CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2015-6755 – chromium-browser: cross-origin bypass in Blink
https://notcve.org/view.php?id=CVE-2015-6755
The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. La función ContainerNode::parserInsertBefore en core/dom/ContainerNode.cpp en Blink, como se utiliza en Google Chrome en versiones anteriores a 46.0.2490.71, procede con una inserción de árbol DOM en ciertos casos en los que un nodo padre ya no contiene un nodo hijo, lo que permite a atacantes remotos eludir la Same Origin Policy a través de código JavaScript manipulado. • http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-1912.html http://www.debian.org/security/2015/dsa-3376 http://www.securityfocus.com/bid/77071 http://www.securitytracker.com/id/1033816 http://www.ubuntu.com/usn/USN-2770-1 http://www.ubuntu.com/usn/USN-2770-2 https://code.google.com/p/chromium/issues/detail?id=519558 https://security.gentoo.org/glsa/201603-09 https://src.chromium.org/viewvc/blink? • CWE-264: Permissions, Privileges, and Access Controls CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2015-1303 – chromium-browser: Cross-origin bypass in DOM
https://notcve.org/view.php?id=CVE-2015-1303
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document containing an IFRAME element. bindings/core/v8/V8DOMWrapper.h en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 45.0.2454.101, no realiza una acción de volver a lanzar para propagar información sobre una excepción cross-context, lo que permite a atacantes remotos eludir la Same Origin Policy a través de un documento HTML manipulado que contiene un elemento IFRAME . • http://googlechromereleases.blogspot.com/2015/09/stable-channel-update_24.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00002.html http://rhn.redhat.com/errata/RHSA-2015-1841.html http://www.debian.org/security/2015/dsa-3376 http://www.securityfocus.com/bid/76844 http://www.securitytracker.com/id/1033683 http://www.ubuntu.com/usn/USN-2757-1 https://code.google.com/p/chromium/issues& • CWE-20: Improper Input Validation CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2015-1304 – chromium-browser: Cross-origin bypass in V8
https://notcve.org/view.php?id=CVE-2015-1304
object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a (1) observe or (2) getNotifier call. object-observe.js en Google V8, tal como se utiliza en Google Chrome en versiones anteriores a 45.0.2454.101, no restringe adecuadamente las llamadas a métodos en objetos de acceso verificado, lo que permite a atacantes remotos eludir la Same Origin Policy a través de una llamada (1) observe o (2) getNotifier . • http://googlechromereleases.blogspot.com/2015/09/stable-channel-update_24.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00002.html http://rhn.redhat.com/errata/RHSA-2015-1841.html http://www.debian.org/security/2015/dsa-3376 http://www.securityfocus.com/bid/76844 http://www.securitytracker.com/id/1033683 http://www.ubuntu.com/usn/USN-2757-1 https://chromium.googlesource.com/v8/v8/&# • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2015-1297 – chromium-browser: Permission scoping error in WebRequest
https://notcve.org/view.php?id=CVE-2015-1297
The WebRequest API implementation in extensions/browser/api/web_request/web_request_api.cc in Google Chrome before 45.0.2454.85 does not properly consider a request's source before accepting the request, which allows remote attackers to bypass intended access restrictions via a crafted (1) app or (2) extension. Vulnerabilidad en la implementación WebRequest API en extensions/browser/api/web_request/web_request_api.cc en Google Chrome en versiones anteriores a 45.0.2454.85, no considera correctamente una fuente de petición antes de aceptar la petición, lo que permite a atacantes remotos eludir las restricciones de acceso previstas a través de una (1) app o (2) extensión manipulada. • http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html http://rhn.redhat.com/errata/RHSA-2015-1712.html http://www.debian.org/security/2015/dsa-3351 http://www.securitytracker.com/id/1033472 https://code.google.com/p/chromium/issues/detail?id=510802 https://codereview.chromium.org/1267183003 https://security.gentoo.org/glsa/201603-09 • CWE-254: 7PK - Security Features •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1300 – chromium-browser: Information leak in Blink
https://notcve.org/view.php?id=CVE-2015-1300
The FrameFetchContext::updateTimingInfoForIFrameNavigation function in core/loader/FrameFetchContext.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to obtain sensitive information via crafted JavaScript code that leverages a history.back call. Vulnerabilidad en la función FrameFetchContext::updateTimingInfoForIFrameNavigation en core/loader/FrameFetchContext.cpp en Blink, como se utiliza en Google Chrome en versiones anteriores a 45.0.2454.85, no restringe correctamente la disponibilidad de tiempos de la API IFRAME Resource Timing, lo que permite a atacantes remotos obtener información sensible a través de código JavaScript manipulado que aprovecha una llamada history.back. • http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html http://rhn.redhat.com/errata/RHSA-2015-1712.html http://www.debian.org/security/2015/dsa-3351 http://www.securitytracker.com/id/1033472 https://code.google.com/p/chromium/issues/detail?id=511616 https://github.com/w3c/resource-timing/issues/29 https://security.gentoo.org/glsa&#x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •