553 matches found
MGASA-2015-0062 Updated chromium-browser-stable packages fix security vulnerabilities
Updated chromium-browser packages fix security vulnerabilities: Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 allows remote attacke...
Design/Logic Flaw
Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote...
CVE-2015-1209
Removed by vendor...
CVE-2015-1209
Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote...
CVE-2014-9648
components/navigationinterception/interceptnavigationresourcethrottle.cc in Google Chrome before 40.0.2214.91 on Android does not properly restrict use of intent: URLs to open an application after navigation to a web site, which allows remote attackers to cause a denial of service loss of browser...
chromium-browser: memory corruption in V8
factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of backing-store pointers...
Google Chrome Denial of Service Vulnerability (CNVD-2015-00668)
Google Chrome is the United States Google Google company developed a Web browser. Google V8 is one of the open source JavaScript engine. The SimplifiedLowering::DoLoadBuffer function in the Google V8 compiler/simplified-lowering.cc in versions of Google Chrome prior to 40.0.2214.91 fails to selec...
Memory corruption
factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of backing-store pointers...
Memory corruption
The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified oth...
CVE-2014-7927
CVE-2014-7927 : In Google V8, the SimplifiedLowering::DoLoadBuffer path in compiler/simplified-lowering.cc does not properly select an integer data type, allowing a remote attacker crafting JavaScript to trigger memory corruption and thus a denial of service. Affected product: Google Chrome (and ...
CVE-2014-7930
Removed by vendor...
CVE-2014-7927
Removed by vendor...
CVE-2014-7928
hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, does not properly handle arrays with holes, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted JavaScript code that triggers an array copy...
UBUNTU-CVE-2014-7927
The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified oth...
CVE-2014-7927
The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified oth...
CVE-2011-1796
Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted...
Design/Logic Flaw
Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted...
CVE-2011-1796
CVE-2011-1796 is a use-after-free in WebKit’s FrameView.cpp (WebCore) affecting Google Chrome up to version 11.0.696.65. The flaw allows a remote attacker to crash the browser (DoS) or potentially cause other impact via crafted JavaScript that calls removeChild while interacting with a FRAME elem...
Mozilla: XMLHttpRequest crashes with some input streams (MFSA 2014-85)
The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service application crash via a crafted JavaScript object...
Mozilla: XMLHttpRequest crashes with some input streams (MFSA 2014-85)
The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service application crash via a crafted JavaScript object...