CVE-2017-5033 – chromium-browser: bypass of content security policy in blink
https://notcve.org/view.php?id=CVE-2017-5033
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword. Blink en Google Chrome, en versiones anteriores a la 57.0.2987.98 para Mac, Windows y Linux y 57.0.2987.108 para Android, no propagaba correctamente las restricciones CSP a las páginas de temas locales, lo que permitía que un atacante remoto omitiese la política de seguridad de contenido (CSP) mediante una página HTML manipulada. Esto está relacionado con la palabra clave de unsafe-inline. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/669086 https://security.gentoo.org/glsa/201704-02 https://twitter.com/Ma7h1as/status/907641276434063361 https://access.redhat.com/security/cve/CVE-2017-5033 https://bugzilla.redhat.com/show_bug.cgi?id=1431042 • CWE-281: Improper Preservation of Permissions •
CVE-2017-5043 – chromium-browser: use after free in guestview
https://notcve.org/view.php?id=CVE-2017-5043
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. Chrome Apps de Google Chrome versiones anteriores a 57.0.2987.98 para Linux, Windows y Mac, debido a un fallo de uso después de liberación en GuestView, permitiría a un atacante remoto leer la memoria fuera de los límites a través de una extensión de Chrome especialmente diseñada. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/683523 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5043 https://bugzilla.redhat.com/show_bug.cgi?id=1431045 • CWE-416: Use After Free •
CVE-2017-5046 – chromium-browser: information disclosure in blink
https://notcve.org/view.php?id=CVE-2017-5046
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure. V8 de Google Chrome en versiones anteriores a 57.0.2987.98 para Mac, Windows y Linux y versión 57.0.2987.108 para Android tiene una aplicación de política insuficiente lo que permitiría a un atacante remoto falsear el objeto de ubicación a través de una página HTML especialmente diseñada. Relacionada con la revelación de información de Blink. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/680409 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5046 https://bugzilla.redhat.com/show_bug.cgi?id=1431048 •
CVE-2017-5045 – chromium-browser: information disclosure in xss auditor
https://notcve.org/view.php?id=CVE-2017-5045
XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page. XSS Auditor de Google Chrome versiones anteriores a 57.0.2987.98 para Mac, Windows y Linux y versión 57.0.2987.108 para Android permiten la detección de la carga de un iframe bloqueado lo que permitiría a un atacante remoto conocer los nombre de variable de JavaScript mediante un ataque de fuerza bruta usando una página HTML especialmente diseñada. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/667079 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5045 https://bugzilla.redhat.com/show_bug.cgi?id=1431047 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-5038 – chromium-browser: use after free in guestview
https://notcve.org/view.php?id=CVE-2017-5038
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. Chrome Apps de Google Chrome versiones anteriores a 57.0.2987.98 para Linux, Windows y Mac, debido a un fallo de uso después de liberación en GuestView, permitiría a un atacante remoto leer la memoria fuera de los límites a través de una extensión de Chrome especialmente diseñada. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/695476 https://security.gentoo.org/glsa/201704-02 https://access.redhat.com/security/cve/CVE-2017-5038 https://bugzilla.redhat.com/show_bug.cgi?id=1431044 • CWE-416: Use After Free •