Gentoo Linux Local Check: https://security.gentoo.org/glsa/201506-04
2015-09-29T00:00:00
ID OPENVAS:1361412562310121381 Type openvas Reporter Eero Volotinen Modified 2018-04-06T00:00:00
Description
Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201506-04
# OpenVAS Vulnerability Test
# Description: Gentoo Linux security check
# $Id: glsa-201506-04.nasl 9374 2018-04-06 08:58:12Z cfischer $
# Authors:
# Eero Volotinen <eero.volotinen@solinor.com>
#
# Copyright:
# Copyright (c) 2015 Eero Volotinen, http://solinor.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.121381");
script_version("$Revision: 9374 $");
script_tag(name:"creation_date", value:"2015-09-29 11:28:51 +0300 (Tue, 29 Sep 2015)");
script_tag(name:"last_modification", value:"$Date: 2018-04-06 10:58:12 +0200 (Fri, 06 Apr 2018) $");
script_name("Gentoo Linux Local Check: https://security.gentoo.org/glsa/201506-04");
script_tag(name: "insight", value: "Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.");
script_tag(name : "solution", value : "update software");
script_tag(name : "solution_type", value : "VendorFix");
script_xref(name : "URL" , value : "https://security.gentoo.org/glsa/201506-04");
script_cve_id("CVE-2015-1233","CVE-2015-1234","CVE-2015-1235","CVE-2015-1236","CVE-2015-1237","CVE-2015-1238","CVE-2015-1240","CVE-2015-1241","CVE-2015-1242","CVE-2015-1243","CVE-2015-1244","CVE-2015-1245","CVE-2015-1246","CVE-2015-1247","CVE-2015-1248","CVE-2015-1250","CVE-2015-1251","CVE-2015-1252","CVE-2015-1253","CVE-2015-1254","CVE-2015-1255","CVE-2015-1256","CVE-2015-1257","CVE-2015-1258","CVE-2015-1259","CVE-2015-1260","CVE-2015-1262","CVE-2015-1263","CVE-2015-1264","CVE-2015-1265");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"qod_type", value:"package");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_category(ACT_GATHER_INFO);
script_tag(name:"summary", value:"Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201506-04");
script_copyright("Eero Volotinen");
script_family("Gentoo Local Security Checks");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-gentoo.inc");
res = "";
report = "";
if((res=ispkgvuln(pkg:"www-client/chromium", unaffected: make_list("ge 43.0.2357.65"), vulnerable: make_list("lt 43.0.2357.65"))) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121381", "history": [{"lastseen": "2017-07-24T12:53:50", "differentElements": ["modified", "sourceData"], "edition": 2, "bulletin": {"href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121381", "history": [], "naslFamily": "Gentoo Local Security Checks", "id": "OPENVAS:1361412562310121381", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201506-04", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201506-04", "published": "2015-09-29T00:00:00", "type": "openvas", "bulletinFamily": "scanner", "hashmap": [{"key": "href", "hash": "4fe120a268e55c319743063b32a7fe1f"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "0a3237aff20255489eca329c8da700cb"}, {"key": "pluginID", "hash": "f7d5e82f548e84e2647e0b3b17324912"}, {"key": "title", "hash": "ceef775953613e8658f4872d9aecb790"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}, {"key": "cvelist", "hash": "8cca78102abe74e4d338ffc50d355333"}, {"key": "references", "hash": "4179206603066320f50a7861b8b17c89"}, {"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "modified", "hash": "d89cc672a6266551218ef8145d1f22e2"}, {"key": "published", "hash": "311fe06b3cf4192127ad9986f2239f2a"}, {"key": "naslFamily", "hash": "cf18d881f0f76f23f322ed3f861d3616"}, {"key": "sourceData", "hash": "ef8c50fe28134b6c46987cd3de5f65e3"}, {"key": "reporter", "hash": "bb3dbc0ecae053747a8a163af717a25f"}], "sourceData": "# OpenVAS Vulnerability Test\n# Description: Gentoo Linux security check\n# $Id: glsa-201506-04.nasl 6592 2017-07-07 09:16:27Z cfischer $\n\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.121381\");\nscript_version(\"$Revision: 6592 $\");\nscript_tag(name:\"creation_date\", value:\"2015-09-29 11:28:51 +0300 (Tue, 29 Sep 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:16:27 +0200 (Fri, 07 Jul 2017) $\");\nscript_name(\"Gentoo Linux Local Check: https://security.gentoo.org/glsa/201506-04\");\nscript_tag(name: \"insight\", value: \"Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://security.gentoo.org/glsa/201506-04\");\nscript_cve_id(\"CVE-2015-1233\",\"CVE-2015-1234\",\"CVE-2015-1235\",\"CVE-2015-1236\",\"CVE-2015-1237\",\"CVE-2015-1238\",\"CVE-2015-1240\",\"CVE-2015-1241\",\"CVE-2015-1242\",\"CVE-2015-1243\",\"CVE-2015-1244\",\"CVE-2015-1245\",\"CVE-2015-1246\",\"CVE-2015-1247\",\"CVE-2015-1248\",\"CVE-2015-1250\",\"CVE-2015-1251\",\"CVE-2015-1252\",\"CVE-2015-1253\",\"CVE-2015-1254\",\"CVE-2015-1255\",\"CVE-2015-1256\",\"CVE-2015-1257\",\"CVE-2015-1258\",\"CVE-2015-1259\",\"CVE-2015-1260\",\"CVE-2015-1262\",\"CVE-2015-1263\",\"CVE-2015-1264\",\"CVE-2015-1265\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\nscript_category(ACT_GATHER_INFO);\nscript_summary(\"Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201506-04\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Gentoo Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 43.0.2357.65\"), vulnerable: make_list(\"lt 43.0.2357.65\"))) != NULL) {\n\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "pluginID": "1361412562310121381", "hash": "b8094221f0f5e0b6b68bebeb2d86417e3b07dd474f1afb3d63aba0301106382c", "modified": "2017-07-07T00:00:00", "edition": 2, "cvelist": ["CVE-2015-1265", "CVE-2015-1247", "CVE-2015-1257", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1250", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1243", "CVE-2015-1252", "CVE-2015-1233", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1256", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1238", "CVE-2015-1264", "CVE-2015-1234"], "lastseen": "2017-07-24T12:53:50", "viewCount": 0, "enchantments": {"score": {"modified": "2017-07-24T12:53:50", "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P/", "value": 6.0}}, "reporter": "Eero Volotinen", "objectVersion": "1.3", "references": ["https://security.gentoo.org/glsa/201506-04"]}}, {"lastseen": "2017-07-02T21:12:30", "differentElements": ["modified", "sourceData"], "edition": 1, "bulletin": {"href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121381", "history": [], "naslFamily": "Gentoo Local Security Checks", "id": "OPENVAS:1361412562310121381", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201506-04", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201506-04", "published": "2015-09-29T00:00:00", "type": "openvas", "bulletinFamily": "scanner", "hashmap": [{"key": "href", "hash": "4fe120a268e55c319743063b32a7fe1f"}, {"key": "sourceData", "hash": "94a928256468f7ecc9fcecbb6265fbc4"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "0a3237aff20255489eca329c8da700cb"}, {"key": "pluginID", "hash": "f7d5e82f548e84e2647e0b3b17324912"}, {"key": "title", "hash": "ceef775953613e8658f4872d9aecb790"}, {"key": "modified", "hash": "451ccf9b33cae434b1236ed7a06114ec"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}, {"key": "cvelist", "hash": "8cca78102abe74e4d338ffc50d355333"}, {"key": "references", "hash": "4179206603066320f50a7861b8b17c89"}, {"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "published", "hash": "311fe06b3cf4192127ad9986f2239f2a"}, {"key": "naslFamily", "hash": "cf18d881f0f76f23f322ed3f861d3616"}, {"key": "reporter", "hash": "bb3dbc0ecae053747a8a163af717a25f"}], "sourceData": "# OpenVAS Vulnerability Test\n# Description: Gentoo Linux security check\n# $Id: glsa-201506-04.nasl 4513 2016-11-15 09:37:48Z cfi $\n\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.121381\");\nscript_version(\"$Revision: 4513 $\");\nscript_tag(name:\"creation_date\", value:\"2015-09-29 11:28:51 +0300 (Tue, 29 Sep 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2016-11-15 10:37:48 +0100 (Tue, 15 Nov 2016) $\");\nscript_name(\"Gentoo Linux Local Check: https://security.gentoo.org/glsa/201506-04\");\nscript_tag(name: \"insight\", value: \"Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://security.gentoo.org/glsa/201506-04\");\nscript_cve_id(\"CVE-2015-1233\",\"CVE-2015-1234\",\"CVE-2015-1235\",\"CVE-2015-1236\",\"CVE-2015-1237\",\"CVE-2015-1238\",\"CVE-2015-1240\",\"CVE-2015-1241\",\"CVE-2015-1242\",\"CVE-2015-1243\",\"CVE-2015-1244\",\"CVE-2015-1245\",\"CVE-2015-1246\",\"CVE-2015-1247\",\"CVE-2015-1248\",\"CVE-2015-1250\",\"CVE-2015-1251\",\"CVE-2015-1252\",\"CVE-2015-1253\",\"CVE-2015-1254\",\"CVE-2015-1255\",\"CVE-2015-1256\",\"CVE-2015-1257\",\"CVE-2015-1258\",\"CVE-2015-1259\",\"CVE-2015-1260\",\"CVE-2015-1262\",\"CVE-2015-1263\",\"CVE-2015-1264\",\"CVE-2015-1265\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"login/SSH/success\", \"ssh/login/gentoo\");\nscript_category(ACT_GATHER_INFO);\nscript_summary(\"Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201506-04\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Gentoo Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 43.0.2357.65\"), vulnerable: make_list(\"lt 43.0.2357.65\"))) != NULL) {\n\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "pluginID": "1361412562310121381", "hash": "a1b48a58f7a9d11b19df98510d560f5367b8e0d03a410124a827683f2ef2613d", "modified": "2016-11-15T00:00:00", "edition": 1, "cvelist": ["CVE-2015-1265", "CVE-2015-1247", "CVE-2015-1257", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1250", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1243", "CVE-2015-1252", "CVE-2015-1233", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1256", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1238", "CVE-2015-1264", "CVE-2015-1234"], "lastseen": "2017-07-02T21:12:30", "viewCount": 0, "enchantments": {}, "reporter": "Eero Volotinen", "objectVersion": "1.3", "references": ["https://security.gentoo.org/glsa/201506-04"]}}], "naslFamily": "Gentoo Local Security Checks", "id": "OPENVAS:1361412562310121381", "reporter": "Eero Volotinen", "published": "2015-09-29T00:00:00", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201506-04", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201506-04", "bulletinFamily": "scanner", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# Description: Gentoo Linux security check\n# $Id: glsa-201506-04.nasl 9374 2018-04-06 08:58:12Z cfischer $\n\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.121381\");\nscript_version(\"$Revision: 9374 $\");\nscript_tag(name:\"creation_date\", value:\"2015-09-29 11:28:51 +0300 (Tue, 29 Sep 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:58:12 +0200 (Fri, 06 Apr 2018) $\");\nscript_name(\"Gentoo Linux Local Check: https://security.gentoo.org/glsa/201506-04\");\nscript_tag(name: \"insight\", value: \"Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://security.gentoo.org/glsa/201506-04\");\nscript_cve_id(\"CVE-2015-1233\",\"CVE-2015-1234\",\"CVE-2015-1235\",\"CVE-2015-1236\",\"CVE-2015-1237\",\"CVE-2015-1238\",\"CVE-2015-1240\",\"CVE-2015-1241\",\"CVE-2015-1242\",\"CVE-2015-1243\",\"CVE-2015-1244\",\"CVE-2015-1245\",\"CVE-2015-1246\",\"CVE-2015-1247\",\"CVE-2015-1248\",\"CVE-2015-1250\",\"CVE-2015-1251\",\"CVE-2015-1252\",\"CVE-2015-1253\",\"CVE-2015-1254\",\"CVE-2015-1255\",\"CVE-2015-1256\",\"CVE-2015-1257\",\"CVE-2015-1258\",\"CVE-2015-1259\",\"CVE-2015-1260\",\"CVE-2015-1262\",\"CVE-2015-1263\",\"CVE-2015-1264\",\"CVE-2015-1265\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201506-04\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Gentoo Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 43.0.2357.65\"), vulnerable: make_list(\"lt 43.0.2357.65\"))) != NULL) {\n\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "pluginID": "1361412562310121381", "hash": "fc8936cd8af1274cccd2c0be9048d50e3262f91d30376d37f44fac1b45cd9a65", "references": ["https://security.gentoo.org/glsa/201506-04"], "edition": 3, "cvelist": ["CVE-2015-1265", "CVE-2015-1247", "CVE-2015-1257", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1250", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1243", "CVE-2015-1252", "CVE-2015-1233", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1256", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1238", "CVE-2015-1264", "CVE-2015-1234"], "lastseen": "2018-04-09T11:30:24", "viewCount": 0, "enchantments": {"vulnersScore": 5.0}, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "8cca78102abe74e4d338ffc50d355333"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "0a3237aff20255489eca329c8da700cb"}, {"key": "href", "hash": "4fe120a268e55c319743063b32a7fe1f"}, {"key": "modified", "hash": "4fb7fd6149697e74d091717ea3f1ca84"}, {"key": "naslFamily", "hash": "cf18d881f0f76f23f322ed3f861d3616"}, {"key": "pluginID", "hash": "f7d5e82f548e84e2647e0b3b17324912"}, {"key": "published", "hash": "311fe06b3cf4192127ad9986f2239f2a"}, {"key": "references", "hash": "4179206603066320f50a7861b8b17c89"}, {"key": "reporter", "hash": "bb3dbc0ecae053747a8a163af717a25f"}, {"key": "sourceData", "hash": "2a26dba624090f0b92300f495d7d883f"}, {"key": "title", "hash": "ceef775953613e8658f4872d9aecb790"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "objectVersion": "1.3", "modified": "2018-04-06T00:00:00"}
{"result": {"cve": [{"id": "CVE-2015-1265", "type": "cve", "title": "CVE-2015-1265", "description": "Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.", "published": "2015-05-20T06:59:17", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1265", "cvelist": ["CVE-2015-1265"], "lastseen": "2017-09-17T19:00:14"}, {"id": "CVE-2015-1247", "type": "cve", "title": "CVE-2015-1247", "description": "The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/search_engines/search_engine_tab_helper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local files via a crafted (1) http or (2) https web site.", "published": "2015-04-19T06:59:10", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1247", "cvelist": ["CVE-2015-1247"], "lastseen": "2017-04-18T15:56:04"}, {"id": "CVE-2015-1257", "type": "cve", "title": "CVE-2015-1257", "description": "platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, does not properly handle an insufficient number of values in an feColorMatrix filter, which allows remote attackers to cause a denial of service (container overflow) or possibly have unspecified other impact via a crafted document.", "published": "2015-05-20T06:59:09", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1257", "cvelist": ["CVE-2015-1257"], "lastseen": "2017-04-18T15:56:04"}, {"id": "CVE-2015-1246", "type": "cve", "title": "CVE-2015-1246", "description": "Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.", "published": "2015-04-19T06:59:09", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1246", "cvelist": ["CVE-2015-1246"], "lastseen": "2017-04-18T15:56:04"}, {"id": "CVE-2015-1244", "type": "cve", "title": "CVE-2015-1244", "description": "The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic.", "published": "2015-04-19T06:59:07", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1244", "cvelist": ["CVE-2015-1244"], "lastseen": "2017-04-18T15:56:04"}, {"id": "CVE-2015-1263", "type": "cve", "title": "CVE-2015-1263", "description": "The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file.", "published": "2015-05-20T06:59:15", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1263", "cvelist": ["CVE-2015-1263"], "lastseen": "2017-04-18T15:56:04"}, {"id": "CVE-2015-1251", "type": "cve", "title": "CVE-2015-1251", "description": "Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem in Google Chrome before 43.0.2357.65 allows remote attackers to execute arbitrary code via a crafted document.", "published": "2015-05-20T06:59:03", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1251", "cvelist": ["CVE-2015-1251"], "lastseen": "2017-04-18T15:56:04"}, {"id": "CVE-2015-1262", "type": "cve", "title": "CVE-2015-1262", "description": "platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Unicode text.", "published": "2015-05-20T06:59:14", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1262", "cvelist": ["CVE-2015-1262"], "lastseen": "2017-04-18T15:56:04"}, {"id": "CVE-2015-1260", "type": "cve", "title": "CVE-2015-1260", "description": "Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon completion of a getUserMedia request.", "published": "2015-05-20T06:59:12", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1260", "cvelist": ["CVE-2015-1260"], "lastseen": "2017-04-18T15:56:04"}, {"id": "CVE-2015-1240", "type": "cve", "title": "CVE-2015-1240", "description": "gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency.", "published": "2015-04-19T06:59:04", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1240", "cvelist": ["CVE-2015-1240"], "lastseen": "2017-04-18T15:56:04"}], "zdt": [{"id": "1337DAY-ID-24047", "type": "zdt", "title": "Google Chrome 43.0 - Certificate MIME Handling Integer Overflow Exploit", "description": "Exploit for multiple platform in category dos / poc", "published": "2015-08-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://0day.today/exploit/description/24047", "cvelist": ["CVE-2015-1265"], "lastseen": "2018-03-05T23:35:18"}, {"id": "1337DAY-ID-23663", "type": "zdt", "title": "Google Chrome SpeechRecognitionClient Use-After-Free Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\r The specific flaw exists within SpeechRecognitionClient. By manipulating a document's elements, an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.\n\nThis is private exploit. You can buy it at https://0day.today", "published": "2015-05-24T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://0day.today/exploit/description/23663", "cvelist": ["CVE-2015-1251"], "lastseen": "2018-03-19T03:13:28"}, {"id": "1337DAY-ID-26408", "type": "zdt", "title": "Chrome Blink SpeechRecognitionController Use-After-Free Exploit", "description": "A specially crafted web-page can cause the blink rendering engine used by Google Chrome and Chromium to continue to use a speech recognition API object after the memory block that contained the object has been freed. An attacker can force the code to read a pointer from the freed memory and use this to call a function, allowing arbitrary code execution. Google Chrome version 39.0 is affected.", "published": "2016-11-24T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://0day.today/exploit/description/26408", "cvelist": ["CVE-2015-1251"], "lastseen": "2018-01-01T21:03:26"}], "exploitdb": [{"id": "EDB-ID:37766", "type": "exploitdb", "title": "Google Chrome <= 43.0 - Certificate MIME Handling Integer Overflow", "description": "Google Chrome <= 43.0 - Certificate MIME Handling Integer Overflow. CVE-2015-1265. Dos exploits for multiple platform", "published": "2015-08-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/37766/", "cvelist": ["CVE-2015-1265"], "lastseen": "2016-02-04T06:32:02"}], "openvas": [{"id": "OPENVAS:1361412562310842213", "type": "openvas", "title": "Ubuntu Update for oxide-qt USN-2610-1", "description": "Check the version of oxide-qt", "published": "2015-06-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842213", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1256", "CVE-2015-3910", "CVE-2015-1258", "CVE-2015-1255"], "lastseen": "2018-04-30T14:02:26"}, {"id": "OPENVAS:1361412562310805633", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities - 02 - May15 (Linux)", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "published": "2015-05-27T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805633", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-3910", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2017-07-02T21:11:38"}, {"id": "OPENVAS:1361412562310805631", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities - 02 - May15 (Windows)", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "published": "2015-05-27T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805631", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-3910", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2018-06-08T19:14:14"}, {"id": "OPENVAS:703267", "type": "openvas", "title": "Debian Security Advisory DSA 3267-1 (chromium-browser - security update)", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2015-1251 \nSkyLined discovered a use-after-free issue in speech\nrecognition.\n\nCVE-2015-1252 \nAn out-of-bounds write issue was discovered that could be used to\nescape from the sandbox.\n\nCVE-2015-1253 \nA cross-origin bypass issue was discovered in the DOM parser.\n\nCVE-2015-1254 \nA cross-origin bypass issue was discovered in the DOM editing\nfeature.\n\nCVE-2015-1255 \nKhalil Zhani discovered a use-after-free issue in WebAudio.\n\nCVE-2015-1256 \nAtte Kettunen discovered a use-after-free issue in the SVG\nimplementation.\n\nCVE-2015-1257 \nmiaubiz discovered an overflow issue in the SVG implementation.\n\nCVE-2015-1258 \ncloudfuzzer discovered an invalid size parameter used in the\nlibvpx library.\n\nCVE-2015-1259 \nAtte Kettunen discovered an uninitialized memory issue in the\npdfium library.\n\nCVE-2015-1260 \nKhalil Zhani discovered multiple use-after-free issues in chromium", "published": "2015-05-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703267", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1261", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2017-07-24T12:53:43"}, {"id": "OPENVAS:1361412562310703267", "type": "openvas", "title": "Debian Security Advisory DSA 3267-1 (chromium-browser - security update)", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2015-1251 \nSkyLined discovered a use-after-free issue in speech\nrecognition.\n\nCVE-2015-1252 \nAn out-of-bounds write issue was discovered that could be used to\nescape from the sandbox.\n\nCVE-2015-1253 \nA cross-origin bypass issue was discovered in the DOM parser.\n\nCVE-2015-1254 \nA cross-origin bypass issue was discovered in the DOM editing\nfeature.\n\nCVE-2015-1255 \nKhalil Zhani discovered a use-after-free issue in WebAudio.\n\nCVE-2015-1256 \nAtte Kettunen discovered a use-after-free issue in the SVG\nimplementation.\n\nCVE-2015-1257 \nmiaubiz discovered an overflow issue in the SVG implementation.\n\nCVE-2015-1258 \ncloudfuzzer discovered an invalid size parameter used in the\nlibvpx library.\n\nCVE-2015-1259 \nAtte Kettunen discovered an uninitialized memory issue in the\npdfium library.\n\nCVE-2015-1260 \nKhalil Zhani discovered multiple use-after-free issues in chromium", "published": "2015-05-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703267", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1261", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2018-04-06T11:29:09"}, {"id": "OPENVAS:1361412562310805632", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities - 02 - May15 (Mac OS X)", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "published": "2015-05-27T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805632", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-3910", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2017-07-06T10:52:21"}, {"id": "OPENVAS:703238", "type": "openvas", "title": "Debian Security Advisory DSA 3238-1 (chromium-browser - security update)", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2015-1235 \nA Same Origin Policy bypass issue was discovered in the HTML\nparser.\n\nCVE-2015-1236 \nAmitay Dobo discovered a Same Origin Policy bypass in the Web Audio\nAPI.\n\nCVE-2015-1237 \nKhalil Zhani discovered a use-after-free issue in IPC.\n\nCVE-2015-1238cloudfuzzer \ndiscovered an out-of-bounds write in the skia\nlibrary.\n\nCVE-2015-1240w3bd3vil \ndiscovered an out-of-bounds read in the WebGL\nimplementation.\n\nCVE-2015-1241 \nPhillip Moon and Matt Weston discovered a way to trigger local user\ninterface actions remotely via a crafted website.\n\nCVE-2015-1242 \nA type confusion issue was discovered in the v8 javascript\nlibrary.\n\nCVE-2015-1244 \nMike Ruddy discovered a way to bypass the HTTP Strict Transport Security\npolicy.\n\nCVE-2015-1245 \nKhalil Zhani discovered a use-after-free issue in the pdfium\nlibrary.\n\nCVE-2015-1246 \nAtte Kettunen discovered an out-of-bounds read issue in\nwebkit/blink.\n\nCVE-2015-1247Jann Horn discovered that file: \nURLs in OpenSearch documents were not\nsanitized, which could allow local files to be read remotely when using\nthe OpenSearch feature from a crafted website.\n\nCVE-2015-1248 \nVittorio Gambaletta discovered a way to bypass the SafeBrowsing feature,\nwhich could allow the remote execution of a downloaded executable\nfile.\n\nCVE-2015-1249 \nThe chrome 41 development team found various issues from internal\nfuzzing, audits, and other studies.\n\nCVE-2015-3333 \nMultiple issues were discovered and fixed in v8 4.2.7.14.\n\nCVE-2015-3334 \nIt was discovered that remote websites could capture video data from\nattached web cameras without permission.\n\nCVE-2015-3336 \nIt was discovered that remote websites could cause user interface\ndisruptions like window fullscreening and mouse pointer locking.", "published": "2015-04-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703238", "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3336", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2017-07-24T12:54:03"}, {"id": "OPENVAS:1361412562310805468", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Apr15 (Linux)", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "published": "2015-04-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805468", "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3335", "CVE-2015-3336", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2017-07-02T21:11:57"}, {"id": "OPENVAS:1361412562310703238", "type": "openvas", "title": "Debian Security Advisory DSA 3238-1 (chromium-browser - security update)", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2015-1235 \nA Same Origin Policy bypass issue was discovered in the HTML\nparser.\n\nCVE-2015-1236 \nAmitay Dobo discovered a Same Origin Policy bypass in the Web Audio\nAPI.\n\nCVE-2015-1237 \nKhalil Zhani discovered a use-after-free issue in IPC.\n\nCVE-2015-1238cloudfuzzer \ndiscovered an out-of-bounds write in the skia\nlibrary.\n\nCVE-2015-1240w3bd3vil \ndiscovered an out-of-bounds read in the WebGL\nimplementation.\n\nCVE-2015-1241 \nPhillip Moon and Matt Weston discovered a way to trigger local user\ninterface actions remotely via a crafted website.\n\nCVE-2015-1242 \nA type confusion issue was discovered in the v8 javascript\nlibrary.\n\nCVE-2015-1244 \nMike Ruddy discovered a way to bypass the HTTP Strict Transport Security\npolicy.\n\nCVE-2015-1245 \nKhalil Zhani discovered a use-after-free issue in the pdfium\nlibrary.\n\nCVE-2015-1246 \nAtte Kettunen discovered an out-of-bounds read issue in\nwebkit/blink.\n\nCVE-2015-1247Jann Horn discovered that file: \nURLs in OpenSearch documents were not\nsanitized, which could allow local files to be read remotely when using\nthe OpenSearch feature from a crafted website.\n\nCVE-2015-1248 \nVittorio Gambaletta discovered a way to bypass the SafeBrowsing feature,\nwhich could allow the remote execution of a downloaded executable\nfile.\n\nCVE-2015-1249 \nThe chrome 41 development team found various issues from internal\nfuzzing, audits, and other studies.\n\nCVE-2015-3333 \nMultiple issues were discovered and fixed in v8 4.2.7.14.\n\nCVE-2015-3334 \nIt was discovered that remote websites could capture video data from\nattached web cameras without permission.\n\nCVE-2015-3336 \nIt was discovered that remote websites could cause user interface\ndisruptions like window fullscreening and mouse pointer locking.", "published": "2015-04-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703238", "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3336", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2018-04-06T11:30:14"}, {"id": "OPENVAS:1361412562310805457", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Apr15 (Windows)", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "published": "2015-04-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805457", "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3335", "CVE-2015-3336", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2018-06-08T19:13:53"}], "archlinux": [{"id": "ASA-201505-14", "type": "archlinux", "title": "chromium: multiple issues", "description": "- CVE-2015-1251 (arbitrary code execution)\n\nUse-after-free vulnerability in the SpeechRecognitionClient\nimplementation in the Speech subsystem allows remote attackers to\nexecute arbitrary code via a crafted document.\n\n- CVE-2015-1252 (sandbox protection bypass)\n\nIt has been discovered that common/partial_circular_buffer.cc does not\nproperly handle wraps, which allows remote attackers to bypass a sandbox\nprotection mechanism or cause a denial of service (out-of-bounds write)\nvia vectors that trigger a write operation with a large amount of data,\nrelated to the PartialCircularBuffer::Write and\nPartialCircularBuffer::DoWrite functions.\n\n- CVE-2015-1253 (same origin policy bypass)\n\nIt has been discovered that core/html/parser/HTMLConstructionSite.cpp in\nthe DOM implementation in Blink allows remote attackers to bypass the\nSame Origin Policy via crafted JavaScript code that appends a child to a\nSCRIPT element, related to the insert and executeReparentTask functions.\n\n- CVE-2015-1254 (same origin policy bypass)\n\nIt has been discovered that core/dom/Document.cpp in Blink enables the\ninheritance of the designMode attribute, which allows remote attackers\nto bypass the Same Origin Policy by leveraging the availability of editing.\n\n- CVE-2015-1255 (denial of service)\n\nUse-after-free vulnerability in\ncontent/renderer/media/webaudio_capturer_source.cc in the WebAudio\nimplementation allows remote attackers to cause a denial of service\n(heap memory corruption) or possibly have unspecified other impact by\nleveraging improper handling of a stop action for an audio track.\n\n- CVE-2015-1256 (denial of service)\n\nUse-after-free vulnerability in the SVG implementation in Blink allows\nremote attackers to cause a denial of service or possibly have\nunspecified other impact via a crafted document that leverages improper\nhandling of a shadow tree for a use element.\n\n- CVE-2015-1257 (denial of service)\n\nIt has been discovered that platform/graphics/filters/FEColorMatrix.cpp\nin the SVG implementation in Blink does not properly handle an\ninsufficient number of values in an feColorMatrix filter, which allows\nremote attackers to cause a denial of service (container overflow) or\npossibly have unspecified other impact via a crafted document.\n\n- CVE-2015-1258 (denial of service)\n\nGoogle Chrome before 43.0.2357.65 relies on libvpx code that was not\nbuilt with an appropriate --size-limit value, which allows remote\nattackers to trigger a negative value for a size field, and consequently\ncause a denial of service or possibly have unspecified other impact, via\na crafted frame size in VP9 video data.\n\n- CVE-2015-1259 (denial of service)\n\nPDFium does not properly initialize memory, which allows remote\nattackers to cause a denial of service or possibly have unspecified\nother impact via unknown vectors.\n\n- CVE-2015-1260 (denial of service)\n\nMultiple use-after-free vulnerabilities in\ncontent/renderer/media/user_media_client_impl.cc in the WebRTC\nimplementation allow remote attackers to cause a denial of service or\npossibly have unspecified other impact via crafted JavaScript code that\nexecutes upon completion of a getUserMedia request.\n\n- CVE-2015-1263 (man-in-the-middle)\n\nThe Spellcheck API implementation does not use an HTTPS session for\ndownloading a Hunspell dictionary, which allows man-in-the-middle\nattackers to deliver incorrect spelling suggestions or possibly have\nunspecified other impact via a crafted file.\n\n- CVE-2015-1264 (cross side scripting)\n\nCross-site scripting (XSS) vulnerability allows user-assisted remote\nattackers to inject arbitrary web script or HTML via crafted data that\nis improperly handled by the Bookmarks feature.\n\n- CVE-2015-1265 (denial of service)\n\nMultiple unspecified vulnerabilities in Google Chrome before\n43.0.2357.65 allow attackers to cause a denial of service or possibly\nhave other impact via unknown vectors.", "published": "2015-05-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2016-09-02T18:44:47"}, {"id": "ASA-201504-19", "type": "archlinux", "title": "chromium: multiple issues", "description": "- CVE-2015-1235 (cross-origin bypass)\n\nA vulnerability was discovered that allows cross-origin-bypass in the\nHTML parser.\n\n- CVE-2015-1236 (cross-origin bypass)\n\nA vulnerability was discovered that allows cross-origin-bypass in the\nrendering engine Blink.\n\n- CVE-2015-1237 (arbitrary code execution)\n\nAn use-after-free flaw was discovered in IPC that may lead to arbitrary\ncode execution and denial of service.\n\n- CVE-2015-1238 (arbitrary code execution)\n\nAn out-of-bounds write flaw was discovered in Skia that may lead to\narbitrary code execution and denial of service.\n\n- CVE-2015-1240 (denial of service)\n\nAn out-of-bounds read flaw was discovered in WebGL that may lead to\ninformation disclosure and denial of service.\n\n- CVE-2015-1241 (tap-jacking)\n\nA tap-jacking flaw was discovered that allows the hijacking of tabs to\nshow arbitrary content.\n\n- CVE-2015-1242 (arbitrary code execution)\n\nA Type confusion flaw was discovered in V8 that may lead to arbitrary\ncode execution and denial of service.\n\n- CVE-2015-1244 (security policy bypass)\n\nA security policy flaw was discovered that allowes HSTS bypass in\nWebSockets that may lead to downgrade attacks and cookie hijacking.\n\n- CVE-2015-1245 (arbitrary code execution)\n\nAn use-after-free flaw was discovered in PDFium that may lead to\narbitrary code execution and denial of service.\n\n- CVE-2015-1246 (denial of service)\n\nAn out-of-bounds read flaw was discovered in the rendering engine Blink\nthat may leads to information disclosure and denial of service.\n\n- CVE-2015-1247 (unspecified)\n\nA scheme issues flaw was discovered in OpenSearch that is leading to\nunspecified issues.\n\n- CVE-2015-1248 (filter bypass)\n\nA flaw was discovered that is leading to SafeBrowsing filter bypass.\n\n- CVE-2015-1249 (various)\n\nVarious vulnerabilities were discovered by internal audits, fuzzing and\nother initiatives.", "published": "2015-04-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html", "cvelist": ["CVE-2015-1247", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2016-09-02T18:44:37"}, {"id": "ASA-201504-30", "type": "archlinux", "title": "chromium: multiple issues", "description": "- CVE-2015-1243 (use-after-free):\n\nUse-after-free in DOM. Credit to Saif El-Sherei.\n\n- CVE-2015-1250:\n\nVarious fixes from internal audits, fuzzing and other initiatives.", "published": "2015-04-29T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html", "cvelist": ["CVE-2015-1250", "CVE-2015-1243"], "lastseen": "2016-09-02T18:44:48"}, {"id": "ASA-201504-2", "type": "archlinux", "title": "chromium: remote code execution", "description": "- CVE-2015-1233 (remote code execution):\n\nA combination of V8, Gamepad and IPC bugs can lead to remote code\nexecution outside of the sandbox.\n\n- CVE-2015-1234 (buffer overflow):\n\nBuffer overflow via a race condition in GPU.", "published": "2015-04-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html", "cvelist": ["CVE-2015-1233", "CVE-2015-1234"], "lastseen": "2016-09-02T18:44:42"}], "ubuntu": [{"id": "USN-2610-1", "type": "ubuntu", "title": "Oxide vulnerabilities", "description": "Several security issues were discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass Same Origin Policy restrictions. (CVE-2015-1253, CVE-2015-1254)\n\nA use-after-free was discovered in the WebAudio implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1255)\n\nA use-after-free was discovered in the SVG implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1256)\n\nA security issue was discovered in the SVG implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2015-1257)\n\nAn issue was discovered with the build of libvpx. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1258)\n\nMultiple use-after-free issues were discovered in the WebRTC implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1260)\n\nAn uninitialized value bug was discovered in the font shaping code in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2015-1262)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1265)\n\nMultiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-3910)", "published": "2015-05-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2610-1/", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1256", "CVE-2015-3910", "CVE-2015-1258", "CVE-2015-1255"], "lastseen": "2018-03-29T18:17:58"}, {"id": "USN-2570-1", "type": "ubuntu", "title": "Oxide vulnerabilities", "description": "An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2015-1235)\n\nAn issue was discovered in the Web Audio API implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2015-1236)\n\nA use-after-free was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1237)\n\nAn out-of-bounds write was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1238)\n\nAn out-of-bounds read was discovered in the WebGL implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2015-1240)\n\nAn issue was discovered with the interaction of page navigation and touch event handling. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct \u201ctap jacking\u201d attacks. (CVE-2015-1241)\n\nA type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1242)\n\nIt was discovered that websocket connections were not upgraded whenever a HSTS policy is active. A remote attacker could potentially exploit this to conduct a man in the middle (MITM) attack. (CVE-2015-1244)\n\nAn out-of-bounds read was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2015-1246)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1249)\n\nA use-after-free was discovered in the file picker implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1321)\n\nMultiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-3333)", "published": "2015-04-27T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2570-1/", "cvelist": ["CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1321", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2018-03-29T18:17:59"}, {"id": "USN-2582-1", "type": "ubuntu", "title": "Oxide vulnerabilities", "description": "A use-after-free was discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1243)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1250)", "published": "2015-05-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2582-1/", "cvelist": ["CVE-2015-1250", "CVE-2015-1243"], "lastseen": "2018-03-29T18:18:20"}, {"id": "USN-2556-1", "type": "ubuntu", "title": "Oxide vulnerabilities", "description": "It was discovered that Chromium did not properly handle the interaction of IPC, the gamepad API and V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1233)\n\nA buffer overflow was discovered in the GPU service. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2015-1234)\n\nIt was discovered that Oxide did not correctly manage the lifetime of BrowserContext, resulting in a potential use-after-free in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1317)", "published": "2015-04-07T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2556-1/", "cvelist": ["CVE-2015-1317", "CVE-2015-1233", "CVE-2015-1234"], "lastseen": "2018-03-29T18:18:51"}], "nessus": [{"id": "UBUNTU_USN-2610-1.NASL", "type": "nessus", "title": "Ubuntu 14.04 LTS / 14.10 / 15.04 : oxide-qt vulnerabilities (USN-2610-1)", "description": "Several security issues were discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass Same Origin Policy restrictions. (CVE-2015-1253, CVE-2015-1254)\n\nA use-after-free was discovered in the WebAudio implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1255)\n\nA use-after-free was discovered in the SVG implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1256)\n\nA security issue was discovered in the SVG implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2015-1257)\n\nAn issue was discovered with the build of libvpx. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1258)\n\nMultiple use-after-free issues were discovered in the WebRTC implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process.\n(CVE-2015-1260)\n\nAn uninitialized value bug was discovered in the font shaping code in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2015-1262)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1265)\n\nMultiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-3910).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-05-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83778", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1256", "CVE-2015-3910", "CVE-2015-1258", "CVE-2015-1255"], "lastseen": "2017-10-29T13:41:17"}, {"id": "OPENSUSE-2015-390.NASL", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2015-390)", "description": "Chromium was updated to 43.0.2357.65 to fix security issues and bugs.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-1251: Use-after-free in Speech (boo#931659)\n\n - CVE-2015-1252: Sandbox escape in Chrome (boo#931671)\n\n - CVE-2015-1253: Cross-origin bypass in DOM (boo#931670)\n\n - CVE-2015-1254: Cross-origin bypass in Editing (boo#931669)\n\n - CVE-2015-1255: Use-after-free in WebAudio (boo#931674)\n\n - CVE-2015-1256: Use-after-free in SVG (boo#931664)\n\n - CVE-2015-1257: Container-overflow in SVG (boo#931665)\n\n - CVE-2015-1258: Negative-size parameter in Libvpx (boo#931666)\n\n - CVE-2015-1259: Uninitialized value in PDFium (boo#931667)\n\n - CVE-2015-1260: Use-after-free in WebRTC (boo#931668)\n\n - CVE-2015-1261: URL bar spoofing (boo#931673)\n\n - CVE-2015-1262: Uninitialized value in Blink (boo#931672)\n\n - CVE-2015-1263: Insecure download of spellcheck dictionary (boo#931663)\n\n - CVE-2015-1264: Cross-site scripting in bookmarks (boo#931661)\n\n - CVE-2015-1265: Various fixes from internal audits, fuzzing and other initiatives (boo#931660)\n\n - Multiple vulnerabilities in V8 fixed at the tip of the 4.3 branch (currently 4.3.61.21)", "published": "2015-06-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83915", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1261", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2017-10-29T13:44:53"}, {"id": "GOOGLE_CHROME_43_0_2357_65.NASL", "type": "nessus", "title": "Google Chrome < 43.0.2357.65 Multiple Vulnerabilities", "description": "The version of Google Chrome installed on the remote Windows host is prior to 43.0.2357.65. It is, therefore, affected by multiple vulnerabilities :\n\n - A Use-after-free memory error exists in the SpeechRecognitionClient implementation that allows remote attackers, using a crafted document, to execute arbitrary code. (CVE-2015-1251)\n\n - The Write() and DoWrite() methods of the class PartialCircularBuffer do not properly handle wraps.\n A remote attacker, by using write operations with a large amount of data, can exploit this to bypass the sandbox protection or cause a denial of service.\n (CVE-2015-1252)\n\n - The DOM implementation in Blink does not properly handle SCRIPT elements during adjustment of DOM node locations. A remote attacker, using crafted JavaScript code that appends a child to a SCRIPT element, can exploit this flaw to bypass the same origin policy.\n (CVE-2015-1253)\n\n - The 'core/dom/Document.cpp' in Blink enables the inheritance of the 'designMode' attribute. A remote attacker, using a crafted web page, can utilize this to bypass the same origin policy via the availability of editing. (CVE-2015-1254)\n\n - A use-after-free memory error exists in the WebAudio implementation when handling the stop action for an audio track. A remote attacker can exploit this to cause a denial of service or possibly execute arbitrary code. (CVE-2015-1255)\n\n - A use-after-free memory error exists in the SVG implementation in Blink, related to the improper handling of a shadow tree for a use element. A remote attacker, using a crafted document, can exploit this to cause a denial of service or possibly execute arbitrary code. (CVE-2015-1256)\n\n - The SVG implementation in Blink does not properly handle an insufficient number of values in an feColorMatrix filter. A remote attacker, using a crafted document, can exploit this to cause a denial of service via a container overflow. (CVE-2015-1257)\n\n - The libvpx library code was not compiled with an appropriate '--size-limit' value. This allows a remote attacker, using a crafted frame size in VP9 video data, to trigger a negative value for a size field, thus causing a denial of service or possibly having other impact. (CVE-2015-1258)\n\n - Google PDFium does not properly initialize memory. A remote attacker can exploit this to cause a denial of service or possibly have other unspecified impact.\n (CVE-2015-1259)\n\n - Multiple use-after-free memory errors exist the WebRTC implementation. A remote attacker can exploit these, by using a crafted JavaScript code that executes upon completion of a getUserMedia request, to cause a denial of service or possibly have other unspecified impact.\n (CVE-2015-1260)\n\n - The file 'HarfBuzzShaper.cpp' in Blink does not properly initialize a certain width field. A remote attacker, using crafted Unicode text, can exploit this to cause a denial of service or have other unspecified impact.\n (CVE-2015-1262)\n\n - The Spellcheck API implementation does not use an HTTPS session for downloading a Hunspell dictionary. A man-in-the-middle attacker, using a crafted file, can exploit this flaw to deliver incorrect spelling suggestions or possibly have other unspecified impact.\n (CVE-2015-1263)\n\n - A cross-site scripting (XSS) vulnerability exists that is related to the Bookmarks feature. A remote attacker, using crafted data, can exploit this to inject arbitrary web script or HTML. (CVE-2015-1264)\n\n - Multiple unspecified vulnerabilities exist that allow an attacker to cause a denial of service or possibly have other impact via unknown vectors. (CVE-2015-1265)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2015-05-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83745", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2017-10-29T13:35:00"}, {"id": "FREEBSD_PKG_A9D456B4FE4C11E4AD1500262D5ED8EE.NASL", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (a9d456b4-fe4c-11e4-ad15-00262d5ed8ee)", "description": "Google Chrome Releases reports :\n\n37 security fixes in this release, including :\n\n- [474029] High CVE-2015-1252: Sandbox escape in Chrome. Credit to anonymous.\n\n- [464552] High CVE-2015-1253: Cross-origin bypass in DOM. Credit to anonymous.\n\n- [444927] High CVE-2015-1254: Cross-origin bypass in Editing. Credit to armin@rawsec.net.\n\n- [473253] High CVE-2015-1255: Use-after-free in WebAudio. Credit to Khalil Zhani.\n\n- [478549] High CVE-2015-1256: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.\n\n- [481015] High CVE-2015-1251: Use-after-free in Speech. Credit to SkyLined working with HP's Zero Day Initiative.\n\n- [468519] Medium CVE-2015-1257: Container-overflow in SVG. Credit to miaubiz.\n\n- [450939] Medium CVE-2015-1258: Negative-size parameter in libvpx.\nCredit to cloudfuzzer\n\n- [468167] Medium CVE-2015-1259: Uninitialized value in PDFium. Credit to Atte Kettunen of OUSPG\n\n- [474370] Medium CVE-2015-1260: Use-after-free in WebRTC. Credit to Khalil Zhani.\n\n- [466351] Medium CVE-2015-1261: URL bar spoofing. Credit to Juho Nurminen.\n\n- [476647] Medium CVE-2015-1262: Uninitialized value in Blink. Credit to miaubiz.\n\n- [479162] Low CVE-2015-1263: Insecure download of spellcheck dictionary. Credit to Mike Ruddy.\n\n- [481015] Low CVE-2015-1264: Cross-site scripting in bookmarks.\nCredit to K0r3Ph1L.\n\n- [489518] CVE-2015-1265: Various fixes from internal audits, fuzzing and other initiatives.\n\n- Multiple vulnerabilities in V8 fixed at the tip of the 4.3 branch (currently 4.3.61.21).", "published": "2015-05-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83556", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1261", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2017-10-29T13:43:19"}, {"id": "DEBIAN_DSA-3267.NASL", "type": "nessus", "title": "Debian DSA-3267-1 : chromium-browser - security update", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\n - CVE-2015-1251 SkyLined discovered a use-after-free issue in speech recognition.\n\n - CVE-2015-1252 An out-of-bounds write issue was discovered that could be used to escape from the sandbox.\n\n - CVE-2015-1253 A cross-origin bypass issue was discovered in the DOM parser.\n\n - CVE-2015-1254 A cross-origin bypass issue was discovered in the DOM editing feature.\n\n - CVE-2015-1255 Khalil Zhani discovered a use-after-free issue in WebAudio.\n\n - CVE-2015-1256 Atte Kettunen discovered a use-after-free issue in the SVG implementation.\n\n - CVE-2015-1257 miaubiz discovered an overflow issue in the SVG implementation.\n\n - CVE-2015-1258 cloudfuzzer discovered an invalid size parameter used in the libvpx library.\n\n - CVE-2015-1259 Atte Kettunen discovered an uninitialized memory issue in the pdfium library.\n\n - CVE-2015-1260 Khalil Zhani discovered multiple use-after-free issues in chromium's interface to the WebRTC library.\n\n - CVE-2015-1261 Juho Nurminen discovered a URL bar spoofing issue.\n\n - CVE-2015-1262 miaubiz discovered the use of an uninitialized class member in font handling.\n\n - CVE-2015-1263 Mike Ruddy discovered that downloading the spellcheck dictionary was not done over HTTPS.\n\n - CVE-2015-1264 K0r3Ph1L discovered a cross-site scripting issue that could be triggered by bookmarking a site.\n\n - CVE-2015-1265 The chrome 43 development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the libv8 library, version 4.3.61.21.", "published": "2015-05-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83784", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1261", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2017-10-29T13:39:05"}, {"id": "MACOSX_GOOGLE_CHROME_43_0_2357_65.NASL", "type": "nessus", "title": "Google Chrome < 43.0.2357.65 Multiple Vulnerabilities (Mac OS X)", "description": "The version of Google Chrome installed on the remote Mac OS X host is prior to 43.0.2357.65. It is, therefore, affected by multiple vulnerabilities :\n\n - A Use-after-free memory error exists in the SpeechRecognitionClient implementation that allows remote attackers, using a crafted document, to execute arbitrary code. (CVE-2015-1251)\n\n - The Write() and DoWrite() methods of the class PartialCircularBuffer do not properly handle wraps.\n A remote attacker, by using write operations with a large amount of data, can exploit this to bypass the sandbox protection or cause a denial of service.\n (CVE-2015-1252)\n\n - The DOM implementation in Blink does not properly handle SCRIPT elements during adjustment of DOM node locations. A remote attacker, using crafted JavaScript code that appends a child to a SCRIPT element, can exploit this flaw to bypass the same origin policy.\n (CVE-2015-1253)\n\n - The 'core/dom/Document.cpp' in Blink enables the inheritance of the 'designMode' attribute. A remote attacker, using a crafted web page, can utilize this to bypass the same origin policy via the availability of editing. (CVE-2015-1254)\n\n - A use-after-free memory error exists in the WebAudio implementation when handling the stop action for an audio track. A remote attacker can exploit this to cause a denial of service or possibly execute arbitrary code. (CVE-2015-1255)\n\n - A use-after-free memory error exists in the SVG implementation in Blink, related to the improper handling of a shadow tree for a use element. A remote attacker, using a crafted document, can exploit this to cause a denial of service or possibly execute arbitrary code. (CVE-2015-1256)\n\n - The SVG implementation in Blink does not properly handle an insufficient number of values in an feColorMatrix filter. A remote attacker, using a crafted document, can exploit this to cause a denial of service via a container overflow. (CVE-2015-1257)\n\n - The libvpx library code was not compiled with an appropriate '--size-limit' value. This allows a remote attacker, using a crafted frame size in VP9 video data, to trigger a negative value for a size field, thus causing a denial of service or possibly having other impact. (CVE-2015-1258)\n\n - Google PDFium does not properly initialize memory. A remote attacker can exploit this to cause a denial of service or possibly have other unspecified impact.\n (CVE-2015-1259)\n\n - Multiple use-after-free memory errors exist the WebRTC implementation. A remote attacker can exploit these, by using a crafted JavaScript code that executes upon completion of a getUserMedia request, to cause a denial of service or possibly have other unspecified impact.\n (CVE-2015-1260)\n\n - The file 'HarfBuzzShaper.cpp' in Blink does not properly initialize a certain width field. A remote attacker, using crafted Unicode text, can exploit this to cause a denial of service or have other unspecified impact.\n (CVE-2015-1262)\n\n - The Spellcheck API implementation does not use an HTTPS session for downloading a Hunspell dictionary. A man-in-the-middle attacker, using a crafted file, can exploit this flaw to deliver incorrect spelling suggestions or possibly have other unspecified impact.\n (CVE-2015-1263)\n\n - A cross-site scripting (XSS) vulnerability exists that is related to the Bookmarks feature. A remote attacker, using crafted data, can exploit this to inject arbitrary web script or HTML. (CVE-2015-1264)\n\n - Multiple unspecified vulnerabilities exist that allow an attacker to cause a denial of service or possibly have other impact via unknown vectors. (CVE-2015-1265)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2015-05-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83746", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2017-10-29T13:42:25"}, {"id": "REDHAT-RHSA-2015-1023.NASL", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2015:1023)", "description": "Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. (CVE-2015-1251, CVE-2015-1252, CVE-2015-1253, CVE-2015-1254, CVE-2015-1255, CVE-2015-1256, CVE-2015-1257, CVE-2015-1258, CVE-2015-1259, CVE-2015-1260, CVE-2015-1261, CVE-2015-1262, CVE-2015-1263, CVE-2015-1264, CVE-2015-1265)\n\nAll Chromium users should upgrade to these updated packages, which contain Chromium version 43.0.2357.65, which corrects these issues.\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "published": "2015-05-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83808", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1261", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2017-10-29T13:38:12"}, {"id": "GENTOO_GLSA-201506-04.NASL", "type": "nessus", "title": "GLSA-201506-04 : Chromium: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201506-04 (Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker can cause arbitrary remote code execution, Denial of Service or bypass of security mechanisms.\n Workaround :\n\n There is no known workaround at this time.", "published": "2015-06-23T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=84332", "cvelist": ["CVE-2015-1265", "CVE-2015-1247", "CVE-2015-1257", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1250", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1243", "CVE-2015-1252", "CVE-2015-1233", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1256", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1238", "CVE-2015-1264", "CVE-2015-1234"], "lastseen": "2017-10-29T13:41:59"}, {"id": "REDHAT-RHSA-2015-0816.NASL", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2015:0816)", "description": "Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium.(CVE-2015-1235, CVE-2015-1236, CVE-2015-1237, CVE-2015-1238, CVE-2015-1240, CVE-2015-1241, CVE-2015-1242, CVE-2015-1244, CVE-2015-1245, CVE-2015-1246, CVE-2015-1247, CVE-2015-1248, CVE-2015-1249)\n\nAll Chromium users should upgrade to these updated packages, which contain Chromium version 42.0.2311.90, which corrects these issues.\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "published": "2015-04-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82846", "cvelist": ["CVE-2015-1247", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2017-10-29T13:32:54"}, {"id": "FREEBSD_PKG_B57F690EECC911E4876C00262D5ED8EE.NASL", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (b57f690e-ecc9-11e4-876c-00262d5ed8ee)", "description": "Google Chrome Releases reports :\n\n45 new security fixes, including :\n\n- [456518] High CVE-2015-1235: Cross-origin-bypass in HTML parser.\nCredit to anonymous.\n\n- [313939] Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo.\n\n- [461191] High CVE-2015-1237: Use-after-free in IPC. Credit to Khalil Zhani.\n\n- [445808] High CVE-2015-1238: Out-of-bounds write in Skia. Credit to cloudfuzzer.\n\n- [463599] Medium CVE-2015-1240: Out-of-bounds read in WebGL. Credit to w3bd3vil.\n\n- [418402] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon and Matt Weston of Sandfield Information Systems.\n\n- [460917] High CVE-2015-1242: Type confusion in V8. Credit to fcole@onshape.com.\n\n- [455215] Medium CVE-2015-1244: HSTS bypass in WebSockets. Credit to Mike Ruddy.\n\n- [444957] Medium CVE-2015-1245: Use-after-free in PDFium. Credit to Khalil Zhani.\n\n- [437399] Medium CVE-2015-1246: Out-of-bounds read in Blink. Credit to Atte Kettunen of OUSPG.\n\n- [429838] Medium CVE-2015-1247: Scheme issues in OpenSearch. Credit to Jann Horn.\n\n- [380663] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to Vittorio Gambaletta (VittGam).\n\n- [476786] CVE-2015-1249: Various fixes from internal audits, fuzzing and other initiatives. Multiple vulnerabilities in V8 fixed at the tip of the 4.2 branch (currently 4.2.77.14).", "published": "2015-04-28T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83095", "cvelist": ["CVE-2015-1247", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2017-10-29T13:36:56"}], "kaspersky": [{"id": "KLA10585", "type": "kaspersky", "title": "\r KLA10585Multiple vulnerabilities in Google Chrome\t\t\t ", "description": "### *CVSS*:\n7.5\n\n### *Detect date*:\n05/19/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, conduct cross-scripting attack, cause denial of service or execute arbitrary code.\n\n### *Affected products*:\nGoogle Chrome versions earlier than 43.0.2357.65\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Get Google Chrome](<https://www.google.com/chrome/browser/desktop/index.html>)\n\n### *Original advisories*:\n[Google blog](<http://feedproxy.google.com/~r/GoogleChromeReleases/~3/r7j0t-RwdaU/stable-channel-update_19.html>) \n\n\n### *Impacts*:\nSUI \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2015-1251](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1251>) \n[CVE-2015-1252](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1252>) \n[CVE-2015-1253](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1253>) \n[CVE-2015-1254](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1254>) \n[CVE-2015-1255](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1255>) \n[CVE-2015-1256](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1256>) \n[CVE-2015-1257](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1257>) \n[CVE-2015-1258](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1258>) \n[CVE-2015-1259](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1259>) \n[CVE-2015-1260](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1260>) \n[CVE-2015-1261](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1261>) \n[CVE-2015-1262](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1262>) \n[CVE-2015-1263](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1263>) \n[CVE-2015-1264](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1264>) \n[CVE-2015-1265](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1265>) \n[CVE-2015-3910](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3910>)", "published": "2015-05-19T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10585", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1261", "CVE-2015-3910", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2018-03-30T14:11:53"}, {"id": "KLA10546", "type": "kaspersky", "title": "\r KLA10546Multiple vulnerabilities in Google Chrome\t\t\t ", "description": "### *CVSS*:\n7.5\n\n### *Detect date*:\n04/14/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, cause denial of service or possible execute arbitrary code.\n\n### *Affected products*:\nGoogle Chrome versions earlier than 42.0.2311.90\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Get Google Chrome](<https://www.google.com/c>)\n\n### *Original advisories*:\n[Google update new](<http://googlechromereleases.blogspot.ru/2015/04/stable-channel-update_14.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+GoogleChromeReleases+\\(Google+Chrome+Releases\\)>) \n\n\n### *Impacts*:\nSUI \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2015-1235](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1235>) \n[CVE-2015-1236](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1236>) \n[CVE-2015-1237](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1237>) \n[CVE-2015-1238](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1238>) \n[CVE-2015-1240](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1240>) \n[CVE-2015-1241](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1241>) \n[CVE-2015-1242](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1242>) \n[CVE-2015-1244](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1244>) \n[CVE-2015-1245](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1245>) \n[CVE-2015-1246](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1246>) \n[CVE-2015-1247](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1247>) \n[CVE-2015-1248](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1248>) \n[CVE-2015-1249](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1249>)", "published": "2015-04-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10546", "cvelist": ["CVE-2015-1247", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2018-03-30T14:11:39"}, {"id": "KLA10567", "type": "kaspersky", "title": "\r KLA10567Denial of service vulnerability in Google Chrome\t\t\t ", "description": "### *CVSS*:\n7.5\n\n### *Detect date*:\n04/28/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nUse-after-free and other vulnerabilities were found in Google Chrome. By exploiting these vulnerabilities malicious users can cause denial of service or conduct other unknown impacts. These vulnerabilities can be exploited remotely via an unknown vectors.\n\n### *Affected products*:\nGoogle Chrome versions earlier than 42.0.2311.135\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Get Chrome](<https://www.google.com/chrome/browser/desktop/index.html>)\n\n### *Original advisories*:\n[Google blog entry](<http://googlechromereleases.blogspot.ru/2015/04/stable-channel-update_28.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+GoogleChromeReleases+\\(Google+Chrome+Releases\\)>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2015-1243](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1243>) \n[CVE-2015-1250](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1250>)", "published": "2015-04-28T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10567", "cvelist": ["CVE-2015-1250", "CVE-2015-1243"], "lastseen": "2018-03-30T14:11:07"}, {"id": "KLA10524", "type": "kaspersky", "title": "\r KLA10524Multiple vulnerabilities in Google Chrome\t\t\t ", "description": "### *CVSS*:\n7.5\n\n### *Detect date*:\n04/01/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or have other unknown impact.\n\n### *Affected products*:\nGoogle Chrome versions earlier than 41.0.2272.118\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.\n\n### *Original advisories*:\n[Google Chrome blog post](<http://googlechromereleases.blogspot.ru/2015/04/stable-channel-update.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Google Chrome Enterprise](<https://threats.kaspersky.com/en/product/Google-Chrome-Enterprise/>)\n\n### *CVE-IDS*:\n[CVE-2015-1233](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1233>) \n[CVE-2015-1234](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1234>)", "published": "2015-04-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10524", "cvelist": ["CVE-2015-1233", "CVE-2015-1234"], "lastseen": "2018-03-30T14:11:22"}], "debian": [{"id": "DSA-3267", "type": "debian", "title": "chromium-browser -- security update", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\n * [CVE-2015-1251](<https://security-tracker.debian.org/tracker/CVE-2015-1251>)\n\nSkyLined discovered a use-after-free issue in speech recognition.\n\n * [CVE-2015-1252](<https://security-tracker.debian.org/tracker/CVE-2015-1252>)\n\nAn out-of-bounds write issue was discovered that could be used to escape from the sandbox.\n\n * [CVE-2015-1253](<https://security-tracker.debian.org/tracker/CVE-2015-1253>)\n\nA cross-origin bypass issue was discovered in the DOM parser.\n\n * [CVE-2015-1254](<https://security-tracker.debian.org/tracker/CVE-2015-1254>)\n\nA cross-origin bypass issue was discovered in the DOM editing feature.\n\n * [CVE-2015-1255](<https://security-tracker.debian.org/tracker/CVE-2015-1255>)\n\nKhalil Zhani discovered a use-after-free issue in WebAudio.\n\n * [CVE-2015-1256](<https://security-tracker.debian.org/tracker/CVE-2015-1256>)\n\nAtte Kettunen discovered a use-after-free issue in the SVG implementation.\n\n * [CVE-2015-1257](<https://security-tracker.debian.org/tracker/CVE-2015-1257>)\n\nmiaubiz discovered an overflow issue in the SVG implementation.\n\n * [CVE-2015-1258](<https://security-tracker.debian.org/tracker/CVE-2015-1258>)\n\ncloudfuzzer discovered an invalid size parameter used in the libvpx library.\n\n * [CVE-2015-1259](<https://security-tracker.debian.org/tracker/CVE-2015-1259>)\n\nAtte Kettunen discovered an uninitialized memory issue in the pdfium library.\n\n * [CVE-2015-1260](<https://security-tracker.debian.org/tracker/CVE-2015-1260>)\n\nKhalil Zhani discovered multiple use-after-free issues in chromium's interface to the WebRTC library.\n\n * [CVE-2015-1261](<https://security-tracker.debian.org/tracker/CVE-2015-1261>)\n\nJuho Nurminen discovered a URL bar spoofing issue.\n\n * [CVE-2015-1262](<https://security-tracker.debian.org/tracker/CVE-2015-1262>)\n\nmiaubiz discovered the use of an uninitialized class member in font handling.\n\n * [CVE-2015-1263](<https://security-tracker.debian.org/tracker/CVE-2015-1263>)\n\nMike Ruddy discovered that downloading the spellcheck dictionary was not done over HTTPS.\n\n * [CVE-2015-1264](<https://security-tracker.debian.org/tracker/CVE-2015-1264>)\n\nK0r3Ph1L discovered a cross-site scripting issue that could be triggered by bookmarking a site.\n\n * [CVE-2015-1265](<https://security-tracker.debian.org/tracker/CVE-2015-1265>)\n\nThe chrome 43 development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the libv8 library, version 4.3.61.21.\n\nFor the stable distribution (jessie), these problems have been fixed in version 43.0.2357.65-1~deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in version 43.0.2357.65-1.\n\nWe recommend that you upgrade your chromium-browser packages.", "published": "2015-05-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-3267", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1261", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2016-09-02T18:37:17"}, {"id": "DSA-3238", "type": "debian", "title": "chromium-browser -- security update", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\n * [CVE-2015-1235](<https://security-tracker.debian.org/tracker/CVE-2015-1235>)\n\nA Same Origin Policy bypass issue was discovered in the HTML parser.\n\n * [CVE-2015-1236](<https://security-tracker.debian.org/tracker/CVE-2015-1236>)\n\nAmitay Dobo discovered a Same Origin Policy bypass in the Web Audio API.\n\n * [CVE-2015-1237](<https://security-tracker.debian.org/tracker/CVE-2015-1237>)\n\nKhalil Zhani discovered a use-after-free issue in IPC.\n\n * [CVE-2015-1238](<https://security-tracker.debian.org/tracker/CVE-2015-1238>)\n\ncloudfuzzer discovered an out-of-bounds write in the skia library.\n\n * [CVE-2015-1240](<https://security-tracker.debian.org/tracker/CVE-2015-1240>)\n\nw3bd3vil discovered an out-of-bounds read in the WebGL implementation.\n\n * [CVE-2015-1241](<https://security-tracker.debian.org/tracker/CVE-2015-1241>)\n\nPhillip Moon and Matt Weston discovered a way to trigger local user interface actions remotely via a crafted website.\n\n * [CVE-2015-1242](<https://security-tracker.debian.org/tracker/CVE-2015-1242>)\n\nA type confusion issue was discovered in the v8 javascript library.\n\n * [CVE-2015-1244](<https://security-tracker.debian.org/tracker/CVE-2015-1244>)\n\nMike Ruddy discovered a way to bypass the HTTP Strict Transport Security policy.\n\n * [CVE-2015-1245](<https://security-tracker.debian.org/tracker/CVE-2015-1245>)\n\nKhalil Zhani discovered a use-after-free issue in the pdfium library.\n\n * [CVE-2015-1246](<https://security-tracker.debian.org/tracker/CVE-2015-1246>)\n\nAtte Kettunen discovered an out-of-bounds read issue in webkit/blink.\n\n * [CVE-2015-1247](<https://security-tracker.debian.org/tracker/CVE-2015-1247>)\n\nJann Horn discovered that file: URLs in OpenSearch documents were not sanitized, which could allow local files to be read remotely when using the OpenSearch feature from a crafted website.\n\n * [CVE-2015-1248](<https://security-tracker.debian.org/tracker/CVE-2015-1248>)\n\nVittorio Gambaletta discovered a way to bypass the SafeBrowsing feature, which could allow the remote execution of a downloaded executable file.\n\n * [CVE-2015-1249](<https://security-tracker.debian.org/tracker/CVE-2015-1249>)\n\nThe chrome 41 development team found various issues from internal fuzzing, audits, and other studies.\n\n * [CVE-2015-3333](<https://security-tracker.debian.org/tracker/CVE-2015-3333>)\n\nMultiple issues were discovered and fixed in v8 4.2.7.14.\n\n * [CVE-2015-3334](<https://security-tracker.debian.org/tracker/CVE-2015-3334>)\n\nIt was discovered that remote websites could capture video data from attached web cameras without permission.\n\n * [CVE-2015-3336](<https://security-tracker.debian.org/tracker/CVE-2015-3336>)\n\nIt was discovered that remote websites could cause user interface disruptions like window fullscreening and mouse pointer locking.\n\nFor the stable distribution (jessie), these problems have been fixed in version 42.0.2311.90-1~deb8u1.\n\nFor the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 42.0.2311.90-1.\n\nWe recommend that you upgrade your chromium-browser packages.", "published": "2015-04-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-3238", "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3336", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2016-09-02T18:35:23"}, {"id": "DSA-3242", "type": "debian", "title": "chromium-browser -- security update", "description": "Several vulnerabilities were discovered in the chromium web browser:\n\n * [CVE-2015-1243](<https://security-tracker.debian.org/tracker/CVE-2015-1243>)\n\nSaif El-Sherei discovered a use-after-free issue.\n\n * [CVE-2015-1250](<https://security-tracker.debian.org/tracker/CVE-2015-1250>)\n\nThe chrome 42 team found and fixed multiple issues during internal auditing.\n\nFor the stable distribution (jessie), these problems have been fixed in version 42.0.2311.135-1~deb8u1.\n\nFor the testing distribution (stretch), this problem will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in version 42.0.2311.135-1.\n\nWe recommend that you upgrade your chromium-browser packages.", "published": "2015-04-30T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-3242", "cvelist": ["CVE-2015-1250", "CVE-2015-1243"], "lastseen": "2016-09-02T18:34:32"}], "freebsd": [{"id": "A9D456B4-FE4C-11E4-AD15-00262D5ED8EE", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "description": "\nGoogle Chrome Releases reports:\n\n37 security fixes in this release, including:\n\n[474029] High CVE-2015-1252: Sandbox escape in Chrome. Credit\n\t to anonymous.\n[464552] High CVE-2015-1253: Cross-origin bypass in DOM. Credit\n\t to anonymous.\n[444927] High CVE-2015-1254: Cross-origin bypass in Editing.\n\t Credit to armin@rawsec.net.\n[473253] High CVE-2015-1255: Use-after-free in WebAudio. Credit\n\t to Khalil Zhani.\n[478549] High CVE-2015-1256: Use-after-free in SVG. Credit to\n\t Atte Kettunen of OUSPG.\n[481015] High CVE-2015-1251: Use-after-free in Speech. Credit\n\t to SkyLined working with HP's Zero Day Initiative.\n[468519] Medium CVE-2015-1257: Container-overflow in SVG.\n\t Credit to miaubiz.\n[450939] Medium CVE-2015-1258: Negative-size parameter in\n\t libvpx. Credit to cloudfuzzer\n[468167] Medium CVE-2015-1259: Uninitialized value in PDFium.\n\t Credit to Atte Kettunen of OUSPG\n[474370] Medium CVE-2015-1260: Use-after-free in WebRTC. Credit\n\t to Khalil Zhani.\n[466351] Medium CVE-2015-1261: URL bar spoofing. Credit to Juho\n\t Nurminen.\n[476647] Medium CVE-2015-1262: Uninitialized value in Blink.\n\t Credit to miaubiz.\n[479162] Low CVE-2015-1263: Insecure download of spellcheck\n\t dictionary. Credit to Mike Ruddy.\n[481015] Low CVE-2015-1264: Cross-site scripting in bookmarks.\n\t Credit to K0r3Ph1L.\n[489518] CVE-2015-1265: Various fixes from internal audits,\n\t fuzzing and other initiatives.\nMultiple vulnerabilities in V8 fixed at the tip of the 4.3\n\t branch (currently 4.3.61.21).\n\n\n", "published": "2015-05-19T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/a9d456b4-fe4c-11e4-ad15-00262d5ed8ee.html", "cvelist": ["CVE-2015-1265", "CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1261", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2016-09-26T17:24:19"}, {"id": "B57F690E-ECC9-11E4-876C-00262D5ED8EE", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "description": "\nGoogle Chrome Releases reports:\n\n45 new security fixes, including:\n\n[456518] High CVE-2015-1235: Cross-origin-bypass in HTML\n\t parser. Credit to anonymous.\n[313939] Medium CVE-2015-1236: Cross-origin-bypass in Blink.\n\t Credit to Amitay Dobo.\n[461191] High CVE-2015-1237: Use-after-free in IPC. Credit to\n\t Khalil Zhani.\n[445808] High CVE-2015-1238: Out-of-bounds write in Skia.\n\t Credit to cloudfuzzer.\n[463599] Medium CVE-2015-1240: Out-of-bounds read in WebGL.\n\t Credit to w3bd3vil.\n[418402] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip\n\t Moon and Matt Weston of Sandfield Information Systems.\n[460917] High CVE-2015-1242: Type confusion in V8. Credit to\n\t fcole@onshape.com.\n[455215] Medium CVE-2015-1244: HSTS bypass in WebSockets.\n\t Credit to Mike Ruddy.\n[444957] Medium CVE-2015-1245: Use-after-free in PDFium. Credit\n\t to Khalil Zhani.\n[437399] Medium CVE-2015-1246: Out-of-bounds read in Blink.\n\t Credit to Atte Kettunen of OUSPG.\n[429838] Medium CVE-2015-1247: Scheme issues in OpenSearch.\n\t Credit to Jann Horn.\n[380663] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to\n\t Vittorio Gambaletta (VittGam).\n[476786] CVE-2015-1249: Various fixes from internal audits,\n\t fuzzing and other initiatives. Multiple vulnerabilities in V8\n\t fixed at the tip of the 4.2 branch (currently 4.2.77.14).\n\n\n", "published": "2015-04-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/b57f690e-ecc9-11e4-876c-00262d5ed8ee.html", "cvelist": ["CVE-2015-1247", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "lastseen": "2016-09-26T17:24:20"}, {"id": "210F80B9-EDE4-11E4-81C4-00262D5ED8EE", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "description": "\nGoogle Chrome Releases reports:\n\n5 security fixes in this release, including:\n\n[453279] High CVE-2015-1243: Use-after-free in DOM. Credit to\n\t Saif El-Sherei.\n[481777] CVE-2015-1250: Various fixes from internal audits,\n\t fuzzing and other initiatives.\n\n\n", "published": "2015-04-28T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/210f80b9-ede4-11e4-81c4-00262d5ed8ee.html", "cvelist": ["CVE-2015-1250", "CVE-2015-1243"], "lastseen": "2016-09-26T17:24:20"}], "redhat": [{"id": "RHSA-2015:1023", "type": "redhat", "title": "(RHSA-2015:1023) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Chromium to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nChromium. (CVE-2015-1251, CVE-2015-1252, CVE-2015-1253, CVE-2015-1254,\nCVE-2015-1255, CVE-2015-1256, CVE-2015-1257, CVE-2015-1258, CVE-2015-1259,\nCVE-2015-1260, CVE-2015-1261, CVE-2015-1262, CVE-2015-1263, CVE-2015-1264,\nCVE-2015-1265)\n\nAll Chromium users should upgrade to these updated packages, which contain\nChromium version 43.0.2357.65, which corrects these issues. After\ninstalling the update, Chromium must be restarted for the changes to take\neffect.\n", "published": "2015-05-25T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:1023", "cvelist": ["CVE-2015-1251", "CVE-2015-1252", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1255", "CVE-2015-1256", "CVE-2015-1257", "CVE-2015-1258", "CVE-2015-1259", "CVE-2015-1260", "CVE-2015-1261", "CVE-2015-1262", "CVE-2015-1263", "CVE-2015-1264", "CVE-2015-1265"], "lastseen": "2018-06-07T05:58:29"}, {"id": "RHSA-2015:0816", "type": "redhat", "title": "(RHSA-2015:0816) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Chromium to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nChromium.(CVE-2015-1235, CVE-2015-1236, CVE-2015-1237, CVE-2015-1238,\nCVE-2015-1240, CVE-2015-1241, CVE-2015-1242, CVE-2015-1244, CVE-2015-1245,\nCVE-2015-1246, CVE-2015-1247, CVE-2015-1248, CVE-2015-1249)\n\nAll Chromium users should upgrade to these updated packages, which contain\nChromium version 42.0.2311.90, which corrects these issues. After\ninstalling the update, Chromium must be restarted for the changes to take\neffect.\n", "published": "2015-04-16T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:0816", "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249"], "lastseen": "2018-06-07T05:57:10"}, {"id": "RHSA-2015:0921", "type": "redhat", "title": "(RHSA-2015:0921) Important: chromium-browser security and bug fix update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Chromium to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nChromium. (CVE-2015-1243, CVE-2015-1250)\n\nThis update also fixes the following bug:\n\n* Prior to this update, Chromium did not accept GNOME's system proxy\nsettings due to having GConf support disabled. This issue has been resolved\nin this update. (BZ#1217065)\n\nAll Chromium users should upgrade to these updated packages, which contain\nChromium version 42.0.2311.135, which corrects these issues. After\ninstalling the update, Chromium must be restarted for the changes to take\neffect.\n", "published": "2015-04-30T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:0921", "cvelist": ["CVE-2015-1243", "CVE-2015-1250"], "lastseen": "2018-06-07T05:57:22"}, {"id": "RHSA-2015:0778", "type": "redhat", "title": "(RHSA-2015:0778) Critical: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Chromium to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nChromium. (CVE-2015-1233, CVE-2015-1234)\n\nAll Chromium users should upgrade to these updated packages, which contain\nChromium version 41.0.2272.118, which corrects these issues. After\ninstalling the update, Chromium must be restarted for the changes to take\neffect.\n", "published": "2015-04-06T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:0778", "cvelist": ["CVE-2015-1233", "CVE-2015-1234"], "lastseen": "2018-06-07T05:57:46"}], "gentoo": [{"id": "GLSA-201506-04", "type": "gentoo", "title": "Chromium: Multiple vulnerabilities", "description": "### Background\n\nChromium is an open-source web browser project.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker can cause arbitrary remote code execution, Denial of Service or bypass of security mechanisms. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-43.0.2357.65\"", "published": "2015-06-23T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/201506-04", "cvelist": ["CVE-2015-1265", "CVE-2015-1247", "CVE-2015-1257", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1250", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1243", "CVE-2015-1252", "CVE-2015-1233", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1256", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1238", "CVE-2015-1264", "CVE-2015-1234"], "lastseen": "2016-09-06T19:46:39"}], "threatpost": [{"id": "GOOGLE-FIXES-DOZENS-OF-BUGS-IN-CHROME-42/112248", "type": "threatpost", "title": "Google Fixes Dozens of Bugs in Chrome 42", "description": "Google has released [Chrome 42](<http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html>), a major security upgrade to the browser that includes patches for 45 vulnerabilities.\n\nThe latest version of Chrome carries with it fixes for a number of high-severity bugs, including a cross-origin bypass in the HTML parser. That vulnerability earned an anonymous security researcher a reward of $7,500 from Google. In all, the company paid out more than $21,000 in rewards to external researchers who reported bugs fixed in this version.\n\nAmong the other serious flaws patched in Chrome 42 is a use-after-free in the IPC component of the browser and a type confusion bug in the V8 engine. There also is a cross-origin bypass in the Blink layout engine, for which Google paid a $4,000 reward to researcher Amitay Dobo.\n\nThe list of security vulnerabilities fixed in Chrome 42 for which Google paid rewards:\n\n[$7500][[456518](<https://code.google.com/p/chromium/issues/detail?id=456518>)] High CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous.\n\n[$4000][[313939](<https://code.google.com/p/chromium/issues/detail?id=313939>)] Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo.\n\n[$3000][[461191](<https://code.google.com/p/chromium/issues/detail?id=461191>)] High CVE-2015-1237: Use-after-free in IPC. Credit to Khalil Zhani.\n\n[$2000][[445808](<https://code.google.com/p/chromium/issues/detail?id=445808>)] High CVE-2015-1238: Out-of-bounds write in Skia. Credit to cloudfuzzer.\n\n[$1000][[463599](<https://code.google.com/p/chromium/issues/detail?id=463599>)] Medium CVE-2015-1240: Out-of-bounds read in WebGL. Credit to w3bd3vil.\n\n[$1000][[418402](<https://code.google.com/p/chromium/issues/detail?id=418402>)] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon and Matt Weston of Sandfield Information Systems.\n\n[$500][[460917](<https://code.google.com/p/chromium/issues/detail?id=460917>)] High CVE-2015-1242: Type confusion in V8. Credit to fcole@onshape.com.\n\n[$500][[455215](<https://code.google.com/p/chromium/issues/detail?id=455215>)] Medium CVE-2015-1244: HSTS bypass in WebSockets. Credit to Mike Ruddy.\n\n[$500][[444957](<https://code.google.com/p/chromium/issues/detail?id=444957>)] Medium CVE-2015-1245: Use-after-free in PDFium. Credit to Khalil Zhani.\n\n[$500][[437399](<https://code.google.com/p/chromium/issues/detail?id=437399>)] Medium CVE-2015-1246: Out-of-bounds read in Blink. Credit to Atte Kettunen of OUSPG.\n\n[$500][[429838](<https://code.google.com/p/chromium/issues/detail?id=429838>)] Medium CVE-2015-1247: Scheme issues in OpenSearch. Credit to Jann Horn.\n\n[$500][[380663](<https://code.google.com/p/chromium/issues/detail?id=380663>)] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to Vittorio Gambaletta (VittGam).\n\nIn addition to the bugs reported by external researchers, Google also fixed a number of [flaws](<https://code.google.com/p/chromium/issues/detail?id=476786>) discovered through its own internal audits and research.", "published": "2015-04-14T14:44:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://threatpost.com/google-fixes-dozens-of-bugs-in-chrome-42/112248/", "cvelist": ["CVE-2015-1247", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1238"], "lastseen": "2016-09-04T20:52:11"}, {"id": "GOOGLE-FIXES-SANDBOX-ESCAPE-IN-CHROME/112899", "type": "threatpost", "title": "Google Fixes Sandbox Escape in Chrome", "description": "Google has patched a high-risk vulnerability in its Chrome browser that allows an attacker to escape the Chrome sandbox.\n\nThat vulnerability is one of 37 bugs fixed in version 43 of Chrome. Six of those flaws are rated as high risks and Google paid out more than $38,000 in rewards to researchers who reported vulnerabilities to the company. Among the other serious vulnerabilities are cross-origin bypasses and three use-after-free vulnerabilities.\n\nGoogle has not yet released the details of the vulnerabilities, so the nature and location of the sandbox-escape bug aren\u2019t clear. The company waits until most users have updated to the new version before releasing complete details of the vulnerabilities.\n\nHere are the public bugs fixed in Chrome 43:\n\n[$16337][[474029](<https://code.google.com/p/chromium/issues/detail?id=474029>)] High CVE-2015-1252: Sandbox escape in Chrome. Credit to anonymous.\n\n[$7500][[464552](<https://code.google.com/p/chromium/issues/detail?id=464552>)] High CVE-2015-1253: Cross-origin bypass in DOM. Credit to anonymous.\n\n[$3000][[444927](<https://code.google.com/p/chromium/issues/detail?id=444927>)] High CVE-2015-1254: Cross-origin bypass in Editing. Credit to armin@rawsec.net.\n\n[$3000][[473253](<https://code.google.com/p/chromium/issues/detail?id=473253>)] High CVE-2015-1255: Use-after-free in WebAudio. Credit to Khalil Zhani.\n\n[$2000][[478549](<https://code.google.com/p/chromium/issues/detail?id=478549>)] High CVE-2015-1256: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.\n\n[[481015](<https://code.google.com/p/chromium/issues/detail?id=481015>)] High CVE-2015-1251: Use-after-free in Speech. Credit to SkyLined working with HP\u2019s Zero Day Initiative \n\n[$1500][[468519](<https://code.google.com/p/chromium/issues/detail?id=468519>)] Medium CVE-2015-1257: Container-overflow in SVG. Credit to miaubiz.\n\n[$1000][[450939](<https://code.google.com/p/chromium/issues/detail?id=450939>)] Medium CVE-2015-1258: Negative-size parameter in Libvpx. Credit to cloudfuzzer\n\n[$1000][[468167](<https://code.google.com/p/chromium/issues/detail?id=468167>)] Medium CVE-2015-1259: Uninitialized value in PDFium. Credit to Atte Kettunen of OUSPG\n\n[$1000][[474370](<https://code.google.com/p/chromium/issues/detail?id=474370>)] Medium CVE-2015-1260: Use-after-free in WebRTC. Credit to Khalil Zhani.\n\n[$500][[466351](<https://code.google.com/p/chromium/issues/detail?id=466351>)] Medium CVE-2015-1261: URL bar spoofing. Credit to Juho Nurminen.\n\n[$500][[476647](<https://code.google.com/p/chromium/issues/detail?id=476647>)] Medium CVE-2015-1262: Uninitialized value in Blink. Credit to miaubiz.\n\n[$500][[479162](<https://code.google.com/p/chromium/issues/detail?id=479162>)] Low CVE-2015-1263: Insecure download of spellcheck dictionary. Credit to Mike Ruddy.\n\n[$500][[481015](<https://code.google.com/p/chromium/issues/detail?id=481015>)] Low CVE-2015-1264: Cross-site scripting in bookmarks. Credit to K0r3Ph1L.", "published": "2015-05-19T13:19:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://threatpost.com/google-fixes-sandbox-escape-in-chrome/112899/", "cvelist": ["CVE-2015-1257", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1252", "CVE-2015-1256", "CVE-2015-1261", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1264"], "lastseen": "2016-09-04T20:50:28"}], "thn": [{"id": "THN:5567C5205B537235576972984F283879", "type": "thn", "title": "Google Launches Chrome 42 with Push Notifications", "description": "[](<https://2.bp.blogspot.com/-OY8G_7PKi_E/VS5YWKpQmMI/AAAAAAAAikc/Y3N9Ag_b0B4/s1600/update-google-chrome.png>)\n\nGoogle has finally rolled out the latest version of its popular web browser, i.e. **_Chrome 42 for Windows, Mac, and Linux _**users that now lets websites send you alerts, no matter your browser is open or not.\n\n \n\n\nThe release of the latest Chrome 42 version is a great deal as it costs Google more than $21,000.\n\n \n\n\n**Yes, $21,000!**\n\n \n\n\nThe latest version of [Chrome](<https://thehackernews.com/search/label/Google%20Chrome>) comes with fixes for 45 security vulnerabilities in the web browser, reported by different security researchers [listed below].\n\n \n\n\n**Let's know about the Major updates**:\n\n \n\n\nMajor [updates](<https://googlechromereleases.blogspot.in/2015/04/stable-channel-update_14.html>) and significant improvements for Chrome version 42 includes:\n\n * Advanced [Push API](<https://w3c.github.io/push-api/>) and [Notifications API](<https://notifications.spec.whatwg.org/>)\n * **_Disabled Oracle's Java plugin by default_** as well as other extensions that use NPAPI\n * Patched 45 security bugs and paid out more than $21,000\n\n**Push API**:\n\n \n\n\nGoogle includes Push API in its web browser for the first time. Push API, when combined with the new notifications API, allows websites to push notifications to you through your browser, even when the browser window is closed.\n\n \n\n\nThe Push API feature is an optional feature, which means that you can enable or disable it as per your need. This will offer users an app-like experience on the web.\n\n \n\n\n**What else?**\n\n \n\n\nChrome 42 brings the **_end of official support for [NPAPI](<https://developer.chrome.com/extensions/npapi>)_** (\"Netscape Plugin API\") by disabling old browser plugins by default that use NPAPI, including Oracle\u2019s Java plugin and Silverlight.\n\n \n\n\nHowever, if you really want this blocked plugin, you can manually enable NPAPI support in Chrome's settings. But, you\u2019ll not enjoy NPAPI support for a long time as by September this year, Google will permanently remove this option.\n\n \n\n\n**Why Google want to vanish NPAPI?**\n\n \n\n\nThe open-source project team has been trying to kill off NPAPI [since 2013](<https://blog.chromium.org/2013/09/saying-goodbye-to-our-old-friend-npapi.html>), describing NPAPI as a dangerous security and stability risk.\n\n \n\n\nThe search engine giant believes that by disallowing to run Java plugin would certainly reduce the possibility of the attack against its Chrome browser.\n\n \n\n\n**Google patches total 45 security holes in its Chrome Browser:**\n\n \n\n\nThere were a number of high-severity vulnerabilities, including one known as **_Cross-origin bypass in the HTML parser_**. An anonymous security researcher was paid a **_reward of $7,500_** from Google for this critical vulnerability.\n\n \n\n\nThe list of rest security bugs fixed in Chrome 42 for which Google paid rewards are:\n\n * CVE-2015-1236 (Medium): Cross-origin-bypass in Blink -- Reward $4000 to Amitay Dobo\n * CVE-2015-1237 (High): Use-after-free in IPC -- Reward $3000 to Khalil Zhani\n * CVE-2015-1238 (High): Out-of-bounds write in Skia -- Reward $2000 to cloudfuzzer\n * CVE-2015-1240 (Medium): Out-of-bounds read in WebGL -- Reward $1000 to w3bd3vil\n * CVE-2015-1241 (Medium): Tap-Jacking -- Reward $1000 to Phillip Moon and Matt Weston of Sandfield Information Systems\n * CVE-2015-1242 (High): Type confusion in V8 -- Reward $500 to fcole@onshape.com\n * CVE-2015-1244 (Medium): HSTS bypass in WebSockets -- Reward $500 to Mike Ruddy\n * CVE-2015-1245 (Medium): Use-after-free in PDFium -- Reward $500 to Khalil Zhani\n * CVE-2015-1246 (Medium): Out-of-bounds read in Blink -- Reward $500 to Atte Kettunen of OUSPG\n * CVE-2015-1247 (Medium): Scheme issues in OpenSearch -- Reward $500 to Jann Horn\n * CVE-2015-1248 (Medium): SafeBrowsing bypass -- Reward $500 to Vittorio Gambaletta (VittGam)\n\nSo, if I talk about the total cost Google spent in bug bounties to external security researchers who contributed reported bugs fixed in this latest version, its around $21,500 in total.\n\n \n\n\n**Let's Update Chrome 42:**\n\n \n\n\nYou can now update this latest version, Chrome Version 42, using the browser\u2019s built-in silent update or download it straight forward from [google.com/chrome](<https://www.google.com/chrome/>). Linux users need to install the Distro Package Manager.\n\n \n\n\nHave you updated Chrome 42 already? Let us know your experience with Chrome 42 in the comment box below!\n", "published": "2015-04-15T01:31:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://thehackernews.com/2015/04/download-google-chrome.html", "cvelist": ["CVE-2015-1247", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1237", "CVE-2015-1238"], "lastseen": "2018-01-27T10:06:50"}], "packetstorm": [{"id": "PACKETSTORM:139874", "type": "packetstorm", "title": "Chrome Blink SpeechRecognitionController Use-After-Free", "description": "", "published": "2016-11-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://packetstormsecurity.com/files/139874/Chrome-Blink-SpeechRecognitionController-Use-After-Free.html", "cvelist": ["CVE-2015-1251"], "lastseen": "2016-12-05T22:21:26"}], "zdi": [{"id": "ZDI-15-236", "type": "zdi", "title": "Google Chrome SpeechRecognitionClient Use-After-Free Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within SpeechRecognitionClient. By manipulating a document's elements, an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.", "published": "2015-05-19T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.zerodayinitiative.com/advisories/ZDI-15-236", "cvelist": ["CVE-2015-1251"], "lastseen": "2016-11-09T00:17:59"}, {"id": "ZDI-15-137", "type": "zdi", "title": "(Pwn2Own) Google Chrome pnacl Shared Memory Time-Of-Check Time-Of-Use Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of communication between the GPU process and the renderer processes. The issue lies in the verification of values from the renderer without copying them out of a shared memory section. An attacker can leverage this vulnerability to execute code under the context of the current process.", "published": "2015-04-15T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.zerodayinitiative.com/advisories/ZDI-15-137", "cvelist": ["CVE-2015-1234"], "lastseen": "2016-11-09T00:18:12"}], "suse": [{"id": "OPENSUSE-SU-2015:0682-1", "type": "suse", "title": "Security update for Chromium (important)", "description": "Chromium was updated to 41.0.2272.118 to fix two security issues.\n\n The following vulnerabilities were fixed:\n\n\n * A combination of V8, Gamepad and IPC bugs could lead to remote code\n execution outside of the sandbox (CVE-2015-1233, boo#925713)\n * Buffer overflow via race condition in GPU (CVE-2015-1234, boo#925714)\n\n", "published": "2015-04-08T16:06:12", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00004.html", "cvelist": ["CVE-2015-1233", "CVE-2015-1234"], "lastseen": "2016-09-04T11:26:30"}]}}
