CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9648
https://notcve.org/view.php?id=CVE-2014-9648
components/navigation_interception/intercept_navigation_resource_throttle.cc in Google Chrome before 40.0.2214.91 on Android does not properly restrict use of intent: URLs to open an application after navigation to a web site, which allows remote attackers to cause a denial of service (loss of browser access to that site) via crafted JavaScript code, as demonstrated by pandora.com and the Pandora application, a different vulnerability than CVE-2015-1205. components/navigation_interception/intercept_navigation_resource_throttle.cc en Google Chrome anterior a 40.0.2214.91 en Android no restringe correctamente el uso de las URLs intent: para abrir una aplicación después de la navigación a un sitio web, lo que permite a atacantes remotos causar una denegación de servicio (perdida del acceso del navegador a este sitio) a través de código JavaScript manipulado, tal y como fue demostrado por pandora.com y la aplicación Pandora, una vulnerabilidad diferente a CVE-2015-1205. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://security.gentoo.org/glsa/glsa-201502-13.xml https://code.google.com/p/chromium/issues/detail?id=331571 https://code.google.com/p/chromium/issues/detail?id=449894 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-1361
https://notcve.org/view.php?id=CVE-2015-1361
platform/image-decoders/ImageFrame.h in Blink, as used in Google Chrome before 40.0.2214.91, does not initialize a variable that is used in calls to the Skia SkBitmap::setAlphaType function, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document, a different vulnerability than CVE-2015-1205. platform/image-decoders/ImageFrame.h en Blink, utilizado en Google Chrome anterior a 40.0.2214.91, no inicializa una variable que se utiliza en llamadas a la función Skia SkBitmap::setAlphaType, lo que podría permitir a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un documento HTML manipulado, una vulnerabilidad diferente a CVE-2015-1205. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://security.gentoo.org/glsa/glsa-201502-13.xml http://src.chromium.org/viewvc/blink?view=revision&revision=183296 https://code.google.com/p/chromium/issues/detail?id=411329 https://code.google.com/p/chromium/issues/detail?id=449894 • CWE-17: DEPRECATED: Code •
CVSS: 6.4EPSS: 3%CPEs: 1EXPL: 0CVE-2014-7946 – chromium-browser: out-of-bounds read in Fonts
https://notcve.org/view.php?id=CVE-2014-7946
The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors related to the Fonts implementation. La función RenderTable::simplifiedNormalFlowLayout en core/rendering/RenderTable.cpp en Blink, usado en Google Chrome anterior a 40.0.2214.91, en ciertas situaciones, se salta los subtítulos durante el diseño de tabla, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados en la implementación Fonts. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://rhn.redhat.com/errata/RHSA-2015-0093.html http://secunia.com/advisories/62383 http://secunia.com/advisories/62575 http://secunia.com/advisories/62665 http://security.gentoo.org/glsa/glsa-201502-13.xml http://www.securityfocus.com/bid/72288 http://www.securitytracker.com/id/1031623 http://www.ubuntu.com/usn/USN-2476-1 https:/& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7929 – chromium-browser: use-after-free in DOM
https://notcve.org/view.php?id=CVE-2014-7929
Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving movement of a SCRIPT element across documents. Vulnerabilidad de uso después de liberación en la función HTMLScriptElement::didMoveToNewDocument en core/html/HTMLScriptElement.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que involucran el movimiento de un elemento SCRIPT de documento en documento. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://rhn.redhat.com/errata/RHSA-2015-0093.html http://secunia.com/advisories/62383 http://secunia.com/advisories/62575 http://secunia.com/advisories/62665 http://security.gentoo.org/glsa/glsa-201502-13.xml http://www.securityfocus.com/bid/72288 http://www.securitytracker.com/id/1031623 http://www.ubuntu.com/usn/USN-2476-1 https:/& • CWE-17: DEPRECATED: Code CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7927 – chromium-browser: memory corruption in V8
https://notcve.org/view.php?id=CVE-2014-7927
The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code. La función SimplifiedLowering::DoLoadBuffer en compiler/simplified-lowering.cc en Google V8, utilizado en Google Chrome anterior a 40.0.2214.91, no elige correctamente un tipo de datos de enteros, lo que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de código JavaScript manipulado. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://rhn.redhat.com/errata/RHSA-2015-0093.html http://secunia.com/advisories/62383 http://secunia.com/advisories/62575 http://secunia.com/advisories/62665 http://security.gentoo.org/glsa/glsa-201502-13.xml http://www.securityfocus.com/bid/72288 http://www.securitytracker.com/id/1031623 http://www.ubuntu.com/usn/USN-2476-1 https:/& • CWE-189: Numeric Errors •