112 matches found
Debian DSA-3667-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2016-5170 A use-after-free issue was discovered in Blink/Webkit. - CVE-2016-5171 Another use-after-free issue was discovered in Blink/Webkit. - CVE-2016-5172 Choongwoo Han discovered an information leak in the v8...
[SECURITY] [DSA 3667-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3667-1 [email protected] https://www.debian.org/security/ Michael Gilbert September 15, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3667-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5170 A use-after-free issue was discovered in Blink/Webkit. CVE-2016-5171 Another use-after-free issue was discovered in Blink/Webkit. CVE-2016-5172 Choongwoo Han discovered an information leak in the v8 javascript...
Information disclosure
gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service uninitialized memory read via a crafted GIF file...
CVE-2015-7802
gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service uninitialized memory read via a crafted GIF file...
CVE-2015-7802
OptiPNG/gif2png is affected by CVE-2015-7802 due to a flaw in gifread.c that can trigger a denial of service via a crafted GIF file, caused by an uninitialized memory read. The issue is present in OptiPNG versions before 0.7.6. Affected component: gifread.c in gif2png; impact: remote DoS with uni...
CVE-2015-7802
gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service uninitialized memory read via a crafted GIF file...
FreeBSD : chromium -- multiple vulnerabilities (6d8505f0-0614-11e6-b39c-00262d5ed8ee)
Google Chrome Releases reports : 20 security fixes in this release, including : - 590275 High CVE-2016-1652: Universal XSS in extension bindings. Credit to anonymous. - 589792 High CVE-2016-1653: Out-of-bounds write in V8. Credit to Choongwoo Han. - 591785 Medium CVE-2016-1651: Out-of-bounds read...
SUSE SLES12 Security Update : Chromium (SUSE-SU-2016:1060-1)
Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities : - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding - CVE-2016-1652: Universal XSS in extension bindings - CVE-2016-1653: Out-of-bounds write in V8 - CVE-2016-1654: Uninitialized memory read in media -...
chromium-browser: uninitialized memory read in media
The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service invalid read operation via unknown vectors...
Debian DSA-3549-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2016-1651 An out-of-bounds read issue was discovered in the pdfium library. - CVE-2016-1652 A cross-site scripting issue was discovered in extension bindings. - CVE-2016-1653 Choongwoo Han discovered an out-of-bounds...
chromium: multiple issues
CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding. Credit to kdot working with HP's Zero Day Initiative. - CVE-2016-1652: Universal XSS in extension bindings. Credit to anonymous. - CVE-2016-1653: Out-of-bounds write in V8. Credit to Choongwoo Han. - CVE-2016-1654: Uninitialized...
DSA-3549-1 chromium-browser - security update
Bulletin has no description...
Google Chrome < 50.0.2661.75 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 50.0.2661.75. It is, therefore, affected by multiple vulnerabilities as referenced in the 201604stable-channel-update13 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers...
CVE-2015-8390
PCRE before 8.38 mishandles the : and \ substrings in character classes, which allows remote attackers to cause a denial of service uninitialized memory read or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by...
DEBIAN-CVE-2015-8390
PCRE before 8.38 mishandles the : and \ substrings in character classes, which allows remote attackers to cause a denial of service uninitialized memory read or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by...
Code injection
PCRE before 8.38 mishandles the : and \ substrings in character classes, which allows remote attackers to cause a denial of service uninitialized memory read or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by...
PT-2015-7791 · Php Community +2 · Pcre +2
Name of the Vulnerable Software and Affected Versions: PCRE versions prior to 8.38 Description: The issue concerns how PCRE handles the : and substrings in character classes. This mishandling allows remote attackers to cause a denial of service due to an uninitialized memory read or possibly have...
CVE-2015-7802
gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service uninitialized memory read via a crafted GIF file...
ICU: Uninitialized memory read fixed in Chrome 44.0.2403.89
The ucnviogetConverterName function in common/ucnvio.cpp in International Components for Unicode ICU, as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service read of uninitialized memory or...