CVE-2015-1283 – chromium-browser: Heap-buffer-overflow in expat.
https://notcve.org/view.php?id=CVE-2015-1283
23 Jul 2015 — Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. Múltiples vulnerabilidades de desbordamiento de entero en la función XML_GetBuffer en Expat hasta la versión 2.1.0 implementada en Chrome en versiones anteriores a la 44.0.2403.89 y otros... • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVE-2015-1284 – chromium-browser: Use-after-free in blink.
https://notcve.org/view.php?id=CVE-2015-1284
23 Jul 2015 — The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service (invalid count value and use-after-free) or possibly have unspecified other impact via crafted JavaScript code that makes many createElement calls for IFRAME elements. Vulnerabilidad en la función LocalFrame::isURLAllowed en core/frame/LocalFrame.cpp en Blink impleme... • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html • CWE-20: Improper Input Validation CWE-416: Use After Free •
CVE-2015-1285 – chromium-browser: Information leak in XSS auditor.
https://notcve.org/view.php?id=CVE-2015-1285
23 Jul 2015 — The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-time attack. Vulnerabilidad en la función XSSAuditor::canonicalize en core/html/parser/XSSAuditor.cpp en el auditor XSS en Blink, usado en Google Chrome en versiones anteriores a la 44.0.2403.89, no elige correctamente... • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-1286 – chromium-browser: UXSS in blink.
https://notcve.org/view.php?id=CVE-2015-1286
23 Jul 2015 — Cross-site scripting (XSS) vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8_context_native_handler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML by leveraging the lack of a certain V8 context restriction, aka a Blink "Universal XSS (UXSS)." Vulnerabilidad de XSS en la función V8ContextNativeHandler::GetModuleSystem en extensions/renderer/v8_context_native_handler.cc en Google Chrome en versiones anteriore... • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-1287 – chromium-browser: SOP bypass with CSS in unspecified
https://notcve.org/view.php?id=CVE-2015-1287
23 Jul 2015 — Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to core/fetch/CSSStyleSheetResource.cpp. Vulnerabilidad en Blink implementado en Google Chrome en versiones anteriores a la 44.0.2403.89, habilita una excepción en el quirks-mode que limita los casos en los que un ... • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html • CWE-17: DEPRECATED: Code •
CVE-2015-1288 – chromium-browser: Spell checking dictionaries fetched over HTTP in unspecified
https://notcve.org/view.php?id=CVE-2015-1288
23 Jul 2015 — The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issue to CVE-2015-1263. Vulnerabilidad en la implementación de Spellcheck API en Google Chrome en versiones anteriores a la 44.0.2403.89, no usa una sesión HTTPS para la descarga de un diccionario Hunspell, lo cual pe... • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html • CWE-17: DEPRECATED: Code •
CVE-2015-1289 – chromium-browser: Various fixes from internal audits, fuzzing and other initiatives
https://notcve.org/view.php?id=CVE-2015-1289
23 Jul 2015 — Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a la 44.0.2403.89, permite a atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html •
CVE-2015-1266 – chromium-browser: Scheme validation error in WebUI
https://notcve.org/view.php?id=CVE-2015-1266
25 Jun 2015 — content/browser/webui/content_web_ui_controller_factory.cc in Google Chrome before 43.0.2357.130 does not properly consider the scheme in determining whether a URL is associated with a WebUI SiteInstance, which allows remote attackers to bypass intended access restrictions via a similar URL, as demonstrated by use of http://gpu when there is a WebUI class for handling chrome://gpu requests. content/browser/webui/content_web_ui_controller_factory.cc en Google Chrome anterior a 43.0.2357.130 no considera corr... • http://googlechromereleases.blogspot.com/2015/06/chrome-stable-update.html • CWE-254: 7PK - Security Features •
CVE-2015-1267 – chromium-browser: Cross-origin bypass in Blink
https://notcve.org/view.php?id=CVE-2015-1267
25 Jun 2015 — Blink, as used in Google Chrome before 43.0.2357.130, does not properly restrict the creation context during creation of a DOM wrapper, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that uses a Blink public API, related to WebArrayBufferConverter.cpp, WebBlob.cpp, WebDOMError.cpp, and WebDOMFileSystem.cpp. Blink, utilizado en Google Chrome anterior a 43.0.2357.130, no restringe correctamente el contexto de la creación durante la creación de un envoltorio DOM, lo ... • http://googlechromereleases.blogspot.com/2015/06/chrome-stable-update.html • CWE-254: 7PK - Security Features •
CVE-2015-1268 – chromium-browser: Cross-origin bypass in Blink
https://notcve.org/view.php?id=CVE-2015-1268
25 Jun 2015 — bindings/scripts/v8_types.py in Blink, as used in Google Chrome before 43.0.2357.130, does not properly select a creation context for a return value's DOM wrapper, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code, as demonstrated by use of a data: URL. bindings/scripts/v8_types.py en Blink, utilizado en Google Chrome anterior a 43.0.2357.130, no selecciona correctamente un contexto de la creación para el envoltorio DOM de un valor de retorno, lo que permite a atacan... • http://googlechromereleases.blogspot.com/2015/06/chrome-stable-update.html • CWE-254: 7PK - Security Features •