CVE-2017-15408 – chromium-browser: heap buffer overflow in pdfium
https://notcve.org/view.php?id=CVE-2017-15408
Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium. Un desbordamiento de búfer basado en memoria dinámica (heap) en Omnibox en Google Chrome en versiones anteriores a la 63.0.3239.84 permitía que un atacante remoto pudiese explotar una corrupción de heap mediante un archivo PDF manipulado que es gestionado erróneamente por PDFium. • https://access.redhat.com/errata/RHSA-2017:3401 https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html https://crbug.com/762374 https://security.gentoo.org/glsa/201801-03 https://www.debian.org/security/2017/dsa-4064 https://access.redhat.com/security/cve/CVE-2017-15408 https://bugzilla.redhat.com/show_bug.cgi?id=1523124 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-15412 – libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c
https://notcve.org/view.php?id=CVE-2017-15412
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Uso de memoria previamente liberada en libxml2 en versiones anteriores a la 2.9.5, tal y como se emplea en Google Chrome en versiones anteriores a la 63.0.3239.84 y otros productos, permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file. • http://www.securitytracker.com/id/1040348 https://access.redhat.com/errata/RHSA-2017:3401 https://access.redhat.com/errata/RHSA-2018:0287 https://bugzilla.gnome.org/show_bug.cgi?id=783160 https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html https://crbug.com/727039 https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html https://security.gentoo.org/glsa/201801-03 https://www.debian.org/security/2018/dsa-4086 https://access.redhat. • CWE-416: Use After Free •
CVE-2017-15419 – chromium-browser: cross origin leak of redirect url in blink
https://notcve.org/view.php?id=CVE-2017-15419
Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page. Aplicación de políticas insuficiente en Resource Timing API in Google Chrome en versiones anteriores a la 63.0.3239.84 permitía que un atacante remoto dedujese el historial de navegación desencadenando una URL cross-origin filtrada mediante una página HTML manipulada. • https://access.redhat.com/errata/RHSA-2017:3401 https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html https://crbug.com/780312 https://security.gentoo.org/glsa/201801-03 https://www.debian.org/security/2017/dsa-4064 https://access.redhat.com/security/cve/CVE-2017-15419 https://bugzilla.redhat.com/show_bug.cgi?id=1523134 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2017-15398 – chromium-browser: stack buffer overflow in quic
https://notcve.org/view.php?id=CVE-2017-15398
A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server. Un desbordamiento de búfer basado en pila en la pila de networking QUIC en Google Chrome en versiones anteriores a la 62.0.3202.89 permitía que un atacante remoto pudiese ejecutar código mediante un servidor malicioso. • http://www.securityfocus.com/bid/101692 https://access.redhat.com/errata/RHSA-2017:3151 https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop.html https://crbug.com/777728 https://security.gentoo.org/glsa/201711-02 https://www.debian.org/security/2017/dsa-4024 https://access.redhat.com/security/cve/CVE-2017-15398 https://bugzilla.redhat.com/show_bug.cgi?id=1510429 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-15399 – chromium-browser: use after free in v8
https://notcve.org/view.php?id=CVE-2017-15399
A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en V8 en Google Chrome en versiones anteriores a la 62.0.3202.89 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. • http://www.securityfocus.com/bid/101692 https://access.redhat.com/errata/RHSA-2017:3151 https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop.html https://crbug.com/776677 https://security.gentoo.org/glsa/201711-02 https://www.debian.org/security/2017/dsa-4024 https://access.redhat.com/security/cve/CVE-2017-15399 https://bugzilla.redhat.com/show_bug.cgi?id=1510431 • CWE-416: Use After Free •