CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 0CVE-2015-1255 – chromium-browser: Use-after-free in WebAudio.
https://notcve.org/view.php?id=CVE-2015-1255
Use-after-free vulnerability in content/renderer/media/webaudio_capturer_source.cc in the WebAudio implementation in Google Chrome before 43.0.2357.65 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging improper handling of a stop action for an audio track. Vulnerabilidad de uso después de liberación en content/renderer/media/webaudio_capturer_source.cc en la implementación WebAudio en Google Chrome anterior a 43.0.2357.65 permite a atacantes remotos causar una denegación de servicio (corrupción de la memoria dinámica) o posiblemente tener otro impacto no especificado mediante el aprovechamiento del manejo incorrecto de una acción de parar para una pista de audio. • http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html http://www.debian.org/security/2015/dsa-3267 http://www.securityfocus.com/bid/74723 http://www.securitytracker.com/id/1032375 https://code.google.com/p/chromium/issues/detail?id=473253 https://codereview.chromium.org/1071063005 https://security.gentoo.org/glsa/201506-04 https:/ • CWE-416: Use After Free •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2015-1258 – chromium-browser: Negative-size parameter in Libvpx.
https://notcve.org/view.php?id=CVE-2015-1258
Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data. Google Chrome anterior a 43.0.2357.65 depende de código libvpx que no fue construido con un valor --size-limit apropiado, lo que permite a atacantes remotos provocar un valor negativo para un campo tamaño, y como consecuencia causar una denegación de servicio o posiblemente tener otro impacto no especificado, a través de un tamaño Frame en datos de vídeo VP9. • http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168803.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166975.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167428.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html http://www.debian.org/security/2015/dsa-3267 http:&# • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2015-1252 – chromium-browser: Sandbox escape in Chrome.
https://notcve.org/view.php?id=CVE-2015-1252
common/partial_circular_buffer.cc in Google Chrome before 43.0.2357.65 does not properly handle wraps, which allows remote attackers to bypass a sandbox protection mechanism or cause a denial of service (out-of-bounds write) via vectors that trigger a write operation with a large amount of data, related to the PartialCircularBuffer::Write and PartialCircularBuffer::DoWrite functions. common/partial_circular_buffer.cc en Google Chrome anterior a 43.0.2357.65 no maneja correctamente los envoltorios, lo que permite a atacantes remotos evadir un mecanismo de protección de sandbox o causar una denegación de servicio (escritura fuera de rango) a través de vectores que provocan una operación de escritura con una cantidad grande de datos, relacionado con las funciones PartialCircularBuffer::Write y PartialCircularBuffer::DoWrite. • http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html http://www.debian.org/security/2015/dsa-3267 http://www.securityfocus.com/bid/74723 http://www.securitytracker.com/id/1032375 https://code.google.com/p/chromium/issues/detail?id=474029 https://codereview.chromium.org/1061053002 https://security.gentoo.org/glsa/201506-04 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 1CVE-2015-1265 – Google Chrome 43.0 - Certificate MIME Handling Integer Overflow
https://notcve.org/view.php?id=CVE-2015-1265
Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 43.0.2357.65 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • https://www.exploit-db.com/exploits/37766 http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html http://www.debian.org/security/2015/dsa-3267 http://www.securityfocus.com/bid/74727 http://www.securitytracker.com/id/1032375 https://code.google.com/p/chromium/issues/detail?id=413534 https://code.google.com/p/chromium/issues/detail •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1254 – chromium-browser: Cross-origin bypass in Editing.
https://notcve.org/view.php?id=CVE-2015-1254
core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing. core/dom/Document.cpp en Blink, utilizado en Google Chrome anterior a 43.0.2357.65, habilita la herencia del atributo designMode, lo que permite a atacantes remotos evadir Same Origin Policy mediante el aprovechamiento de la disponibilidad de la edición. • http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html http://www.debian.org/security/2015/dsa-3267 http://www.securityfocus.com/bid/74723 http://www.securitytracker.com/id/1032375 https://code.google.com/p/chromium/issues/detail?id=444927 https://security.gentoo.org/glsa/201506-04 https://src.chromium.org/viewvc/blink?revision=19 • CWE-264: Permissions, Privileges, and Access Controls •