10 matches found
Webkit AudioSourceProviderGStreamer use-after-free vulnerability
Summary A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. Tested Versions Webkit WebKitGTK 2.30.1 Product URLs https://webkit.org/ CVSSv3 Score 8.8 -...
The vulnerability of Google Chrome browser allows a malicious intruder to gain access to the values of audio samples.
A vulnerability in the Google browser’s implementation of the MediaElementAudioSourceNode::process function in the modules/webaudio/MediaElementAudioSourceNode.cpp module Web Audio API in Blink Chrome can be exploited by an attacker to bypass domain restrictions and access values of audio samples...
CVE-2015-1236
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...
Design/Logic Flaw
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...
CVE-2015-1236
The CVE-2015-1236 entry refers to a Chrome/Blink vulnerability in the Web Audio API: MediaElementAudioSourceNode::process in Blink’s Web Audio implementation allows a remote site with a media element to bypass Same Origin Policy and access sensitive audio samples. Impact data from the sources con...
CVE-2015-1236
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...
CVE-2015-1236
Removed by vendor...
CVE-2015-1236
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...
chromium-browser: Cross-origin-bypass in Blink
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...
Google Chrome < 42.0.2311.90 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 42.0.2311.90. It is, therefore, affected by multiple vulnerabilities as referenced in the 201504stable-channel-update14 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attacke...