CVSS: 9.3EPSS: 2%CPEs: 3EXPL: 0CVE-2016-1648 – chromium-browser: use-after-free in Extensions
https://notcve.org/view.php?id=CVE-2016-1648
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code. Vulnerabilidad de uso después de liberación de memoria en la función GetLoadTimes en renderer/loadtimes_extension_bindings.cc en la implementación de Extensions en Google Chrome en versiones anteriores a 49.0.2623.108 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de código JavaScript manipulado. • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html http://rhn.redhat.com/errata/RHSA-2016-0525.html http://www.debian.org/security/2016/dsa-3531 http://www.securitytracker.com/id/1035423 https://code.google.com/p/chromium/issues/detail?id=5 •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1643 – chromium-browser: type confusion in Blink
https://notcve.org/view.php?id=CVE-2016-1643
The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." La función ImageInputType::ensurePrimaryContent en WebKit/Source/core/html/forms/ImageInputType.cpp en Blink, como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.87, no mantiene adecuadamente el user agent shadow DOM, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que aprovechan "type confusion". • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.html http://www.debian.org/security/2016/dsa-3513 http://www.securityfocus.com/bid/84224 http://www.securitytracker.com/id/1035259 http://www.ubuntu.com/usn/USN-2920-1 https://code.google.com • CWE-361: 7PK - Time and State CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1644 – chromium-browser: use-after-free in Blink
https://notcve.org/view.php?id=CVE-2016-1644
WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted HTML document. WebKit/Source/core/layout/LayoutObject.cpp en Blink, como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.87, no restringe correctamente la planificación de rediseño, lo que permite a atacantes remotos causar una denegación de servicio (uso después de liberación de memoria) o posiblemente tener otro impacto no especificado a través de un documento HTML manipulado. • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.html http://www.debian.org/security/2016/dsa-3513 http://www.securityfocus.com/bid/84224 http://www.securitytracker.com/id/1035259 http://www.ubuntu.com/usn/USN-2920-1 https://code.google.com • CWE-416: Use After Free •
CVSS: 9.3EPSS: 4%CPEs: 6EXPL: 0CVE-2016-1645 – Google Chrome Pdfium JPEG2000 Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1645
Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data. Múltiples errores de entero sin signo en la función opj_j2k_update_image_data en j2k.c en OpenJPEG, como se utiliza en PDFium en Google Chrome en versiones anteriores a 49.0.2623.87, permiten a atacantes remotos causar una denegación de servicio (proyección incorrecta y escritura fuera de rango) o posiblemente tener otro impacto no especificado a través de datos JPEG 2000 manipulados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JPEG2000 images. A specially crafted JPEG2000 image embedded inside a PDF can force Google Chrome to write memory past the end of an allocated object. • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.html http://www.debian.org/security/2016/dsa-3513 http://www.securityfocus.com/bid/84224 http://www.securitytracker.com/id/1035259 http://www.zerodayinitiative.com/advisories/ZDI-16-197 https://code& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1642 – chromium-browser: various fixes from internal audits
https://notcve.org/view.php?id=CVE-2016-1642
Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 49.0.2623.75 permiten a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html http://www.debian.org/security/2016/dsa-3507 http://www.securityfocus.com/bid/84008 http://www.securitytracker.com/id/1035185 •