CVE-2015-1346 – chromium-browser: unspecified vulnerability in Google V8
https://notcve.org/view.php?id=CVE-2015-1346
Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.30.33.15,usado en Google Chrome anterior a 40.0.2214.91, permite a atacantes causar una denegación de servicio o la posibilidad de tener otro impacto a través de vectores no conocidos. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://rhn.redhat.com/errata/RHSA-2015-0093.html http://secunia.com/advisories/62383 http://secunia.com/advisories/62575 http://security.gentoo.org/glsa/glsa-201502-13.xml http://www.securitytracker.com/id/1031623 http://www.ubuntu.com/usn/USN-2476-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/100361 https://access.redhat.com/security/cve/CVE-2015-1346 https://bugzilla.redhat.com/show_bug.cgi?id=118 •
CVE-2015-1205 – chromium-browser: multiple unspecified vulnerabilities
https://notcve.org/view.php?id=CVE-2015-1205
Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 40.0.2214.91 permite a atacantes causar una denegación de servicio o la posibilidad de tener otro impacto a través de vectores desconocidos • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://secunia.com/advisories/62383 http://secunia.com/advisories/62575 http://security.gentoo.org/glsa/glsa-201502-13.xml http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http:/ •
CVE-2014-7939 – chromium-browser: same-origin-bypass in V8
https://notcve.org/view.php?id=CVE-2014-7939
Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header. Google Chrome anterior aq 40.0.2214.91, cuando el proxy Harmony en Google V8 está habilitado, permite a atacantes remotos evadir Same Origin Policy a través de código JavaScript manipulado con llamadas Proxy.create y console.log, relacionado con respuestas HTTP a que les falta una cabecera'X-Content-Type-Options: nosniff'. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://rhn.redhat.com/errata/RHSA-2015-0093.html http://secunia.com/advisories/62383 http://secunia.com/advisories/62665 http://security.gentoo.org/glsa/glsa-201502-13.xml http://www.securityfocus.com/bid/72288 http://www.securitytracker.com/id/1031623 https://code.google.com/p/chromium/issues/detail?id=399951 https://access.redhat.com/ • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-1797
https://notcve.org/view.php?id=CVE-2011-1797
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. WebKit, como se usa en Safari de Apple anterior a v5.0.6, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web hecho a mano, una vulnerabilidad diferente a los CVE enumerados en WebKit en APPLE-SA -2011-07-20-1. • http://crbug.com/79075 http://launchpad.net/bugs/778822 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://trac.webkit.org/changeset/85355 http://trac.webkit.org/changeset/86781 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •