958 matches found
CVE-2015-1227
The CVE-2015-1227 issue affects Google Chrome’s Blink rendering engine (DragImage::create in platform/DragImage.cpp). The root cause is uninitialized memory used for image drawing, as reported for Chrome versions prior to 41.0.2272.76. This memory initialization flaw could allow a remote attacker...
Google Chrome Blink Arbitrary Code Execution Vulnerability
Google Chrome is a web browsing tool developed by Google. A security vulnerability in the 'DragImage::create' function in the platform/DragImage.cpp file in Blink used in versions prior to Google Chrome 41.0.2272.76 stems from the program failing to properly initialize memory for image drawing. A...
Google Chrome CSS Token Sequence Denial of Service Vulnerability
Google Chrome is a popular WEB browser. The 'RenderCounter::updateCounter' function in the core/rendering/RenderCounter.cpp file in Blink used by Google Chrome has a security vulnerability due to the program's failure to Because the program fails to enforce relayout operations and fails to proper...
CVE-2015-1227
The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which t...
UBUNTU-CVE-2015-1228
The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service...
CVE-2015-1228
The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service...
KLA10589 Multiple vulnerabilities in Microsoft products
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory...
MGASA-2015-0047 Updated icu packages fix security vulnerabilities
Updated icu packages fix security vulnerabilities: The Regular Expressions package in International Components for Unicode ICU 52 before SVN revision 292944 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via vectors related to a...
CVE-2014-7942
The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...
CVE-2014-7940
The collator implementation in i18n/ucol.cpp in International Components for Unicode ICU 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have...
Design/Logic Flaw
The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...
CVE-2014-7942
The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...
CVE-2014-7940
CVE-2014-7940 affects ICU 52 and derived Chrome builds; the collator in i18n/ucol.cpp does not initialize memory for a data structure, enabling denial of service or unspecified impact via crafted input. Public-module details: linked advisories show remediation by upgrading ICU to newer releases (...
CVE-2014-7942
Removed by vendor...
UBUNTU-CVE-2014-7942
The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...
CVE-2014-7940
The collator implementation in i18n/ucol.cpp in International Components for Unicode ICU 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have...
Updated iceape package fixes security vulnerabilities
Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service memory corruption and...
CVE-2014-8637
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element...
CVE-2014-8637
CVE-2014-8637 affects Mozilla Firefox <35.0 and SeaMonkey
CVE-2014-8637
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element...