17 matches found
In-the-Wild Series: Chrome Exploits
This is part 3 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, see the introduction post. Posted by Sergei Glazunov, Project Zero Introduction As we continue the series on the watering hole attack...
CVE-2017-5070
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
CVE-2017-5070
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
CVE-2017-5070
CVE-2017-5070 is a type confusion vulnerability in Google Chrome’s V8 engine that allows a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected products include Google Chrome and other Chromium-based browsers (V8 engine), with desktop versions prior to 59...
Google Chrome V8 Crankshaft Type Confusion (CVE-2017-5070)
A type confusion vulnerability exists in Google Chrome. The vulnerability is due to improper handling of objects in memory by the V8 JavaScript engine while compiling code. A remote attacker could exploit this vulnerability by enticing a user to open a malicious web page...
CVE-2017-5070
creationtimestamp| type| source ---|---|--- 2017-09-04 17:48:58+00:00| exploited| https://t.me/informationsecuritychannel/8457 2019-09-25 08:28:15+00:00| seen| MISP/5d8b23ae-50d0-4a09-86da-4dc9950d210f 2020-10-09 14:30:50+00:00| seen| MISP/bbad3705-75de-41f7-980c-0e90136909de 2022-06-07...
Fedora Update for qt5-qtwebengine FEDORA-2017-1e34da27f3
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : qt5-qtwebengine (2017-a7a488d8d0)
This update updates QtWebEngine to the 5.9.1 release, a security and bugfix release from the 5.9 branch. QtWebEngine 5.9.1 is part of the Qt 5.9.1 release, but only the QtWebEngine component is included in this update. The update fixes the following security issues in QtWebEngine 5.9.0:...
Fedora 26 : 1:chromium-native_client (2017-c11d7ef69a)
Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082,...
Fedora Update for chromium-native_client FEDORA-2017-b8d76bef4e
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : 1:chromium-native_client (2017-b8d76bef4e)
Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082,...
Fedora Update for chromium-native_client FEDORA-2017-a66e2c5b62
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : 1:chromium-native_client (2017-a66e2c5b62)
Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082,...
openSUSE Security Update : chromium (openSUSE-2017-661)
This update to Chromium 59.0.3071.86 fixes the following security issues : - CVE-2017-5070: Type confusion in V8 - CVE-2017-5071: Out of bounds read in V8 - CVE-2017-5072: Address spoofing in Omnibox - CVE-2017-5073: Use after free in print preview - CVE-2017-5074: Use after free in Apps Bluetoot...
Google Chrome < 59.0.3071.86 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 59.0.3071.86. It is, therefore, affected by multiple vulnerabilities as referenced in the 201706stable-channel-update-for-desktop advisory. - A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86...
Google Fixes 30 Vulnerabilities, Five High Severity, in Chrome 59
Google on Monday released the latest stable version of Chrome that includes patches for 30 vulnerabilities, including five high severity issues. The company paid out $23,500 to external researchers for the vulnerabilities, including $7,500 for a type confusion vulnerability in V8, the open source...
Google Chrome Security Updates (stable-channel-update-for-desktop-2017-06) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...