6 matches found
Did the “Man With No Name” Feel Insecure?
Posted by James Forshaw, Taker of Names Sometimes when I'm doing security research I'll come across a bug which surprises me. I discovered just such a bug in the Windows version of Chrome which exposed a little-known security detail in the OS. The bug, CVE-2014-3196 was fixed in M38, so it seemed...
Google Chrome Multiple Vulnerabilities - 01 (Oct 2014) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Chrome < 38.0.2125.104 Multiple Vulnerabilities
Binary data 8551.pasl...
FreeBSD : chromium -- multiple vulnerabilities (d2bbcc01-4ec3-11e4-ab3f-00262d5ed8ee)
Google Chrome Releases reports : 159 security fixes in this release, including 113 found using MemorySanitizer : - 416449 Critical CVE-2014-3188: A special thanks to Juri Aedla for a combination of V8 and IPC bugs that can lead to remote code execution outside of the sandbox. - 398384 High...
CVE-2014-3196
base/memory/sharedmemorywin.cc in Google Chrome before 38.0.2125.101 on Windows does not properly implement read-only restrictions on shared memory, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors...
CVE-2014-3196
CVE-2014-3196 affects Google Chrome on Windows prior to 38.0.2125.101, where base/memory/shared_memory_win.cc did not enforce read-only restrictions on shared memory. This allowed a sandbox bypass by exploiting how memory sections are shared between processes, potentially enabling a compromised r...