CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2016-5177 – chromium-browser: use after free in v8
https://notcve.org/view.php?id=CVE-2016-5177
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de linberación en V8 en Google Chrome anterior a la versión 53.0.2785.143, permite a atacantes remotos provocar una denegación de servicio (bloqueo) o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-updates/2016-10/msg00000.html http://lists.opensuse.org/opensuse-updates/2016-10/msg00001.html http://rhn.redhat.com/errata/RHSA-2016-2007.html http://www.debian.org/security/2016/dsa-3683 http://www.securityfocus.com/bid/93238 http://www.securitytracker.com/id/1036970 https://bugzilla.redhat.com/show_bug.cgi?id=1380631 https://chromereleases.googleblog.com/2016/09/stable-channel-update-for-desktop_29.html https://lists.fedoraproject.org/archives/ • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5176 – chromium-browser: SafeBrowsing protection mechanism bypass
https://notcve.org/view.php?id=CVE-2016-5176
Google Chrome before 53.0.2785.113 allows remote attackers to bypass the SafeBrowsing protection mechanism via unspecified vectors. Google Chrome en versiones anteriores a 53.0.2785.113 permite a atacantes remotos eludir el mecanismo de protección SafeBrowsing a través de vectores no especificados. • http://rhn.redhat.com/errata/RHSA-2016-1905.html http://www.securityfocus.com/bid/93234 https://crbug.com/595838 https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html https://access.redhat.com/security/cve/CVE-2016-5176 https://bugzilla.redhat.com/show_bug.cgi?id=1380331 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-7549 – chromium-browser: DoS via invalid recipient of IPC message
https://notcve.org/view.php?id=CVE-2016-7549
Google Chrome before 53.0.2785.113 does not ensure that the recipient of a certain IPC message is a valid RenderFrame or RenderWidget, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) or possibly have unspecified other impact by leveraging access to a renderer process, related to render_frame_host_impl.cc and render_widget_host_impl.cc, as demonstrated by a Password Manager message. Google Chrome en versiones anteriores a 53.0.2785.113 no asegura que el destinatario de cierto mensaje IPC es un RenderFrame o RenderWidget válido, lo que permite a atacantes remotos provocar una denegación de servicio (referencia a puntero no válido y caída de aplicación) o tener otro posible impacto no especificado aprovechando el acceso a un proceso de renderización, relacionado con render_frame_host_impl.cc y render_widget_host_impl.cc, como se demuestra por un mensaje Password Manager. • http://rhn.redhat.com/errata/RHSA-2016-1905.html http://www.securityfocus.com/bid/93160 https://codereview.chromium.org/1534933002 https://crbug.com/556351 https://crbug.com/646394 https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html https://access.redhat.com/security/cve/CVE-2016-7549 https://bugzilla.redhat.com/show_bug.cgi?id=1380301 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5173 – chromium-browser: extension resource access
https://notcve.org/view.php?id=CVE-2016-5173
The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trigger unintended JavaScript function calls and bypass the Same Origin Policy via an indirect interception attack. El subsistema de extensiones en Google Chrome en versiones anteriores a 53.0.2785.113 no restringe adecuadamente el acceso a Object.prototype, lo que permite a atacantes remotos cargar recursos no intencionados y consecuentemente desencadenar llamas de función JavaScript no intencionadas y eludir la Same Origin Policy a través de un ataque de interceptación indirecto. • http://rhn.redhat.com/errata/RHSA-2016-1905.html http://www.debian.org/security/2016/dsa-3667 http://www.securityfocus.com/bid/92942 http://www.securitytracker.com/id/1036826 https://codereview.chromium.org/1840453002 https://crbug.com/468931 https://crbug.com/471523 https://crbug.com/497507 https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html https://security.gentoo.org/glsa/201610-09 https://access.redhat.com/security/cve/CVE-2016&# • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5170 – chromium-browser: use after free in blink
https://notcve.org/view.php?id=CVE-2016-5170
WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Indexed Database (aka IndexedDB) API calls. WebKit/Source/bendengs/modules/v8/V8BendengForModules.cpp en Blink, como se usa en Google Chrome en versiones anteriores a 53.0.2785.113, no considera correctamente los efectos secundarios de los captadores durante la conversión de clave del array, lo que permite a atacantes remotos provocar una denegación de servicio (uso después de liberación de memoria) o tener otro posible impacto no especificado a través de llamadas API Indexed Database (también conocido como IndexedDB). • http://rhn.redhat.com/errata/RHSA-2016-1905.html http://www.debian.org/security/2016/dsa-3667 http://www.securityfocus.com/bid/92942 http://www.securitytracker.com/id/1036826 https://codereview.chromium.org/2332003002 https://crbug.com/641101 https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html https://security.gentoo.org/glsa/201610-09 https://access.redhat.com/security/cve/CVE-2016-5170 https://bugzilla.redhat.com/show_bug.cgi?id=13758 • CWE-416: Use After Free •