NotCVE - vendor:"Google" product:"Chrome" version:"4.0.223.2"

Page 384 of 3300 results (0.011 seconds)

CVSS: 8.8EPSS: 1%CPEs: 9EXPL: 0

CVE-2017-5056 – chromium-browser: use after free in blink

https://notcve.org/view.php?id=CVE-2017-5056

A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Un uso de memoria previamente liberada en Blink en Google Chrome, en versiones anteriores a la 57.0.2987.133 para Linux, Windows y Mac y a la 57.0.2987.132 para Android, permitía que un atacante remoto realizase una lectura de memoria fuera de límites mediante una página HTML manipulada. • http://www.securityfocus.com/bid/97220 http://www.securitytracker.com/id/1038623 https://access.redhat.com/errata/RHSA-2017:0860 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop_29.html https://crbug.com/705445 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5056 https://bugzilla.redhat.com/show_bug.cgi?id=1437352 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2017-5052 – chromium-browser: bad cast in blink

https://notcve.org/view.php?id=CVE-2017-5052

An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting. Una hipótesis incorrecta sobre la estructura en bloques en Blink en Google Chrome, en versiones anteriores a la 57.0.2987.133 para Mac, Windows y Linux y a la versión 57.0.2987.132 para Android, permitía que un atacante remoto pudiese explotar una corrupción de memoria mediante una página HTML manipulada que desencadena un envío incorrecto. • http://www.securityfocus.com/bid/97220 https://access.redhat.com/errata/RHSA-2017:0860 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop_29.html https://crbug.com/662767 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5052 https://bugzilla.redhat.com/show_bug.cgi?id=1437351 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2017-5054 – chromium-browser: heap buffer overflow in v8

https://notcve.org/view.php?id=CVE-2017-5054

An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page. Una lectura fuera de límites en V8 en Google Chrome, en versiones anteriores a la 57.0.2987.133 para Linux, Windows y Mac y a la 57.0.2987.132 para Android, permitía que un atacante remoto obtenga el contenido de la memoria dinámica (heap) mediante una página HTML manipulada. • http://www.securityfocus.com/bid/97220 https://access.redhat.com/errata/RHSA-2017:0860 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop_29.html https://crbug.com/699166 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5054 https://bugzilla.redhat.com/show_bug.cgi?id=1437350 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2017-5034 – chromium-browser: use after free in pdfium

https://notcve.org/view.php?id=CVE-2017-5034

A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. Un uso después de liberación en PDFium de Google Chrome versiones anteriores a 57.0.2987.98 para Linux y Windows, permitiría a un usuario remoto leer la memoria fuera de límites a través de un fichero PDF especialmente diseñado. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/678461 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5034 https://bugzilla.redhat.com/show_bug.cgi?id=1431034 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0

CVE-2017-5045 – chromium-browser: information disclosure in xss auditor

https://notcve.org/view.php?id=CVE-2017-5045

XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page. XSS Auditor de Google Chrome versiones anteriores a 57.0.2987.98 para Mac, Windows y Linux y versión 57.0.2987.108 para Android permiten la detección de la carga de un iframe bloqueado lo que permitiría a un atacante remoto conocer los nombre de variable de JavaScript mediante un ataque de fuerza bruta usando una página HTML especialmente diseñada. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/667079 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5045 https://bugzilla.redhat.com/show_bug.cgi?id=1431047 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...382 383 384 385 386