CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2011-5319
https://notcve.org/view.php?id=CVE-2011-5319
content/renderer/device_sensors/device_motion_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate accelerometer data, which makes it easier for remote attackers to capture keystrokes via a crafted web site that listens for ondevicemotion events, a different vulnerability than CVE-2015-1231. content/renderer/device_sensors/device_motion_event_pump.cc en Google Chrome anterior a 41.0.2272.76 no restringe correctamente el acceso a los datos de 'accelerometer' de alta velocidad, lo que facilita a atacantes remotos capturar las pulsaciones del teclado a través de un sitio web manipulado que escucha para eventos 'ondevicemotion', una vulnerabilidad diferente a CVE-2015-1231. • http://dl.acm.org/citation.cfm?id=2046771 http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://www.cc.gatech.edu/~traynor/papers/traynor-ccs11.pdf https://code.google.com/p/chromium/issues/detail?id=421691 https://code.google.com/p/chromium/issues/detail?id=463349 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2239
https://notcve.org/view.php?id=CVE-2015-2239
Google Chrome before 41.0.2272.76, when Instant Extended mode is used, does not properly consider the interaction between the "1993 search" features and restore-from-disk RELOAD transitions, which makes it easier for remote attackers to spoof the address bar for a search-results page by leveraging (1) a compromised search engine or (2) an XSS vulnerability in a search engine, a different vulnerability than CVE-2015-1231. Google Chrome anterior a 41.0.2272.76, cuando el modo Instant Extended está utilizado, no considera correctamente la interacción entre las características de búsqueda 1993 ('1993 search') y las transiciones restaurar del disco RELOAD (restore-from-disk RELOAD), lo que facilita a atacantes remotos falsificar la barra de direcciones para una página de resultados de búsquedas mediante el aprovechamiento de (1) un motor de búsqueda comprometido o (2) una vulnerabilidad de XSS en un motor de búsqueda, una vulnerabilidad diferente a CVE-2015-1231. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://www.securityfocus.com/bid/74855 https://code.google.com/p/chromium/issues/detail?id=256724 https://code.google.com/p/chromium/issues/detail?id=463349 • CWE-19: Data Processing Errors •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2014-9654 – icu: insufficient size limit checks in regular expression compiler
https://notcve.org/view.php?id=CVE-2014-9654
The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923. El paquete Regular Expressions en International Components para Unicode (ICU) for C/C++ en las versiones anteriores a 03-12-2014, como se utiliza en Google Chrome en versiones anteriores a 40.0.2214.91, calcula ciertos valores sin asegurarse de que pueden representarse en un campo de 24 bits, que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de una cadena manipulada, un problema relacionado con CVE-2014-7923. • http://bugs.icu-project.org/trac/changeset/36801 http://bugs.icu-project.org/trac/ticket/11371 http://openwall.com/lists/oss-security/2015/02/05/15 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.securitytracker.com/id/1035410 https://chromium.googlesource.com/chromium/deps/icu/+/dd727641e190d60e4593bcb3a35c7f51eb4925c5 https://code.google.com/p/chromium/issues/detail?id=432209 https://security.gentoo.org/glsa/201503-06 https://www.oracle.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2015-1217 – chromium-browser: Type confusion in v8 bindings
https://notcve.org/view.php?id=CVE-2015-1217
The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." La función V8LazyEventListener::prepareListenerObject en bindings/core/v8/V8LazyEventListener.cpp en los enlaces V8 en Blink, utilizado en Google Chrome anterior a 41.0.2272.76, no compila correctamente los oyentes, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que aprovechan una 'confusión de tipos.' • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=456192 https://codereview.chromium.org/910683002 https://codereview.chromium.org/958543002 https://security.gentoo.org/glsa/201503-12 https://src.chromium.org/viewvc/blink?revision=189796&view=revision https://access.redhat.com/sec • CWE-17: DEPRECATED: Code CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 0CVE-2015-1224 – chromium-browser: Out-of-bounds read in vpxdecoder
https://notcve.org/view.php?id=CVE-2015-1224
The VpxVideoDecoder::VpxDecode function in media/filters/vpx_video_decoder.cc in the vpxdecoder implementation in Google Chrome before 41.0.2272.76 does not ensure that alpha-plane dimensions are identical to image dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted VPx video data. La función VpxVideoDecoder::VpxDecode en media/filters/vpx_video_decoder.cc en la implementación vpxdecoder en Google Chrome anterior a 41.0.2272.76 no asegura que las dimensiones alpha-plane sean idénticas a las dimensiones de imágenes, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de datos de vídeo VPx manipulados. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=449958 https://codereview.chromium.org/858303002 https://security.gentoo.org/glsa/201503-12 https://access.redhat.com/security/cve/CVE-2015-1224 https://bugzilla.redhat.com/show_bug.cgi?id=1198531 • CWE-17: DEPRECATED: Code CWE-125: Out-of-bounds Read •