CVE-2015-6772 – chromium-browser: Cross-origin bypass in DOM
https://notcve.org/view.php?id=CVE-2015-6772
The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin. La implementación del DOM en Blink, como se utiliza en Google Chrome en versiones anteriores a 47.0.2526.73, no evita la navegación javascript: URL mientras un documento se está separando, lo que permite a atacantes remotos eludir la Same Origin Policy a través de código JavaScript manipulado que interactúa incorrectamente con un plugin. • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html http://www.debian.org/security/2015/dsa-3415 http://www.securityfocus.com/bid/78416 http://www.securitytracker.com/id/1034298 http://www.ubuntu.com/usn/USN-2825-1 https://code.google.com/p/chromium/issues/detail?id=546545 https://codereview.chromium.org/1444183003& • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-6765 – chromium-browser: Use-after-free in AppCache
https://notcve.org/view.php?id=CVE-2015-6765
Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs. Vulnerabilidad de uso después de liberación de memoria en content/browser/appcache/appcache_update_job.cc en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio mediante el aprovechamiento del manejo incorrecto de los trabajos de actualización de AppCache. • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html http://www.debian.org/security/2015/dsa-3415 http://www.securityfocus.com/bid/78416 http://www.securitytracker.com/id/1034298 http://www.ubuntu.com/usn/USN-2825-1 https://code.google.com/p/chromium/issues/detail?id=558589 https://codereview.chromium.org/1463463003& • CWE-416: Use After Free •
CVE-2015-1302 – chromium-browser: information leak in PDF viewer
https://notcve.org/view.php?id=CVE-2015-1302
The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and out_of_process_instance.cc. El visor PDF en Google Chrome en versiones anteriores a 46.0.2490.86 no restringe adecuadamente mensajes de programación de secuencias de comandos y la exposición de la API, lo que permite a atacantes remotos eludir la Same Origin Policy a través de un embedder no intencionado o de la carga de un plugin no intencionado, relacionado con pdf.js y out_of_process_instance.cc. • http://googlechromereleases.blogspot.com/2015/11/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00120.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00121.html http://rhn.redhat.com/errata/RHSA-2015-1841.html http://www.debian.org/security/2015/dsa-3415 http://www.securityfocus.com/bid/77537 http://www.securitytracker.com/id/1034132 https://code.google.com/p/chromium/issues/detail?id=520422 https://codereview.chromium.org/1316803003 https • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-7834
https://notcve.org/view.php?id=CVE-2015-7834
Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as used in Google Chrome before 46.0.2490.71, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 en versiones anteriores a 4.6.85.23, como se utiliza en Google Chrome en versiones anteriores a 46.0.2490.71, permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html http://www.ubuntu.com/usn/USN-2770-1 http://www.ubuntu.com/usn/USN-2770-2 •
CVE-2015-6755 – chromium-browser: cross-origin bypass in Blink
https://notcve.org/view.php?id=CVE-2015-6755
The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. La función ContainerNode::parserInsertBefore en core/dom/ContainerNode.cpp en Blink, como se utiliza en Google Chrome en versiones anteriores a 46.0.2490.71, procede con una inserción de árbol DOM en ciertos casos en los que un nodo padre ya no contiene un nodo hijo, lo que permite a atacantes remotos eludir la Same Origin Policy a través de código JavaScript manipulado. • http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-1912.html http://www.debian.org/security/2015/dsa-3376 http://www.securityfocus.com/bid/77071 http://www.securitytracker.com/id/1033816 http://www.ubuntu.com/usn/USN-2770-1 http://www.ubuntu.com/usn/USN-2770-2 https://code.google.com/p/chromium/issues/detail?id=519558 https://security.gentoo.org/glsa/201603-09 https://src.chromium.org/viewvc/blink? • CWE-264: Permissions, Privileges, and Access Controls CWE-345: Insufficient Verification of Data Authenticity •