Google Chrome Extensions Memory Misreference Vulnerability

Google Chrome is a web browser developed by the American company Google Google. The 'GetLoadTimes' function in the renderer/loadtimesextensionbindings.cc file in the Extensions implementation of Google Chrome prior to version 47.0.2526.73 A memory misreference vulnerability exists. A remote...

Google Chrome DOM Homology Policy Bypass Vulnerability (CNVD-2015-07958)

Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the DOM implementation of Google Chrome versions prior to 47.0.2526.73. A remote attacker can exploit the vulnerability to bypass the same-origin policy...

Google Chrome DOM Homology Policy Bypass Vulnerability

Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the DOM implementation of Google Chrome versions prior to 47.0.2526.73. A remote attacker can exploit the vulnerability to bypass the same-origin policy...

Google Chrome 'ContainerNode::notifyNodeInsertedInternal' memory misreference vulnerability

Google Chrome is a web browser developed by the American company Google Google. A memory misreference vulnerability exists in the 'ContainerNode:: notifyNodeInsertedInternal' function in the WebKit/Source/core/dom/ContainerNode.cpp file in the DOM implementation of Google Chrome prior to version...

Google Chrome V8 Denial of Service Vulnerability (CNVD-2015-07977)

Google Chrome is the United States Google Google company developed a Web browser. Google V8 is one of the open source JavaScript engine. A security vulnerability exists in Google V8 versions prior to 4.7.80.23 used in Google Chrome versions prior to 47.0.2526.73. An attacker can exploit this...

UBUNTU-CVE-2015-6780

Use-after-free vulnerability in the Infobars implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site, related to browser/ui/views/websitesettings/websitesettingspopupview.cc...

UBUNTU-CVE-2015-6768

The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770...

UBUNTU-CVE-2015-6765

Use-after-free vulnerability in content/browser/appcache/appcacheupdatejob.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs...

UBUNTU-CVE-2015-6769

The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing...

chromium-browser: Various fixes from internal audits

Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

chromium-browser: Wildcard matching issue in CSP

The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a .x.y pattern, which might allow remote attackers to bypass intended access restrictions...

chromium-browser: Use-after-free in DOM

Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via...

chromium-browser: Use-after-free in Infobars

Use-after-free vulnerability in the Infobars implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site, related to browser/ui/views/websitesettings/websitesettingspopupview.cc...