CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2015-1212 – chromium-browser: various security fixes in Chrome 40.0.2214.111
https://notcve.org/view.php?id=CVE-2015-1212
Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificados en Google Chrome before 40.0.2214.111 en Windows, OS X, y Linux y anterior a 40.0.2214.109 en Android permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://rhn.redhat.com/errata/RHSA-2015-0163.html http://secunia.com/advisories/62670 http://secunia.com/advisories/62818 http://secunia.com/advisories/62917 http://secunia.com/advisories/62925 http://security.gentoo.org/glsa/glsa-201502-13.xml http://www.secur •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-9647
https://notcve.org/view.php?id=CVE-2014-9647
Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/src/fpdfview.cpp and fpdfsdk/src/fsdk_mgr.cpp, a different vulnerability than CVE-2015-1205. Vulnerabilidad del uso después de liberación en PDFium, utilizado en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un documento PDF manipulado, relacionado con fpdfsdk/src/fpdfview.cpp y fpdfsdk/src/fsdk_mgr.cpp, una vulnerabilidad diferente a CVE-2015-1205. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://security.gentoo.org/glsa/glsa-201502-13.xml https://code.google.com/p/chromium/issues/detail?id=410326 https://code.google.com/p/chromium/issues/detail?id=449894 https://pdfium.googlesource.com/pdfium/+/facd0157ce975158da1659fb58a16c1308bd553b •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1360
https://notcve.org/view.php?id=CVE-2015-1360
Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data that is improperly handled during text drawing, related to gpu/GrBitmapTextContext.cpp and gpu/GrDistanceFieldTextContext.cpp, a different vulnerability than CVE-2015-1205. Skia, utilizado en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (sobre lectura de buffer) o posiblemente tener otro impacto no especificado a través de datos manipulados que no se manejan correctamente durante dibujado de textos, relacionado con gpu/GrBitmapTextContext.cpp y gpu/GrDistanceFieldTextContext.cpp, una vulnerabilidad diferente a 2015-1205. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://security.gentoo.org/glsa/glsa-201502-13.xml https://code.google.com/p/chromium/issues/detail?id=416289 https://code.google.com/p/chromium/issues/detail?id=449894 https://codereview.chromium.org/636233008 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-1361
https://notcve.org/view.php?id=CVE-2015-1361
platform/image-decoders/ImageFrame.h in Blink, as used in Google Chrome before 40.0.2214.91, does not initialize a variable that is used in calls to the Skia SkBitmap::setAlphaType function, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document, a different vulnerability than CVE-2015-1205. platform/image-decoders/ImageFrame.h en Blink, utilizado en Google Chrome anterior a 40.0.2214.91, no inicializa una variable que se utiliza en llamadas a la función Skia SkBitmap::setAlphaType, lo que podría permitir a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un documento HTML manipulado, una vulnerabilidad diferente a CVE-2015-1205. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://security.gentoo.org/glsa/glsa-201502-13.xml http://src.chromium.org/viewvc/blink?view=revision&revision=183296 https://code.google.com/p/chromium/issues/detail?id=411329 https://code.google.com/p/chromium/issues/detail?id=449894 • CWE-17: DEPRECATED: Code •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-1359
https://notcve.org/view.php?id=CVE-2015-1359
Multiple off-by-one errors in fpdfapi/fpdf_font/font_int.h in PDFium, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted PDF document, related to an "intra-object-overflow" issue, a different vulnerability than CVE-2015-1205. Múltiples errores de la superación de límite (off-by-one) en fpdfapi/fpdf_font/font_int.h en PDFium, utilizado en Google Chrome anterior a 40.0.2214.91, permiten a atacantes remotos causar una denegación de servicio (desbordamiento de buffer) o posiblemente tener otro impacto no especificado a través de un documento PDF manipulado, relacionado con un problema de 'un desbordamiento de intraobjetos', una vulnerabilidad diferente a CVE-2015-1205. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://security.gentoo.org/glsa/glsa-201502-13.xml https://code.google.com/p/chromium/issues/detail?id=421196 https://code.google.com/p/chromium/issues/detail?id=449894 https://codereview.chromium.org/656463006 • CWE-189: Numeric Errors •