55 matches found
UBUNTU-CVE-2015-1297
The WebRequest API implementation in extensions/browser/api/webrequest/webrequestapi.cc in Google Chrome before 45.0.2454.85 does not properly consider a request's source before accepting the request, which allows remote attackers to bypass intended access restrictions via a crafted 1 app or 2...
Design/Logic Flaw
The WebRequest API implementation in extensions/browser/api/webrequest/webrequestapi.cc in Google Chrome before 45.0.2454.85 does not properly consider a request's source before accepting the request, which allows remote attackers to bypass intended access restrictions via a crafted 1 app or 2...
CVE-2015-1297
Removed by vendor...
CVE-2015-1297
CVE-2015-1297 affects Google Chrome’s WebRequest API (extensions/browser/api/web_request/web_request_api.cc) where the request source is not properly validated, allowing remote attackers to bypass access restrictions via a crafted app or extension. The vulnerability is fixed in Chrome 45.0.2454.8...
CVE-2015-1297
The WebRequest API implementation in extensions/browser/api/webrequest/webrequestapi.cc in Google Chrome before 45.0.2454.85 does not properly consider a request's source before accepting the request, which allows remote attackers to bypass intended access restrictions via a crafted 1 app or 2...
chromium-browser: Permission scoping error in WebRequest
The WebRequest API implementation in extensions/browser/api/webrequest/webrequestapi.cc in Google Chrome before 45.0.2454.85 does not properly consider a request's source before accepting the request, which allows remote attackers to bypass intended access restrictions via a crafted 1 app or 2...
chromium: multiple issues
CVE-2015-1291, CVE-2015-1293: Cross-origin bypass in DOM. - CVE-2015-1292: Cross-origin bypass in ServiceWorker. - CVE-2015-1294: Use-after-free in Skia. - CVE-2015-1295: Use-after-free in Printing. - CVE-2015-1296: Character spoofing in omnibox. - CVE-2015-1297: Permission scoping error in...
FreeBSD : chromium -- multiple vulnerabilities (ce84e136-e2f6-11e1-a8ca-00262d5ed8ee)
Google Chrome Releases reports : Linux only 125225 Medium CVE-2012-2846: Cross-process interference in renderers. Credit to Google Chrome Security Team Julien Tinnes. 127522 Low CVE-2012-2847: Missing re-prompt to user upon excessive downloads. Credit to Matt Austin of Aspect Security. 127525...
CVE-2012-2853
The webRequest API in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly interact with the Chrome Web Store, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a...
Design/Logic Flaw
The webRequest API in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly interact with the Chrome Web Store, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a...
CVE-2012-2853
The webRequest API in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly interact with the Chrome Web Store, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a...
CVE-2012-2853
Removed by vendor...
CVE-2012-2853
CVE-2012-2853 affects Google Chrome before 21.0.1180.57 on macOS/Linux and before 21.0.1180.60 on Windows/Chrome Frame. The issue arises from the webRequest API not interacting properly with the Chrome Web Store, allowing a remote attacker to cause a denial of service or possibly other unspecifie...
CVE-2012-2853
The webRequest API in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly interact with the Chrome Web Store, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a...
Google Chrome < 21.0.1180.60 Multiple Vulnerabilities
Binary data 6528.pasl...