16 matches found
Mageia: Security Advisory (MGASA-2015-0265)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201507-18
Gentoo Linux Local Security Checks GLSA 201507-18 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Google Chrome OS < 43.0.2357.125 Multiple Vulnerabilities
Binary data 8887.prm...
[SECURITY] [DSA 3315-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3315-1 [email protected] https://www.debian.org/security/ Michael Gilbert July 23, 2015 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3315-1 (chromium-browser - security update)
Several vulnerabilities were discovered in the chromium web browser. CVE-2015-1266 Intended access restrictions could be bypassed for certain URLs like chrome://gpu. CVE-2015-1267 A way to bypass the Same Origin Policy was discovered. CVE-2015-1268 Mariusz Mlynski also discovered a way to bypass...
Ubuntu: Security Advisory (USN-2652-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2652-1: Oxide vulnerabilities
It was discovered that Chromium did not properly consider the scheme when determining whether a URL is associated with a WebUI SiteInstance. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. CVE-2015-1266 ...
USN-2652-1 oxide-qt vulnerabilities
It was discovered that Chromium did not properly consider the scheme when determining whether a URL is associated with a WebUI SiteInstance. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. CVE-2015-1266 ...
CVE-2015-1267
Blink, as used in Google Chrome before 43.0.2357.130, does not properly restrict the creation context during creation of a DOM wrapper, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that uses a Blink public API, related to WebArrayBufferConverter.cpp,...
CVE-2015-1267
CVE-2015-1267 affects Blink in Google Chrome prior to 43.0.2357.130, where the creation context for a DOM wrapper was not properly restricted, enabling remote attackers to bypass the Same Origin Policy via crafted JavaScript using Blink public APIs (e.g., WebArrayBufferConverter.cpp, WebBlob.cpp,...
openSUSE Security Update : chromium (openSUSE-2015-449)
chromium was updated to 43.0.2357.130 to fix several security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-1266: Scheme validation error in WebUI - CVE-2015-1268: Cross-origin bypass in Blink - CVE-2015-1267: Cross-origin bypass in Blink - CVE-2015-1269: Normalization...
Important: Red Hat Security Advisory: chromium-browser security update
Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...
Google Chrome < 43.0.2357.130 Multiple Vulnerabilities (Mac OS X)
The version of Google Chrome installed on the remote Mac OS X host is prior to 43.0.2357.130. It is, therefore, affected by multiple vulnerabilities : - A scheme validation error exists in WebUI. A remote attacker can exploit this to have an unspecified impact. CVE-2015-1266 - A cross-origin bypa...
FreeBSD : www/chromium -- multiple vulnerabilities (d46ed7b8-1912-11e5-9fdf-00262d5ed8ee)
Google Chrome Releases reports : 4 security fixes in this release : - 464922 High CVE-2015-1266: Scheme validation error in WebUI. Credit to anonymous. - 494640 High CVE-2015-1268: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. - 497507 Medium CVE-2015-1267: Cross-origin bypass in Blink...
Google Chrome < 43.0.2357.130 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 43.0.2357.130. It is, therefore, affected by multiple vulnerabilities : - A scheme validation error exists in WebUI. A remote attacker can exploit this to have an unspecified impact. CVE-2015-1266 - A cross-origin bypas...
Chrome Stable Update
The stable channel has been updated to 43.0.2357.130 for Windows, Mac, and Linux. A partial list of changes is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain...