CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1643 – chromium-browser: type confusion in Blink
https://notcve.org/view.php?id=CVE-2016-1643
10 Mar 2016 — The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." La función ImageInputType::ensurePrimaryContent en WebKit/Source/core/html/forms/ImageInputType.cpp en Blink, como se utiliza en Google Chrome en versiones... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html • CWE-361: 7PK - Time and State CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1644 – chromium-browser: use-after-free in Blink
https://notcve.org/view.php?id=CVE-2016-1644
10 Mar 2016 — WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted HTML document. WebKit/Source/core/layout/LayoutObject.cpp en Blink, como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.87, no restringe correctamente la planificación de rediseño, lo que permite a atacantes remotos ... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 16%CPEs: 6EXPL: 0CVE-2016-1645 – Google Chrome Pdfium JPEG2000 Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1645
10 Mar 2016 — Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data. Múltiples errores de entero sin signo en la función opj_j2k_update_image_data en j2k.c en OpenJPEG, como se utiliza en PDFium en Google Chrome en versiones anteriores a 49.0.2623.87, permiten a ... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1630 – chromium-browser: same-origin bypass in Blink
https://notcve.org/view.php?id=CVE-2016-1630
06 Mar 2016 — The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site. La función ContainerNode::parserRemoveChild en WebKit/Source/core/dom/ContainerNode.cpp en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.75, no maneja correctamente las actualizaciones de widget, lo que fa... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1631 – chromium-browser: same-origin bypass in Pepper Plugin
https://notcve.org/view.php?id=CVE-2016-1631
06 Mar 2016 — The PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. La función de The PPB_Flash_MessageLoop_Impl::InternalRun en content/renderer/pepper/ppb_flash_message_loop_impl.cc en el plugin Pepper en Google Chrome en versiones anteriores a 49.0.2623.75 no maneja correctamente los buc... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1632 – chromium-browser: bad cast in Extensions
https://notcve.org/view.php?id=CVE-2016-1632
06 Mar 2016 — The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h. El subsistema Extensions en Google Chrome en versiones anteriores a 49.0.2623.75 no mantiene adecuadamente sus propias propiedades, lo que permite a atacantes remotos eludir las restricciones destinadas al acceso... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1633 – chromium-browser: use-after-free in Blink
https://notcve.org/view.php?id=CVE-2016-1633
06 Mar 2016 — Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación de memoria en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.75, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. It was discovered th... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1634 – chromium-browser: use-after-free in Blink
https://notcve.org/view.php?id=CVE-2016-1634
06 Mar 2016 — Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that triggers Cascading Style Sheets (CSS) style invalidation during a certain subtree-removal action. Vulnerabilidad de uso después de liberación de memoria en la función StyleResolver::appendCSSStyleShee... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1635 – chromium-browser: use-after-free in Blink
https://notcve.org/view.php?id=CVE-2016-1635
06 Mar 2016 — extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. extensions/renderer/render_frame_observer_natives.cc en Google Chrome en versiones anteriores a 49.0.2623.75 no considera adecuadamente la vida del objeto y los problemas de ... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1636 – chromium-browser: SRI Validation Bypass
https://notcve.org/view.php?id=CVE-2016-1636
06 Mar 2016 — The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity (aka SRI) protection mechanism by triggering two loads of the same resource. La función PendingScript::notifyFinished en WebKit/Source/core/dom/PendingScript.cpp en Google Chrome en versiones anteriores a 49.0.2623.... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •