CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5170 – chromium-browser: use after free in blink
https://notcve.org/view.php?id=CVE-2016-5170
WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Indexed Database (aka IndexedDB) API calls. WebKit/Source/bendengs/modules/v8/V8BendengForModules.cpp en Blink, como se usa en Google Chrome en versiones anteriores a 53.0.2785.113, no considera correctamente los efectos secundarios de los captadores durante la conversión de clave del array, lo que permite a atacantes remotos provocar una denegación de servicio (uso después de liberación de memoria) o tener otro posible impacto no especificado a través de llamadas API Indexed Database (también conocido como IndexedDB). • http://rhn.redhat.com/errata/RHSA-2016-1905.html http://www.debian.org/security/2016/dsa-3667 http://www.securityfocus.com/bid/92942 http://www.securitytracker.com/id/1036826 https://codereview.chromium.org/2332003002 https://crbug.com/641101 https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html https://security.gentoo.org/glsa/201610-09 https://access.redhat.com/security/cve/CVE-2016-5170 https://bugzilla.redhat.com/show_bug.cgi?id=13758 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5174 – chromium-browser: popup not correctly suppressed
https://notcve.org/view.php?id=CVE-2016-5174
browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service (unsuppressed popup) via a crafted web site. browser/ui/cocoa/browser_wendow_controller_private.mm en Google Chrome en versiones anteriores a 53.0.2785.113 no procesa peticiones de conmutación a pantalla completa durante una transición a pantalla completa, lo que permite a atacantes remotos provocar una denegación de servicio (venta emergente no suprimida) a través de un sitio web manipulado. • http://rhn.redhat.com/errata/RHSA-2016-1905.html http://www.debian.org/security/2016/dsa-3667 http://www.securityfocus.com/bid/92942 http://www.securitytracker.com/id/1036826 https://codereview.chromium.org/2053343003 https://crbug.com/579934 https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html https://security.gentoo.org/glsa/201610-09 https://access.redhat.com/security/cve/CVE-2016-5174 https://bugzilla.redhat.com/show_bug.cgi?id=13758 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-5172 – chromium-browser: arbitrary memory read in v8
https://notcve.org/view.php?id=CVE-2016-5172
The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code. El analizador en Google V8, como se usa en Google Chrome en versiones anteriores a 53.0.2785.113, no maneja correctamente alcances, lo que permite a atacantes remotos obtener información sensible desde localizaciones de memoria arbitrarias a través de un código JavaScript manipulado. • http://rhn.redhat.com/errata/RHSA-2016-1905.html http://www.debian.org/security/2016/dsa-3667 http://www.securityfocus.com/bid/92942 http://www.securitytracker.com/id/1036826 https://codereview.chromium.org/2077283004 https://crbug.com/616386 https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html https://security.gentoo.org/glsa/201610-09 https://access.redhat.com/security/cve/CVE-2016-5172 https://bugzilla.redhat.com/show_bug.cgi?id=13758 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5175 – chromium-browser: various fixes from internal audits
https://notcve.org/view.php?id=CVE-2016-5175
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.113 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 53.0.2785.113 permite a atacantes provocar una denegación de servicio o tener otro posible impacto no especificado a través de vectores desconocidos. • http://rhn.redhat.com/errata/RHSA-2016-1905.html http://www.debian.org/security/2016/dsa-3667 http://www.securityfocus.com/bid/92942 http://www.securitytracker.com/id/1036826 https://crbug.com/619217 https://crbug.com/638166 https://crbug.com/646394 https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html https://security.gentoo.org/glsa/201610-09 https://access.redhat.com/security/cve/CVE-2016-5175 https://bugzilla.redhat.com/show •
CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 0CVE-2016-5151 – chromium-browser: use after free in pdfium
https://notcve.org/view.php?id=CVE-2016-5151
PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/javascript/JS_Object.cpp and fpdfsdk/javascript/app.cpp. PDFium en Google Chrome en versiones anteriores a 53.0.2785.89 en Windows y SO X y en versiones anteriores a 53.0.2785.92 en Linux no maneja adecuadamente los temporizadores, lo que permite a atacantes remotos provocar una denegación de servicio (uso después de liberación de memoria) o posiblemente tener otro impacto no especificado a través de un documento PDF manipulado, relacionado con fpdfsdk/javascript/JS_Object.cpp y fpdfsdk/javascript/app.cpp. • http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html http://rhn.redhat.com/errata/RHSA-2016-1854.html http://www.debian.org/security/2016/dsa-3660 http://www.securityfocus.com/bid/92717 http://www.securitytracker.com/id/1036729 https://crbug.com/63471 • CWE-416: Use After Free •