CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5225 – chromium-browser: csp bypass in blink
https://notcve.org/view.php?id=CVE-2016-5225
Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled form actions, which allowed a remote attacker to bypass Content Security Policy via a crafted HTML page. Blink en Google Chrome anterior a 55.0.2883.75 para Mac, Windows y Linux y 55.0.2883.84 para Android manejó incorrectamente acciones de formularios, lo que permitió a un atacante remoto eludir la Content Security Policy a través de una página HTML manipulada. • http://rhn.redhat.com/errata/RHSA-2016-2919.html http://www.securityfocus.com/bid/94633 https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html https://crbug.com/630332 https://security.gentoo.org/glsa/201612-11 https://access.redhat.com/security/cve/CVE-2016-5225 https://bugzilla.redhat.com/show_bug.cgi?id=1400877 • CWE-19: Data Processing Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5201 – chromium-browser: info leak in extensions
https://notcve.org/view.php?id=CVE-2016-5201
A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged JavaScript code via a crafted HTML page. Un fuga de privateClass en la API de extensiones en Google Chrome anterior a 54.0.2840.100 para Linux y 54.0.2840.99 para Windows y 54.0.2840.98 para Mac permitió a un atacante remoto acceder a código JavaScript privilegiado a través de una página HTML manipulada. • http://rhn.redhat.com/errata/RHSA-2016-2718.html http://www.securityfocus.com/bid/94196 http://www.securitytracker.com/id/1037273 https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html https://crbug.com/660678 https://security.gentoo.org/glsa/201611-16 https://access.redhat.com/security/cve/CVE-2016-5201 https://bugzilla.redhat.com/show_bug.cgi?id=1393733 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5200 – chromium-browser: out of bounds memory access in v8
https://notcve.org/view.php?id=CVE-2016-5200
V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. V8 en Google Chrome anterior a 54.0.2840.98 para Mac y 54.0.2840.99 para Windows y 54.0.2840.100 para Linux y 55.0.2883.84 para Android aplica incorrectamente reglas de tipo, lo que permite a atacantes remotos explotar potencialmente una corrupción de memoria a través de una página HTML manipulada. • http://rhn.redhat.com/errata/RHSA-2016-2718.html http://www.securityfocus.com/bid/94196 http://www.securitytracker.com/id/1037273 https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html https://crbug.com/658114 https://security.gentoo.org/glsa/201611-16 https://access.redhat.com/security/cve/CVE-2016-5200 https://bugzilla.redhat.com/show_bug.cgi?id=1393732 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2016-5202 – chromium-browser: various fixes from internal audits
https://notcve.org/view.php?id=CVE-2016-5202
browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy. El archivo browser/extensions/api/dial/dial_registry.cc en Google Chrome versiones anteriores a 54.0.2840.98 en macOS, versiones anteriores a 54.0.2840.99 en Windows y versiones anteriores a 54.0.2840.100 en Linux, no copia un ID de dispositivo antes de una llamada de erase(), lo que causa la operación de borrado para acceder a los datos que esa operación de borrado destruirá. • http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00029.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5202 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-5202 https://security-tracker.debian.org/tracker/CVE-2016-5202 https://access.redhat.com/security/cve/CVE-2016-5202 https://bugzilla.redhat.com/show_bug.cgi?id=1393734 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5199 – chromium-browser: heap corruption in ffmpeg
https://notcve.org/view.php?id=CVE-2016-5199
An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Un error por un paso resultando en una asignación de tamaño cero en FFmpeg en Google Chrome anterior a 54.0.2840.98 para Mac y 54.0.2840.99 para Windows y 54.0.2840.100 para Linux y 55.0.2883.84 para Android permitió a un atacante remoto explotar potencialmente una corrupción de memoria a través de un archivo de vídeo manipulado. • http://rhn.redhat.com/errata/RHSA-2016-2718.html http://www.securityfocus.com/bid/94196 http://www.securitytracker.com/id/1037273 https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html https://crbug.com/643948 https://security.gentoo.org/glsa/201611-16 https://access.redhat.com/security/cve/CVE-2016-5199 https://bugzilla.redhat.com/show_bug.cgi?id=1393731 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •