CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2016-5202 – chromium-browser: various fixes from internal audits
https://notcve.org/view.php?id=CVE-2016-5202
browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy. El archivo browser/extensions/api/dial/dial_registry.cc en Google Chrome versiones anteriores a 54.0.2840.98 en macOS, versiones anteriores a 54.0.2840.99 en Windows y versiones anteriores a 54.0.2840.100 en Linux, no copia un ID de dispositivo antes de una llamada de erase(), lo que causa la operación de borrado para acceder a los datos que esa operación de borrado destruirá. • http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00029.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5202 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-5202 https://security-tracker.debian.org/tracker/CVE-2016-5202 https://access.redhat.com/security/cve/CVE-2016-5202 https://bugzilla.redhat.com/show_bug.cgi?id=1393734 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 46%CPEs: 10EXPL: 1CVE-2016-5198 – Google Chromium V8 Out-of-Bounds Memory Vulnerability
https://notcve.org/view.php?id=CVE-2016-5198
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page. V8 en Google Chrome anterior a 54.0.2840.90 para Linux y 54.0.2840.85 para Android y 54.0.2840.87 para Windows y Mac incluyeron asunciones de optimización incorrectas, lo que permitió a un atacante remoto realizar operaciones de lectura/escritura arbitrarias, conduciendo a la ejecución de código, a través de una página HTML manipulada. Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to perform read/write operations, leading to code execution, via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • http://rhn.redhat.com/errata/RHSA-2016-2672.html http://www.securityfocus.com/bid/94079 http://www.securitytracker.com/id/1037224 https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop.html https://crbug.com/659475 https://access.redhat.com/security/cve/CVE-2016-5198 https://bugzilla.redhat.com/show_bug.cgi?id=1391356 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5183 – chromium-browser: use after free in pdfium
https://notcve.org/view.php?id=CVE-2016-5183
A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files. Un uso después de liberación de memoria en PDFium en Google Chrome en versiones previas a 54.0.2840.59 para Windows, Mac y Linux; 54.0.2840.85 para Android permite a un atacante remoto explotar potencialmente una corrupción de memoria a través de archivos PDF manipulados. • http://rhn.redhat.com/errata/RHSA-2016-2067.html http://www.securityfocus.com/bid/93528 https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html https://codereview.chromium.org/2338893002 https://crbug.com/645122 https://security.gentoo.org/glsa/201610-09 https://access.redhat.com/security/cve/CVE-2016-5183 https://bugzilla.redhat.com/show_bug.cgi?id=1384349 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5193 – chromium-browser: scheme bypass
https://notcve.org/view.php?id=CVE-2016-5193
Google Chrome prior to 54.0 for iOS had insufficient validation of URLs for windows open by DOM, which allowed a remote attacker to bypass restrictions on navigation to certain URL schemes via crafted HTML pages. Google Chrome en versiones previas a 54.0 para iOS tiene una validación insuficiente de URLs para windows en ventanas abiertas por DOM, lo que permite a un atacante remoto eludir restricciones de navegación a ciertos esquemas de URL a través de páginas HTML manipuladas. • http://rhn.redhat.com/errata/RHSA-2016-2067.html http://www.securityfocus.com/bid/93528 https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html https://crbug.com/639658 https://security.gentoo.org/glsa/201610-09 https://access.redhat.com/security/cve/CVE-2016-5193 https://bugzilla.redhat.com/show_bug.cgi?id=1384364 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5182 – chromium-browser: heap overflow in blink
https://notcve.org/view.php?id=CVE-2016-5182
Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages. Blink en Google Chrome en versiones previas a 54.0.2840.59 para Windows, Mac y Linux; 54.0.2840.85 para Android tiene una validación insuficiente en el manejo de bitmap, lo que permite a un atacante remoto explotar potencialmente una corrupción de memoria a través de páginas HTML manipuladas. • http://rhn.redhat.com/errata/RHSA-2016-2067.html http://www.securityfocus.com/bid/93528 https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html https://crbug.com/638615 https://security.gentoo.org/glsa/201610-09 https://access.redhat.com/security/cve/CVE-2016-5182 https://bugzilla.redhat.com/show_bug.cgi?id=1384348 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •