CVSS: 8.8EPSS: 1%CPEs: 9EXPL: 0CVE-2017-5057 – chromium-browser: type confusion in pdfium
https://notcve.org/view.php?id=CVE-2017-5057
Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. Verificaciones insuficientes de consistencia en la manipulación de firmas en la pila de red en Google Chrome, en versiones anteriores a la 58.0.3029.81 para Mac, Windows y Linux y a la 58.0.3029.83 para Android, permitían que un atacante remoto aceptase un certificado X.509 mal formado mediante una página HTML manipulada. • http://www.securityfocus.com/bid/97939 http://www.securitytracker.com/id/1038317 https://access.redhat.com/errata/RHSA-2017:1124 https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html https://crbug.com/695826 https://security.gentoo.org/glsa/201705-02 https://access.redhat.com/security/cve/CVE-2017-5057 https://bugzilla.redhat.com/show_bug.cgi?id=1443835 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2017-5064 – chromium-browser: use after free in blink
https://notcve.org/view.php?id=CVE-2017-5064
Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una gestión incorrecta de cambios de DOM en Blink en Google Chrome, en versiones anteriores a la 58.0.3029.81 para Windows, permitía que un atacante remoto explotase una corrupción de la memoria dinámica (heap) mediante una página HTML manipulada. • http://www.securityfocus.com/bid/97939 http://www.securitytracker.com/id/1038317 https://access.redhat.com/errata/RHSA-2017:1124 https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html https://crbug.com/693974 https://security.gentoo.org/glsa/201705-02 https://access.redhat.com/security/cve/CVE-2017-5064 https://bugzilla.redhat.com/show_bug.cgi?id=1443845 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-5061 – chromium-browser: url spoofing in omnibox
https://notcve.org/view.php?id=CVE-2017-5061
A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una condición de carrera en navigation en Google Chrome, en versiones anteriores a la 58.0.3029.81 para Linux, Windows y Mac, permitía que un atacante remoto suplantase el contenido de la Omnibox (barra de direcciones) mediante una página HTML manipulada. • http://www.securityfocus.com/bid/97939 http://www.securitytracker.com/id/1038317 https://access.redhat.com/errata/RHSA-2017:1124 https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html https://crbug.com/672847 https://security.gentoo.org/glsa/201705-02 https://access.redhat.com/security/cve/CVE-2017-5061 https://bugzilla.redhat.com/show_bug.cgi?id=1443839 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-5067 – chromium-browser: url spoofing in omnibox
https://notcve.org/view.php?id=CVE-2017-5067
An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Un temporizador guardián deficiente en navigation en Google Chrome, en versiones anteriores a la 58.0.3029.81 para Linux, Windows y Mac, permitía que un atacante remoto suplantase el contenido de la Omnibox (barra de direcciones) mediante una página HTML manipulada. • http://www.securityfocus.com/bid/97939 http://www.securitytracker.com/id/1038317 https://access.redhat.com/errata/RHSA-2017:1124 https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html https://crbug.com/648117 https://security.gentoo.org/glsa/201705-02 https://access.redhat.com/security/cve/CVE-2017-5067 https://bugzilla.redhat.com/show_bug.cgi?id=1443849 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 16%CPEs: 9EXPL: 0CVE-2017-5059 – Google Chrome List Item Marker Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-5059
Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page. Una confusión de tipos en Blink en Google Chrome, en versiones anteriores a la 58.0.3029.81 para Linux, Windows y Mac y a la 58.0.3029.83 para Android, permitía que un atacante remoto pudiese ejecutar código mediante una página HTML manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of list item markers. It's possible to trigger a type confusion condition by manipulating a document's elements. • http://www.securityfocus.com/bid/97939 http://www.securitytracker.com/id/1038317 https://access.redhat.com/errata/RHSA-2017:1124 https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html https://crbug.com/684684 https://security.gentoo.org/glsa/201705-02 https://access.redhat.com/security/cve/CVE-2017-5059 https://bugzilla.redhat.com/show_bug.cgi?id=1443837 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •