Lucene search

K
freebsdFreeBSDB57F690E-ECC9-11E4-876C-00262D5ED8EE
HistoryApr 14, 2015 - 12:00 a.m.

chromium -- multiple vulnerabilities

2015-04-1400:00:00
vuxml.freebsd.org
14

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.044 Low

EPSS

Percentile

92.2%

Google Chrome Releases reports:

45 new security fixes, including:

[456518] High CVE-2015-1235: Cross-origin-bypass in HTML
parser. Credit to anonymous.
[313939] Medium CVE-2015-1236: Cross-origin-bypass in Blink.
Credit to Amitay Dobo.
[461191] High CVE-2015-1237: Use-after-free in IPC. Credit to
Khalil Zhani.
[445808] High CVE-2015-1238: Out-of-bounds write in Skia.
Credit to cloudfuzzer.
[463599] Medium CVE-2015-1240: Out-of-bounds read in WebGL.
Credit to w3bd3vil.
[418402] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip
Moon and Matt Weston of Sandfield Information Systems.
[460917] High CVE-2015-1242: Type confusion in V8. Credit to
[email protected].
[455215] Medium CVE-2015-1244: HSTS bypass in WebSockets.
Credit to Mike Ruddy.
[444957] Medium CVE-2015-1245: Use-after-free in PDFium. Credit
to Khalil Zhani.
[437399] Medium CVE-2015-1246: Out-of-bounds read in Blink.
Credit to Atte Kettunen of OUSPG.
[429838] Medium CVE-2015-1247: Scheme issues in OpenSearch.
Credit to Jann Horn.
[380663] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to
Vittorio Gambaletta (VittGam).
[476786] CVE-2015-1249: Various fixes from internal audits,
fuzzing and other initiatives. Multiple vulnerabilities in V8
fixed at the tip of the 4.2 branch (currently 4.2.77.14).

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchchromium< 42.0.2311.90UNKNOWN
FreeBSDanynoarchchromium-npapi< 42.0.2311.90UNKNOWN
FreeBSDanynoarchchromium-pulse< 42.0.2311.90UNKNOWN

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.044 Low

EPSS

Percentile

92.2%