6 matches found
Debian DSA-3238-1 : chromium-browser - security update
Several vulnerabilities were discovered in the chromium web browser. - CVE-2015-1235 A Same Origin Policy bypass issue was discovered in the HTML parser. - CVE-2015-1236 Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API. - CVE-2015-1237 Khalil Zhani discovered a use-after-fr...
FreeBSD : chromium -- multiple vulnerabilities (b57f690e-ecc9-11e4-876c-00262d5ed8ee)
Google Chrome Releases reports : 45 new security fixes, including : - 456518 High CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous. - 313939 Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo. - 461191 High CVE-2015-1237: Use-after-free in IPC. Credit ...
[SECURITY] [DSA 3238-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3238-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 26, 2015 http://www.debian.org/security/faq -...
CVE-2015-1244
CVE-2015-1244 affects Google Chrome prior to 42.0.2311.90. The issue lies in URLRequest::GetHSTSRedirect in url_request/url_request.cc, which does not replace the ws scheme with the wss scheme when an HSTS policy is active, enabling potential disclosure of sensitive WebSocket data via network sni...
UBUNTU-CVE-2015-1244
The URLRequest::GetHSTSRedirect function in urlrequest/urlrequest.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for...
RHEL 6 : chromium-browser (RHSA-2015:0816)
Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...