CVE-2015-1216 – chromium-browser: Use-after-free in v8 bindings
https://notcve.org/view.php?id=CVE-2015-1216
Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a frame detachment. Vulnerabilidad de uso después de liberación en la función V8Window::namedPropertyGetterCustom en bindings/core/v8/custom/V8WindowCustom.cpp en los enlaces V8 en Blink, utilizado en Google Chrome anterior a 41.0.2272.76, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan un desprendimiento de trama. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=454954 https://security.gentoo.org/glsa/201503-12 https://src.chromium.org/viewvc/blink?revision=189574&view=revision https://access.redhat.com/security/cve/CVE-2015-1216 https://bugzilla.redhat.com/show_bug.cgi?id=1198522 • CWE-416: Use After Free •
CVE-2015-1231 – chromium-browser: Various fixes from internal audits, fuzzing and other initiatives.
https://notcve.org/view.php?id=CVE-2015-1231
Multiple unspecified vulnerabilities in Google Chrome before 41.0.2272.76 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 41.0.2272.76 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=383777 https://code.google.com/p/chromium/issues/detail?id=404300 https://code.google.com/p/chromium/issues/detail?id=406871 https://code.google.com/p/chromium/issues/detail?id=421499 https://code.google.com/p/chromium/issues/detail? •
CVE-2015-1218 – chromium-browser: Use-after-free in dom
https://notcve.org/view.php?id=CVE-2015-1218
Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp. Múltiples vulnerabilidades de uso después de liberación en la implementación DOM en Blink, utilizado en Google Chrome anterior a 41.0.2272.76, permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan el traslado de un elemento SCRIPT a documentos diferentes, relacionado con (1) la función HTMLScriptElement::didMoveToNewDocument en core/html/HTMLScriptElement.cpp y (2) la función SVGScriptElement::didMoveToNewDocument en core/svg/SVGScriptElement.cpp. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=456059 https://security.gentoo.org/glsa/201503-12 https://src.chromium.org/viewvc/blink?revision=189886&view=revision https://access.redhat.com/security/cve/CVE-2015-1218 https://bugzilla.redhat.com/show_bug.cgi?id=1198525 • CWE-416: Use After Free •
CVE-2015-1230 – Google Chrome V8EventListenerList::findOrCreateWrapper Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1230
The getHiddenProperty function in bindings/core/v8/V8EventListenerList.h in Blink, as used in Google Chrome before 41.0.2272.76, has a name conflict with the AudioContext class, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that adds an AudioContext event listener and triggers "type confusion." La función getHiddenProperty en bindings/core/v8/V8EventListenerList.h en Blink, utilizado en Google Chrome anterior a 41.0.2272.76, tiene un conflicto de nombres con la clase AudioContext, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de código JavaScript que añade un oyente de eventos AudioContext y provoca una 'confusión de tipos.' This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within findOrCreateWrapper. By manipulating a document's elements, an attacker can force a type confusion error while adding an event listener. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=449610 https://security.gentoo.org/glsa/201503-12 https://src.chromium.org/viewvc/blink?revision=189006&view=revision https://access.redhat.com/security/cve/CVE-2015-1230 https://bugzilla.redhat.com/show_bug.cgi?id=1198537 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2015-1215 – chromium-browser: Out-of-bounds write in skia filters
https://notcve.org/view.php?id=CVE-2015-1215
The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation. La implementación de filtrado en Skia, utilizado en Google Chrome anterior a 41.0.2272.76, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan una operación de escritura fuera de rango. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=445809 https://security.gentoo.org/glsa/201503-12 https://access.redhat.com/security/cve/CVE-2015-1215 https://bugzilla.redhat.com/show_bug.cgi?id=1198521 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •