CVE-2017-5044 – chromium-browser: heap overflow in skia
https://notcve.org/view.php?id=CVE-2017-5044
Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Un desbordamiento de búfer de memoria dinámica (heap) en el proceso de filtrado en Skia de Google Chrome en versiones anteriores 57.0.2987.98 para Mac, Windows y Linux y versión 57.0.2987.108 para Android, permitirían a un atacante remoto realizar una lectura de memoria fuera de límites a través de una página HTML especialmente diseñada. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/688987 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5044 https://bugzilla.redhat.com/show_bug.cgi?id=1431046 • CWE-787: Out-of-bounds Write •
CVE-2017-5041 – chromium-browser: address spoofing in omnibox
https://notcve.org/view.php?id=CVE-2017-5041
Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote attacker to display incorrect information for a site via a crafted HTML page. Google Chrome versiones anteriores a 57.0.2987.100 gestiona incorrectamente las acciones ir adelante/atrás en la navegación lo que permitiría a un atacante remoto mostrar información incorrecta de un sitio a través de una página HTML especialmente diseñada. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/642490 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5041 https://bugzilla.redhat.com/show_bug.cgi?id=1431041 • CWE-20: Improper Input Validation •
CVE-2017-5040 – chromium-browser: information disclosure in v8
https://notcve.org/view.php?id=CVE-2017-5040
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page. V8 de Google Chrome en versiones anteriores a 57.0.2987.98 para Mac, Windows y Linux y versión 57.0.2987.108 para Android no realiza un chequeo que podría permitir a un atacante remoto leer valores en memoria a través de una página HTML especialmente diseñada. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/691323 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5040 https://bugzilla.redhat.com/show_bug.cgi?id=1431040 •
CVE-2017-5033 – chromium-browser: bypass of content security policy in blink
https://notcve.org/view.php?id=CVE-2017-5033
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword. Blink en Google Chrome, en versiones anteriores a la 57.0.2987.98 para Mac, Windows y Linux y 57.0.2987.108 para Android, no propagaba correctamente las restricciones CSP a las páginas de temas locales, lo que permitía que un atacante remoto omitiese la política de seguridad de contenido (CSP) mediante una página HTML manipulada. Esto está relacionado con la palabra clave de unsafe-inline. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/669086 https://security.gentoo.org/glsa/201704-02 https://twitter.com/Ma7h1as/status/907641276434063361 https://access.redhat.com/security/cve/CVE-2017-5033 https://bugzilla.redhat.com/show_bug.cgi?id=1431042 • CWE-281: Improper Preservation of Permissions •
CVE-2017-5042 – chromium-browser: incorrect handling of cookies in cast
https://notcve.org/view.php?id=CVE-2017-5042
Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent. Cast en Google Chrome versiones anteriores a 57.0.2987.98 para Mac, Windows y Linux y versión 57.0.2987.108 para Android envía cookies a sitios descubiertos a través de SSDP, hecho que permitiría a un atacante en el segmento de red local iniciar conexiones a URLs arbitrarias pudiendo observar en texto plano cualquier cookie enviada. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/671932 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5042 https://bugzilla.redhat.com/show_bug.cgi?id=1431043 • CWE-311: Missing Encryption of Sensitive Data •