CVSS: 7.5EPSS: 1%CPEs: 120EXPL: 0CVE-2014-3165
https://notcve.org/view.php?id=CVE-2014-3165
Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an unexpectedly long lifetime of a temporary object during method completion. Vulnerabilidad de uso después de liberación en modules/websockets/WorkerThreadableWebSocketChannel.cpp en la implementación Web Sockets en Blink, utilizado en Google Chrome anterior a 36.0.1985.143, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto a través de vectores que provocan un tiempo de vida inesperadamente largo de un objeto temporal durante el completado del método. • http://googlechromereleases.blogspot.com/2014/08/stable-channel-update.html http://secunia.com/advisories/59904 http://secunia.com/advisories/60798 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-3039 http://www.securityfocus.com/bid/69201 http://www.securitytracker.com/id/1030732 https://code.google.com/p/chromium/issues/detail?id=390174 https://exchange.xforce.ibmcloud.com/vulnerabilities/95247 https://src.chromium.org/viewvc/blink?revisio •
CVSS: 6.4EPSS: 0%CPEs: 101EXPL: 0CVE-2014-3159
https://notcve.org/view.php?id=CVE-2014-3159
The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote attackers to spoof the URL in the Omnibox via unspecified vectors. La función WebContentsDelegateAndroid::OpenURLFromTab en components/web_contents_delegate_android/web_contents_delegate_android.cc en Google Chrome anterior a 36.0.1985.122 en Android no restringe debidamente la carga de URLs, lo que permite a atacantes remotos falsificar la URL en el Omnibox a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2014/07/chrome-for-android-update.html https://code.google.com/p/chromium/issues/detail?id=352083 https://src.chromium.org/viewvc/chrome?revision=273865&view=revision • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 101EXPL: 0CVE-2014-3161
https://notcve.org/view.php?id=CVE-2014-3161
The WebMediaPlayerAndroid::load function in content/renderer/media/android/webmediaplayer_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly interact with redirects, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that hosts a video stream. La función WebMediaPlayerAndroid::load en content/renderer/media/android/webmediaplayer_android.cc en Google Chrome anterior a 36.0.1985.122 en Android no interactúa debidamente con las redirecciones, lo que permite a atacantes remotos evadir Same Origin Policy a través de un sitio web manipulado que hospeda un flujo de vídeo. • http://googlechromereleases.blogspot.com/2014/07/chrome-for-android-update.html https://code.google.com/p/chromium/issues/detail?id=334204 https://src.chromium.org/viewvc/chrome?revision=266396&view=revision • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 104EXPL: 0CVE-2014-3157
https://notcve.org/view.php?id=CVE-2014-3157
Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library. Desbordamiento de buffer basado en memoria dinámica en la función FFmpegVideoDecoder::GetVideoBuffer en media/filters/ffmpeg_video_decoder.cc en Google Chrome anterior a 35.0.1916.153 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado mediante el aprovechamiento de estructuras de datos VideoFrame que son demasiado pequeñas para la interacción debida con una libraría FFmpeg subyacente. • http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html http://secunia.com/advisories/58585 http://secunia.com/advisories/59090 http://secunia.com/advisories/60061 http://secunia.com/advisories/60372 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2959 http://www.securityfocus.com/bid/67972 https://code.google.com/p/chromium/issues/detail?id=368980 https://src.chromium.org/viewvc/chrome?revision=268831&view=revision • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 104EXPL: 0CVE-2014-3154
https://notcve.org/view.php?id=CVE-2014-3154
Use-after-free vulnerability in the ChildThread::Shutdown function in content/child/child_thread.cc in the filesystem API in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a Blink shutdown. Vulnerabilidad de uso después de liberación en la función ChildThread::Shutdown en content/child/child_thread.cc en la API del sistema de archivos en Google Chrome anterior a 35.0.1916.153 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados un apagado de Blink. • http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html http://secunia.com/advisories/58585 http://secunia.com/advisories/59090 http://secunia.com/advisories/60061 http://secunia.com/advisories/60372 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2959 http://www.securityfocus.com/bid/67977 https://code.google.com/p/chromium/issues/detail?id=369525 https://src.chromium.org/viewvc/blink?revision=173620&view=revision ht •