CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2015-3335
https://notcve.org/view.php?id=CVE-2015-3335
The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc in Google Chrome before 42.0.2311.90 does not have RLIMIT_AS and RLIMIT_DATA limits for Native Client (aka NaCl) processes, which might make it easier for remote attackers to conduct row-hammer attacks or have unspecified other impact by leveraging the ability to run a crafted program in the NaCl sandbox. La función NaClSandbox::InitializeLayerTwoSandbox en components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc en Google Chrome anterior a 42.0.2311.90 no tiene los límites RLIMIT_AS y RLIMIT_DATA para los procesos Native Client (también conocido como NaCl), lo que podría facilitar a atacantes remotos realizar ataques 'row-hammer' o tener otro impacto no especificado mediante el aprovechamiento de la habilidad de hacer funcionar un programa manipulado en el sandbox NaCl. • http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html http://www.securityfocus.com/bid/72715 https://code.google.com/p/chromium/issues/detail?id=455839 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-3333
https://notcve.org/view.php?id=CVE-2015-3333
Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 4.2.77.14, utilizado en Google Chrome anterior a 42.0.2311.90, permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html http://ubuntu.com/usn/usn-2570-1 http://www.debian.org/security/2015/dsa-3238 http://www.securityfocus.com/bid/74221 •
CVSS: 6.4EPSS: 0%CPEs: 14EXPL: 1CVE-2015-1241 – chromium-browser: tap-jacking vulnerability
https://notcve.org/view.php?id=CVE-2015-1241
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack. Google Chrome anterior a 42.0.2311.90 no considera correctamente la interacción de la navegación de páginas con el manejo de los eventos 'táctiles' (touch) y los eventos de 'gestos' (gesture), lo que permite a atacantes remotos provocar acciones no intencionadas de la interfaz del usuario a través de un sitio web manipulado que realiza un ataque de 'tapjacking'. • http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00024.html http://rhn.redhat.com/errata/RHSA-2015-0816.html http://ubuntu.com/usn/usn-2570-1 http://www.debian.org/security/2015/dsa-3238 http://www.securitytracker.com/id/1032209 https://code.google.com/p/chromium/issues/detail?id=418402 https://codereview.chromium.org/628763003 http • CWE-352: Cross-Site Request Forgery (CSRF) CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2015-1236 – chromium-browser: Cross-origin-bypass in Blink
https://notcve.org/view.php?id=CVE-2015-1236
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a crafted web site containing a media element. La función MediaElementAudioSourceNode::process en modules/webaudio/MediaElementAudioSourceNode.cpp en la implementación Web Audio API en Blink, utilizado en Google Chrome anterior a 42.0.2311.90, permite a atacantes remotos evadir Same Origin Policy y obtener valores sensibles de muestras de audio a través de un sitio web manipulado que contiene un elemento de prensa. • http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00024.html http://rhn.redhat.com/errata/RHSA-2015-0816.html http://ubuntu.com/usn/usn-2570-1 http://www.debian.org/security/2015/dsa-3238 http://www.securitytracker.com/id/1032209 https://code.google.com/p/chromium/issues/detail?id=313939 https://security.gentoo.org/glsa/201506-0 • CWE-264: Permissions, Privileges, and Access Controls CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2015-1244 – chromium-browser: HSTS bypass in WebSockets
https://notcve.org/view.php?id=CVE-2015-1244
The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic. La función URLRequest::GetHSTSRedirect en url_request/url_request.cc en Google Chrome anterior a 42.0.2311.90 no remplaza el esquema wss cuando una política HSTS está activada, lo que facilita a atacantes remotos obtener información sensible mediante la captura de trafico WebSocket de la red. • http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00024.html http://rhn.redhat.com/errata/RHSA-2015-0816.html http://ubuntu.com/usn/usn-2570-1 http://www.debian.org/security/2015/dsa-3238 http://www.securitytracker.com/id/1032209 https://chromium.googlesource.com/chromium/src/net/+/2359906c4fdfa9d44b045755d23fe5327c10e010 https://code.google. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-305: Authentication Bypass by Primary Weakness •