Page 461 of 2385 results (0.022 seconds)

CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0

Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp. Múltiples vulnerabilidades de uso después de liberación en la implementación DOM en Blink, utilizado en Google Chrome anterior a 41.0.2272.76, permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan el traslado de un elemento SCRIPT a documentos diferentes, relacionado con (1) la función HTMLScriptElement::didMoveToNewDocument en core/html/HTMLScriptElement.cpp y (2) la función SVGScriptElement::didMoveToNewDocument en core/svg/SVGScriptElement.cpp. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=456059 https://security.gentoo.org/glsa/201503-12 https://src.chromium.org/viewvc/blink?revision=189886&view=revision https://access.redhat.com/security/cve/CVE-2015-1218 https://bugzilla.redhat.com/show_bug.cgi?id=1198525 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 3%CPEs: 7EXPL: 0

The getHiddenProperty function in bindings/core/v8/V8EventListenerList.h in Blink, as used in Google Chrome before 41.0.2272.76, has a name conflict with the AudioContext class, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that adds an AudioContext event listener and triggers "type confusion." La función getHiddenProperty en bindings/core/v8/V8EventListenerList.h en Blink, utilizado en Google Chrome anterior a 41.0.2272.76, tiene un conflicto de nombres con la clase AudioContext, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de código JavaScript que añade un oyente de eventos AudioContext y provoca una 'confusión de tipos.' This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within findOrCreateWrapper. By manipulating a document's elements, an attacker can force a type confusion error while adding an event listener. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=449610 https://security.gentoo.org/glsa/201503-12 https://src.chromium.org/viewvc/blink?revision=189006&view=revision https://access.redhat.com/security/cve/CVE-2015-1230 https://bugzilla.redhat.com/show_bug.cgi?id=1198537 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0

The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation. La implementación de filtrado en Skia, utilizado en Google Chrome anterior a 41.0.2272.76, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan una operación de escritura fuera de rango. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=445809 https://security.gentoo.org/glsa/201503-12 https://access.redhat.com/security/cve/CVE-2015-1215 https://bugzilla.redhat.com/show_bug.cgi?id=1198521 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCacheMap implementation in content/browser/service_worker/service_worker_script_cache_map.cc in Google Chrome before 41.0.2272.76 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a ServiceWorkerContextWrapper::DeleteAndStartOver call, related to the NotifyStartedCaching and NotifyFinishedCaching functions. Múltiples vulnerabilidades de uso después de liberación en la implementación ServiceWorkerScriptCacheMap en content/browser/service_worker/service_worker_script_cache_map.cc en Google Chrome anterior a 41.0.2272.76 permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan una llamada a ServiceWorkerContextWrapper::DeleteAndStartOver, relacionado con las funciones NotifyStartedCaching y NotifyFinishedCaching. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=448082 https://codereview.chromium.org/798883005 https://security.gentoo.org/glsa/201503-12 https://access.redhat.com/security/cve/CVE-2015-1222 https://bugzilla.redhat.com/show_bug.cgi?id=1198529 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink's main thread, related to the shutdown function in web/WebKit.cpp. Vulnerabilidad de uso después de liberación en Blink, utilizado en Google Chrome anterior a 41.0.2272.76, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado mediante el aprovechamiento del ordenado incorrecto de operaciones en el hilo de la base de datos SQL web relacionado con el hilo principal de Blink, relacionado con la función shutdown en web/WebKit.cpp. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=455368 https://security.gentoo.org/glsa/201503-12 https://src.chromium.org/viewvc/blink?revision=190021&view=revision https://src.chromium.org/viewvc/blink?revision=190035&view=revision https://access.redhat.com/security/cve/CVE • CWE-416: Use After Free •