16 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-3333
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service o...
SUSE CVE-2015-1237
Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/renderframeimpl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages...
SUSE CVE-2015-1244
The URLRequest::GetHSTSRedirect function in urlrequest/urlrequest.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for...
Adobe Flash AS2 - Color.setRGB Use-After-Free
Source: https://code.google.com/p/google-security-research/issues/detail?id=367&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Deadline tracking for Chromium VRP bug https://code.google.com/p/chromium/issues/detail?id=484610 Credit is to bilou, working with the Chromium...
Adobe Flash AS2 - textfield.filters Use-After-Free (2)
Source: https://code.google.com/p/google-security-research/issues/detail?id=342&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Tracking for https://code.google.com/p/chromium/issues/detail?id=480496 Credit is to bilou, working with the Chromium Vulnerability Rewards Progra...
Adobe Flash AS2 - MovieClip.scrollRect Use-After-Free
Source: https://code.google.com/p/google-security-research/issues/detail?id=359&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Deadline tracking for https://code.google.com/p/chromium/issues/detail?id=482521 --- VULNERABILITY DETAILS When setting the scrollRect attribute o...
Adobe Flash AS2 - textfield.filters Use-After-Free (2)
Adobe Flash AS2 - textfield.filters Use-After-Free 2 Source: https://code.google.com/p/google-security-research/issues/detail?id=342&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Tracking for https://code.google.com/p/chromium/issues/detail?id=480496 Credit is to bilou,...
openSUSE Security Update : Chromium (openSUSE-2015-320)
Chromium was updated to latest stable release 42.0.2311.90 to fix security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-1235: Cross-origin-bypass in HTML parser. - CVE-2015-1236: Cross-origin-bypass in Blink. - CVE-2015-1237: Use-after-free in IPC. - CVE-2015-1238:...
Google Chrome V8 Denial of Service Vulnerability
Google Chrome is the United States Google Google company developed a Web browser. Google V8 is one of the open source JavaScript engine. A security vulnerability exists in Google V8 versions prior to 4.2.77.14 used in Google Chrome versions prior to 42.0.2311.90. An attacker could exploit this...
Google Chrome 'RenderFrameImpl::OnMessageReceived' memory misreference vulnerability
Google Chrome is a web browsing tool developed by Google. A memory misreference vulnerability exists in the 'RenderFrameImpl::OnMessageReceived' function in the content/renderer/renderframeimpl.cc file in Google Chrome versions prior to 42.0.2311.90. function in the...
Google Chrome Skia out-of-bounds write vulnerability (CNVD-2015-02617)
Google Chrome is a web browsing tool developed by Google. A security vulnerability exists in Skia used in versions of Google Chrome prior to 42.0.2311.90. A remote attacker could exploit this vulnerability to cause a denial of service write across boundaries or have other impact...
Google Chrome Out-of-Bounds Read Vulnerability (CNVD-2015-02616)
Google Chrome is a web browsing tool developed by Google. A security vulnerability exists in the gpu/blink/webgraphicscontext3dimpl.cc file in the WebGL implementation of Google Chrome versions prior to 42.0.2311.90. A remote attacker can exploit this vulnerability to cause a denial of service...
Google Chrome Same Origin Policy Bypass Vulnerability (CNVD-2015-02620)
Google Chrome is a web browsing tool developed by Google. A security vulnerability exists in the 'ContainerNode::parserRemoveChild' function in the core/dom/ContainerNode.cpp file in the Blink's HTML parser used in Google Chrome versions prior to 42.0.2311.90. ' function in the...
CVE-2015-3334
browser/ui/websitesettings/websitesettings.cc in Google Chrome before 42.0.2311.90 does not always display "Media: Allowed by you" in a Permissions table after the user has granted camera permission to a web site, which might make it easier for user-assisted remote attackers to obtain sensitive...
UBUNTU-CVE-2015-1249
Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors...
chromium-browser: Various fixes from internal audits, fuzzing and other initiatives
Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors...