14 matches found
Mageia: Security Advisory (MGASA-2015-0265)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201507-18
Gentoo Linux Local Security Checks GLSA 201507-18 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Google Chrome OS < 43.0.2357.125 Multiple Vulnerabilities
Binary data 8887.prm...
Debian Security Advisory DSA 3315-1 (chromium-browser - security update)
Several vulnerabilities were discovered in the chromium web browser. CVE-2015-1266 Intended access restrictions could be bypassed for certain URLs like chrome://gpu. CVE-2015-1267 A way to bypass the Same Origin Policy was discovered. CVE-2015-1268 Mariusz Mlynski also discovered a way to bypass...
Ubuntu: Security Advisory (USN-2652-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2652-1 oxide-qt vulnerabilities
It was discovered that Chromium did not properly consider the scheme when determining whether a URL is associated with a WebUI SiteInstance. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. CVE-2015-1266 ...
USN-2652-1: Oxide vulnerabilities
It was discovered that Chromium did not properly consider the scheme when determining whether a URL is associated with a WebUI SiteInstance. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. CVE-2015-1266 ...
CVE-2015-1269
CVE-2015-1269 affects Google Chrome and related Chromium-based packages. The DecodeHSTSPreloadRaw function in net/http/transport_security_state.cc failed to canonicalize DNS hostnames before comparing against HSTS/HPKP preload entries, enabling bypass of access restrictions via hostnames that end...
openSUSE Security Update : chromium (openSUSE-2015-449)
chromium was updated to 43.0.2357.130 to fix several security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-1266: Scheme validation error in WebUI - CVE-2015-1268: Cross-origin bypass in Blink - CVE-2015-1267: Cross-origin bypass in Blink - CVE-2015-1269: Normalization...
Important: Red Hat Security Advisory: chromium-browser security update
Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...
Google Chrome < 43.0.2357.130 Multiple Vulnerabilities (Mac OS X)
The version of Google Chrome installed on the remote Mac OS X host is prior to 43.0.2357.130. It is, therefore, affected by multiple vulnerabilities : - A scheme validation error exists in WebUI. A remote attacker can exploit this to have an unspecified impact. CVE-2015-1266 - A cross-origin bypa...
Google Chrome < 43.0.2357.130 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 43.0.2357.130. It is, therefore, affected by multiple vulnerabilities : - A scheme validation error exists in WebUI. A remote attacker can exploit this to have an unspecified impact. CVE-2015-1266 - A cross-origin bypas...
FreeBSD : www/chromium -- multiple vulnerabilities (d46ed7b8-1912-11e5-9fdf-00262d5ed8ee)
Google Chrome Releases reports : 4 security fixes in this release : - 464922 High CVE-2015-1266: Scheme validation error in WebUI. Credit to anonymous. - 494640 High CVE-2015-1268: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. - 497507 Medium CVE-2015-1267: Cross-origin bypass in Blink...
Chrome Stable Update
The stable channel has been updated to 43.0.2357.130 for Windows, Mac, and Linux. A partial list of changes is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain...