CVE-2018-6076 – chromium-browser: incorrect handling of url fragment identifiers in blink
https://notcve.org/view.php?id=CVE-2018-6076
Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page. El cifrado insuficiente de identificadores de fragmentos de URL en Blink en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto realizase un ataque Cross-Site Scripting (XSS) basado en DOM mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103297 https://access.redhat.com/errata/RHSA-2018:0484 https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html https://crbug.com/758523 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6076 https://bugzilla.redhat.com/show_bug.cgi?id=1552493 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-6074 – chromium-browser: mark-of-the-web bypass
https://notcve.org/view.php?id=CVE-2018-6074
Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to bypass OS level controls via a crafted HTML page. El error al aplicar Mark-of-the-Web en las descargas en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto omitiese los controles de nivel del sistema operativo mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103297 https://access.redhat.com/errata/RHSA-2018:0484 https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html https://crbug.com/809759 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6074 https://bugzilla.redhat.com/show_bug.cgi?id=1552491 • CWE-20: Improper Input Validation •
CVE-2018-6060 – chromium-browser: use-after-free in blink
https://notcve.org/view.php?id=CVE-2018-6060
Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en WebAudio en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103297 https://access.redhat.com/errata/RHSA-2018:0484 https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html https://crbug.com/780919 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6060 https://bugzilla.redhat.com/show_bug.cgi?id=1552476 • CWE-416: Use After Free •
CVE-2018-7858 – QEMU: cirrus: OOB access when updating VGA display
https://notcve.org/view.php?id=CVE-2018-7858
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. Quick Emulator (también conocido como QEMU), cuando se integra con soporte para Cirrus CLGD 54xx VGA Emulator, permite que usuarios privilegiados locales, invitados del sistema operativo, provoquen una denegación de servicio (acceso fuera de límites y cierre inesperado del proceso QEMU) aprovechando los cálculos de región incorrectos al actualizar la pantalla VGA. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html http://www.openwall.com/lists/oss-security/2018/03/09/1 http://www.securityfocus.com/bid/103350 https://access.redhat.com/errata/RHSA-2018:1369 https://access.redhat.com/errata/RHSA-2018:1416 https://access.redhat.com/errata/RHSA-2018:2162 https://bugzilla.redhat.com/show_bug.cgi?id=1553402 https://lists.nongnu.org/archive/html/qemu-devel/2018-03/msg02174.html https://usn.ubuntu.com/3649-1 ht • CWE-125: Out-of-bounds Read •
CVE-2018-6080 – chromium-browser: information disclosure in ipc call
https://notcve.org/view.php?id=CVE-2018-6080
Lack of access control checks in Instrumentation in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to obtain memory metadata from privileged processes . La falta de comprobaciones de control de acceso en Instrumentation en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto que había comprometido el proceso renderer obtuviese metadatos de la memoria de procesos privilegiados. Chromium suffers from an information disclosure vulnerability via the memory_instrumentation::mojom::Coordinator interface in the resource_coordinator service. • http://www.securityfocus.com/bid/103297 https://access.redhat.com/errata/RHSA-2018:0484 https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html https://crbug.com/792028 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6080 https://bugzilla.redhat.com/show_bug.cgi?id=1552497 • CWE-269: Improper Privilege Management •