Page 439 of 2560 results (0.015 seconds)

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2015-6781 – chromium-browser: Integer overflow in Sfntly

https://notcve.org/view.php?id=CVE-2015-6781

Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted offset or length value within font data in an SFNT container. Desbordamiento de entero en la función FontData::Bound en data/font_data.cc en Google sfntly, como se utiliza en Google Chrome en versiones anteriores a 47.0.2526.73, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un valor de desplazamiento o de longitud manipulado dentro de datos de la fuente en un contenedor SFNT. • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html http://www.debian.org/security/2015/dsa-3415 http://www.securityfocus.com/bid/78416 http://www.securitytracker.com/id/1034298 https://code.google.com/p/chromium/issues/detail?id=497302 https://codereview.chromium.org/1367323002 https://github.com/googlei18n/sfntly/commit& • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-6785 – chromium-browser: Wildcard matching issue in CSP

https://notcve.org/view.php?id=CVE-2015-6785

The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a policy that was intended to be specific to subdomains. La función CSPSource::hostMatches en WebKit/Source/core/frame/csp/CSPSource.cpp en la implementación de la Content Security Policy (CSP) en Google Chrome en versiones anteriores a 47.0.2526.73 acepta un nombre de host x.y como una coincidencia para un patrón *.x.y, lo que puede permitir a atacantes remotos eludir restricciones destinadas al acceso en circunstancias oportunistas mediante el aprovechamiento de una política que estaba destinada a ser específica para subdominios. • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html http://www.debian.org/security/2015/dsa-3415 http://www.securityfocus.com/bid/78416 http://www.securitytracker.com/id/1034298 http://www.ubuntu.com/usn/USN-2825-1 https://code.google.com/p/chromium/issues/detail?id=534542 https://codereview.chromium.org/1367933003& • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2015-6773 – chromium-browser: Out of bounds access in Skia

https://notcve.org/view.php?id=CVE-2015-6773

The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not properly constrain row lengths, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted graphics data. La implementación de la convolución en Skia, como se utiliza en Google Chrome en versiones anteriores a 47.0.2526.73, no restringe adecuadamente longitudes de fila, lo que permite a atacantes remotos causar una denegación de servicio (acceso a memoria fuera de rango) o posiblemente tener otro impacto no especificado a través de datos de gráficas manipuladas. • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html http://www.debian.org/security/2015/dsa-3415 http://www.securityfocus.com/bid/78416 http://www.securitytracker.com/id/1034298 http://www.ubuntu.com/usn/USN-2825-1 https://code.google.com/p/chromium/issues/detail?id=491660 https://codereview.chromium.org/1187173005& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2015-1302 – chromium-browser: information leak in PDF viewer

https://notcve.org/view.php?id=CVE-2015-1302

The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and out_of_process_instance.cc. El visor PDF en Google Chrome en versiones anteriores a 46.0.2490.86 no restringe adecuadamente mensajes de programación de secuencias de comandos y la exposición de la API, lo que permite a atacantes remotos eludir la Same Origin Policy a través de un embedder no intencionado o de la carga de un plugin no intencionado, relacionado con pdf.js y out_of_process_instance.cc. • http://googlechromereleases.blogspot.com/2015/11/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00120.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00121.html http://rhn.redhat.com/errata/RHSA-2015-1841.html http://www.debian.org/security/2015/dsa-3415 http://www.securityfocus.com/bid/77537 http://www.securitytracker.com/id/1034132 https://code.google.com/p/chromium/issues/detail?id=520422 https://codereview.chromium.org/1316803003 https • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 1

CVE-2015-6763 – Google Chrome - open-vcdiff Out-of-Bounds Read in Browser Process Integer Overflow

https://notcve.org/view.php?id=CVE-2015-6763

Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 46.0.2490.71 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. There is an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane memory bounds when parsing the contents of a vcdiff windowThere's an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane memory bounds when parsing the contents of a vcdiff window. • https://www.exploit-db.com/exploits/38763 http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html http://packetstormsecurity.com/files/134482/Google-Chrome-Integer-Overflow.html http://rhn.redhat.com/errata/RHSA-2015-1912.html http://www.debian.org/security/2015/dsa-3376 http://www.securityfocus.com/bid/77071 http://www.securitytracker.com/id/1033816 http://www.ubuntu.com/usn/USN-2770-1 http://www.ubuntu.com/usn/USN-2770-2 https://code.google.com/p&# •