CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1666 – chromium-browser: various fixes from internal audits
https://notcve.org/view.php?id=CVE-2016-1666
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 50.0.2661.94 permiten a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html http://rhn.redhat.com/errata/RHSA-2016-0707.html http://www.debian.org/security/2016/dsa-3564 http://www.securityfocus.co •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1665 – chromium-browser: information leak in v8
https://notcve.org/view.php?id=CVE-2016-1665
The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code. La clase JSGenericLowering en compiler/js-generic-lowering.cc en Google V8, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no maneja correctamente los operadores de comparación, lo que permite a atacantes remotos obtener información sensible a través de código JavaScript manipulado. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html http://rhn.redhat.com/errata/RHSA-2016-0707.html http://www.debian.org/security/2016/dsa-3564 http://www.securityfocus.co • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1660 – chromium-browser: out-of-bounds write in blink
https://notcve.org/view.php?id=CVE-2016-1660
Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site. Blink, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no maneja correctamente las aserciones en las clases WTF::BitArray y WTF::double_conversion::Vector, lo que permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites) o posiblemente tener otro impacto no especificado a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html http://rhn.redhat.com/errata/RHSA-2016-0707.html http://www.debian.org/security/2016/dsa-3564 http://www.securityfocus.co • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1663 – chromium-browser: use-after-free in blink's v8 bindings
https://notcve.org/view.php?id=CVE-2016-1663
The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site. La función SerializedScriptValue::transferArrayBuffers en WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp en los enlaces V8 en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no maneja correctamente determinadas estructuras de datos array-buffer, lo que permite a atacantes remotos provocar una denegación de servicio (uso después de liberación de memoria) o posiblemente tener otro impacto no especificado a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html http://rhn.redhat.com/errata/RHSA-2016-0707.html http://www.debian.org/security/2016/dsa-3564 http://www.securityfocus.co •
CVSS: 8.3EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1661 – chromium-browser: memory corruption in cross-process frames
https://notcve.org/view.php?id=CVE-2016-1661
Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp. Blink, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no asegura que los marcos satisfagan una comprobación para el mismo proceso de renderización en adición a una comprobación de la Same Origin Policy, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) o posiblemente tener otro impacto no especificado a través de sitio web manipulado, relacionado con BindingSecurity.cpp y DOMWindow.cpp. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html http://rhn.redhat.com/errata/RHSA-2016-0707.html http://www.debian.org/security/2016/dsa-3564 http://www.securityfocus.co • CWE-20: Improper Input Validation •