink that could possibly lead to arbitrary code execution.

  • CVE-2015-6790 (insufficient escaping)

An escaping issue has been discovered in saved pages that has unspecified impact.

  • CVE-2015-6791 (multiple issues)

Various unspecified vulnerabilities have been discovered from internal audits, fuzzing and other initiatives.