CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-5161 – Google Chrome StylePropertySerializer Type Confusion Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-5161
The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles custom properties, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that leverages "type confusion" in the StylePropertySerializer class. La función EditingStyle::mergeStyle en WebKit/Source/core/editing/EditingStyle.cpp en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 53.0.2785.89 en Windows y SO X y en versiones anteriores a 53.0.2785.92 en Linux, maneja incorrectamente propiedades del cliente, lo cual permite a atacantes remotos provocar una denegación de servicio o tener otro posible impacto no especificado a través de un sitio web manipulado que aprovecha "tipo de confusión" en la clase StylePropertySerializer. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the StylePropertySerializer class. By manipulating a document's elements an attacker can trigger a type confusion condition. • http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html http://rhn.redhat.com/errata/RHSA-2016-1854.html http://www.debian.org/security/2016/dsa-3660 http://www.securityfocus.com/bid/92717 http://www.securitytracker.com/id/1036729 http://zerodayinitiative.com • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5142 – chromium-browser: Use-after-free in Blink
https://notcve.org/view.php?id=CVE-2016-5142
The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code, related to NormalizeAlgorithm.cpp and SubtleCrypto.cpp. La implementación Web Cryptography API (también conocido como WebCrypto) en Blink, como se usa en Google Chrome en versiones anteriores a 52.0.2743.116, no copia adecuadamente búfers de datos, lo que permite a atacantes remotos provocar una denegación de servicio (uso después de liberación) o posiblemente tener otro impacto no especificado a través de código JavaScript manipulado, relacionado con NormalizeAlgorithm.cpp y SubtleCrypto.cpp. • http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00006.html http://rhn.redhat.com/errata/RHSA-2016-1580.html http://www.debian.org/security/2016/dsa-3645 http://www.securityfocus.com/bid/92276 http://www.securitytracker.com/id/1036547 https://codereview.chromium.org/2141843002 https://crbug.com/626948 https:// • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5146 – chromium-browser: various fixes from internal audits
https://notcve.org/view.php?id=CVE-2016-5146
Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 52.0.2743.116 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00006.html http://rhn.redhat.com/errata/RHSA-2016-1580.html http://www.debian.org/security/2016/dsa-3645 http://www.securityfocus.com/bid/92276 http://www.securitytracker.com/id/1036547 https://crbug.com/620277 https://crbug.com/620766 https://crbug.com/63 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5144 – chromium-browser: Parameter sanitization failure in DevTools
https://notcve.org/view.php?id=CVE-2016-5144
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different vulnerability than CVE-2016-5143. El subsistema Developer Tools (también conocido como DevTools) en Blink, como se usa en Google Chrome en versiones anteriores a 52.0.2743.116, no maneja correctamente el nombre de host de la ruta de escritura, el parámetro remoteBase y el parámetro remoteFrontendUrl, lo que permite a atacantes remotos eludir restricciones de acceso intencionadas a través de URL manipulada, una vulnerabilidad diferente a CVE-2016-5143. • http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00006.html http://rhn.redhat.com/errata/RHSA-2016-1580.html http://www.debian.org/security/2016/dsa-3645 http://www.securityfocus.com/bid/92276 http://www.securitytracker.com/id/1036547 https://codereview.chromium.org/2065823004 https://crbug.com/618333 https:// • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5141 – chromium-browser: Address bar spoofing
https://notcve.org/view.php?id=CVE-2016-5141
Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.cpp and ScopedPageLoadDeferrer.cpp. Blink, como se usa en Google Chrome en versiones anteriores a 52.0.2743.116, permite a atacantes remotos suplantar la barra de direcciones a través de vectores involucrando una URL provisional para un documento inicialmente vació, relacionado con FrameLoader.cpp y ScopedPageLoadDeferrer.cpp. • http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00006.html http://rhn.redhat.com/errata/RHSA-2016-1580.html http://www.debian.org/security/2016/dsa-3645 http://www.securityfocus.com/bid/92276 http://www.securitytracker.com/id/1036547 https://codereview.chromium.org/2171063002 https://crbug.com/629542 https:// • CWE-20: Improper Input Validation •