CVE-2015-1285 – chromium-browser: Information leak in XSS auditor.
https://notcve.org/view.php?id=CVE-2015-1285
The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-time attack. Vulnerabilidad en la función XSSAuditor::canonicalize en core/html/parser/XSSAuditor.cpp en el auditor XSS en Blink, usado en Google Chrome en versiones anteriores a la 44.0.2403.89, no elige correctamente un punto de truncado, lo cual hace más fácil que atacantes remotos obtengan información sensible a través de un ataque de tiempo lineal no especificado. • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html http://rhn.redhat.com/errata/RHSA-2015-1499.html http://www.debian.org/security/2015/dsa-3315 http://www.securityfocus.com/bid/75973 http://www.securitytracker.com/id/1033031 https://code.google.com/p/chromium/issues/detail?id=498982 https://security.gentoo.org/glsa/201603-09 https://src.chromium.org/viewvc/blink?revision=196971&am • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-1288 – chromium-browser: Spell checking dictionaries fetched over HTTP in unspecified
https://notcve.org/view.php?id=CVE-2015-1288
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issue to CVE-2015-1263. Vulnerabilidad en la implementación de Spellcheck API en Google Chrome en versiones anteriores a la 44.0.2403.89, no usa una sesión HTTPS para la descarga de un diccionario Hunspell, lo cual permite realizar ataques de man-in-the-middle empleados para ofrecer sugerencias de ortografía incorrectas o posiblemente tener otro impacto no especificado a través de archivos manipulados, un tema relacionado con CVE-2015-1263. • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html http://rhn.redhat.com/errata/RHSA-2015-1499.html http://www.debian.org/security/2015/dsa-3315 http://www.securityfocus.com/bid/75973 http://www.securitytracker.com/id/1033031 https://code.google.com/p/chromium/issues/detail?id=479162 https://codereview.chromium.org/1056103005 https://security.gentoo.org/glsa/201603-09 https:// • CWE-17: DEPRECATED: Code •
CVE-2015-1280 – chromium-browser: Memory corruption in skia
https://notcve.org/view.php?id=CVE-2015-1280
SkPictureShader.cpp in Skia, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging access to a renderer process and providing crafted serialized data. Vulnerabilidad en SkPictureShader.cpp de Skia usado en Google Chrome en versiones anteriores a la 44.0.2403.89. Permite a atacantes remotos causar una denegación de servicio mediante la corrupción de memoria o posiblemente tener otro impacto no especificado al aprovechar el acceso al intérprete de procesos y proporcionar datos serializados manipulados. • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html http://rhn.redhat.com/errata/RHSA-2015-1499.html http://www.debian.org/security/2015/dsa-3315 http://www.securityfocus.com/bid/75973 http://www.securitytracker.com/id/1033031 https://code.google.com/p/chromium/issues/detail?id=486947 https://codereview.chromium.org/1151663002 https://security.gentoo.org/glsa/201603-09 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-1287 – chromium-browser: SOP bypass with CSS in unspecified
https://notcve.org/view.php?id=CVE-2015-1287
Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to core/fetch/CSSStyleSheetResource.cpp. Vulnerabilidad en Blink implementado en Google Chrome en versiones anteriores a la 44.0.2403.89, habilita una excepción en el quirks-mode que limita los casos en los que un documento Cascading Style Sheets (CSS) es requerido para obtener el tipo de contenido text/css, lo cual permite a atacantes remotos eludir la política del mismo origen a través de un sitio web manipulado, relacionado con core/fetch/CSSStyleSheetResource.cpp. • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html http://rhn.redhat.com/errata/RHSA-2015-1499.html http://www.debian.org/security/2015/dsa-3315 http://www.securityfocus.com/bid/75973 http://www.securitytracker.com/id/1033031 https://code.google.com/p/chromium/issues/detail?id=419383 https://security.gentoo.org/glsa/201603-09 https://src.chromium.org/viewvc/blink?revision=195266&am • CWE-17: DEPRECATED: Code •
CVE-2015-1272 – chromium-browser: Use-after-free related to unexpected GPU process termination in unspecified
https://notcve.org/view.php?id=CVE-2015-1272
Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown, related to content/browser/gpu/browser_gpu_channel_host_factory.cc and content/renderer/render_thread_impl.cc. Vulnerabilidad de uso después de liberación de memoria en la implementación de procesos de la GPU en Google Chrome en versiones anteriores a la 44.0.2403.89, permitiendo a atacantes remotos causar una denegación de servicio, o posiblemente tener otro impacto no especificado mediante el aprovechamiento de la disponibilidad permanente de la estructura de datos GPUChannelHost durante el Blink shutdown. Error relacionado con content/browser/gpu/browser_gpu_channel_host_factory.cc y content/renderer/render_thread_impl.cc. • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html http://rhn.redhat.com/errata/RHSA-2015-1499.html http://www.debian.org/security/2015/dsa-3315 http://www.securityfocus.com/bid/75973 http://www.securitytracker.com/id/1033031 https://code.google.com/p/chromium/issues/detail?id=451456 https://codereview.chromium.org/1128233004 https://codereview.chromium.org/867553003 https://security • CWE-416: Use After Free •