CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2015-1260 – chromium-browser: Use-after-free in WebRTC.
https://notcve.org/view.php?id=CVE-2015-1260
Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon completion of a getUserMedia request. Múltiples vulnerabilidades de uso después de liberación en content/renderer/media/user_media_client_impl.cc en la implementación WebRTC en Google Chrome anterior a 43.0.2357.65 permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de código JavaScript manipulado que se ejecuta al completar una solicitud getUserMedia. • http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html http://www.debian.org/security/2015/dsa-3267 http://www.securityfocus.com/bid/74723 http://www.securitytracker.com/id/1032375 https://code.google.com/p/chromium/issues/detail?id=474370 https://codereview.chromium.org/1075833002 https://security.gentoo.org/glsa/201506-04 https:/ • CWE-416: Use After Free •
CVSS: 6.8EPSS: 6%CPEs: 2EXPL: 0CVE-2015-1251 – Google Chrome SpeechRecognitionClient Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1251
Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem in Google Chrome before 43.0.2357.65 allows remote attackers to execute arbitrary code via a crafted document. Vulnerabilidad de uso después de liberación en la implementación SpeechRecognitionClient en el subsistema Speech en Google Chrome anterior a 43.0.2357.65 permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within SpeechRecognitionClient. By manipulating a document's elements, an attacker can force a dangling pointer to be reused after it has been freed. • http://blog.skylined.nl/20161123001.html http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html http://seclists.org/fulldisclosure/2016/Nov/136 http://www.debian.org/security/2015/dsa-3267 http://www.securityfocus.com/archive/1/539824/100/0/threaded http://www.securityfocus.com/bid/74723 http://www.securitytracker.com/id/1032375 ht • CWE-416: Use After Free •
CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 0CVE-2015-1243 – chromium-browser: use-after-free in DOM
https://notcve.org/view.php?id=CVE-2015-1243
Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an attempt to unregister a MutationObserver object that is not currently registered. Vulnerabilidad de uso después de liberación en la función MutationObserver::disconnect en core/dom/MutationObserver.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 42.0.2311.135, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado mediante la provocación de un intento a anular el registro de un objeto MutationObserver que no está registrado actualmente. • http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_28.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00009.html http://rhn.redhat.com/errata/RHSA-2015-0921.html http://www.debian.org/security/2015/dsa-3242 http://www.securityfocus.com/bid/74389 http://www.securitytracker.com/id/1032234 http://www.ubuntu.com/usn/USN-2582-1 https://code.google.com/p/chromium/issues/detail?id=453279 https://security.gentoo.org/glsa/201506-04 https://src. • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2015-1250 – chromium-browser: various unspecified flaws
https://notcve.org/view.php?id=CVE-2015-1250
Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 42.0.2311.135 permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_28.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00009.html http://rhn.redhat.com/errata/RHSA-2015-0921.html http://www.debian.org/security/2015/dsa-3242 http://www.securityfocus.com/bid/74389 http://www.securitytracker.com/id/1032234 http://www.ubuntu.com/usn/USN-2582-1 https://code.google.com/p/chromium/issues/detail?id=453553 https://code.google.com/p/chromium/issues/detail?id=458191 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2015-3335
https://notcve.org/view.php?id=CVE-2015-3335
The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc in Google Chrome before 42.0.2311.90 does not have RLIMIT_AS and RLIMIT_DATA limits for Native Client (aka NaCl) processes, which might make it easier for remote attackers to conduct row-hammer attacks or have unspecified other impact by leveraging the ability to run a crafted program in the NaCl sandbox. La función NaClSandbox::InitializeLayerTwoSandbox en components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc en Google Chrome anterior a 42.0.2311.90 no tiene los límites RLIMIT_AS y RLIMIT_DATA para los procesos Native Client (también conocido como NaCl), lo que podría facilitar a atacantes remotos realizar ataques 'row-hammer' o tener otro impacto no especificado mediante el aprovechamiento de la habilidad de hacer funcionar un programa manipulado en el sandbox NaCl. • http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html http://www.securityfocus.com/bid/72715 https://code.google.com/p/chromium/issues/detail?id=455839 • CWE-264: Permissions, Privileges, and Access Controls •