CVE-2017-5052 – chromium-browser: bad cast in blink
https://notcve.org/view.php?id=CVE-2017-5052
An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting. Una hipótesis incorrecta sobre la estructura en bloques en Blink en Google Chrome, en versiones anteriores a la 57.0.2987.133 para Mac, Windows y Linux y a la versión 57.0.2987.132 para Android, permitía que un atacante remoto pudiese explotar una corrupción de memoria mediante una página HTML manipulada que desencadena un envío incorrecto. • http://www.securityfocus.com/bid/97220 https://access.redhat.com/errata/RHSA-2017:0860 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop_29.html https://crbug.com/662767 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5052 https://bugzilla.redhat.com/show_bug.cgi?id=1437351 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-5055 – chromium-browser: use after free in printing
https://notcve.org/view.php?id=CVE-2017-5055
A use after free in printing in Google Chrome prior to 57.0.2987.133 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Un uso de memoria previamente liberada en printing en Google Chrome, en versiones anteriores a la 57.0.2987.133 para Linux y Windows, permitía que un atacante remoto realizase una lectura de memoria fuera de límites mediante una página HTML manipulada. • http://www.securityfocus.com/bid/97221 https://access.redhat.com/errata/RHSA-2017:0860 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop_29.html https://crbug.com/698622 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5055 https://bugzilla.redhat.com/show_bug.cgi?id=1437348 • CWE-125: Out-of-bounds Read CWE-416: Use After Free •
CVE-2017-5031 – chromium-browser: use after free in angle
https://notcve.org/view.php?id=CVE-2017-5031
A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Un uso después de su liberación de ANGLE en Google Chrome anteriores a 57.0.2987.98 para Windows permitió a un atacante remoto realizar una lectura de memoria fuera de límites a través de una página HTML diseñada especialmente. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 http://www.securityfocus.com/bid/98326 https://bugzilla.mozilla.org/show_bug.cgi?id=1328762 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/682020 https://security.gentoo.org/glsa/201704-02 https://www.mozilla.org/security/advisories/mfsa2017-14 https://access.redhat.com/security/cve/CVE • CWE-416: Use After Free •
CVE-2017-5034 – chromium-browser: use after free in pdfium
https://notcve.org/view.php?id=CVE-2017-5034
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. Un uso después de liberación en PDFium de Google Chrome versiones anteriores a 57.0.2987.98 para Linux y Windows, permitiría a un usuario remoto leer la memoria fuera de límites a través de un fichero PDF especialmente diseñado. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/678461 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5034 https://bugzilla.redhat.com/show_bug.cgi?id=1431034 • CWE-416: Use After Free •
CVE-2017-5029 – chromium-browser: integer overflow in libxslt
https://notcve.org/view.php?id=CVE-2017-5029
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. La función xsltAddTextString en transform.c en libxslt 1.1.29, tal como se utiliza en Blink en Google Chrome anteriores a 57.0.2987.98 para Mac, Windows y Linux y 57.0.2987.108 para Android, carecía de una comprobación de desbordamiento de entero durante un cálculo de tamaño, lo que permite a un atacante remoto realizar una escritura de memoria fuera de límites a través de una página HTML diseñada. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 http://www.securitytracker.com/id/1038157 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/676623 https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5 https://access.redhat.com/security/cve/CVE-2017-5029 https://bugzilla.redhat.com/show_bug.cgi?id=1431033 • CWE-787: Out-of-bounds Write •