CVE-2015-1739 – Microsoft Internet Explorer Add-On Installer EPM Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2015-1739
This vulnerability allows attackers to escape the Extended Protection Mode sandbox of vulnerable installations of Microsoft Internet Explorer. • http://www.securityfocus.com/bid/74995 http://www.securitytracker.com/id/1032521 http://www.zerodayinitiative.com/advisories/ZDI-15-249 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-1748 – Microsoft Internet Explorer Protocol Handler Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2015-1748
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743. Microsoft Internet Explorer 7 hasta 11 permite a atacantes remotos ganar privilegios a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la elevación de privilegios de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1743. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of res:// and Windows Help Engine. By running specially crafted JavaScript, a 32-bit medium integrity process can be spawned. • http://www.securityfocus.com/bid/74997 http://www.securitytracker.com/id/1032521 http://www.zerodayinitiative.com/advisories/ZDI-15-251 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-1743 – Microsoft Internet Explorer add-on Installer Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2015-1743
An attacker can bypass checks within the add-on installer with special paths and junction points to achieve medium-integrity code execution under the context of the user. • http://www.securityfocus.com/bid/74996 http://www.securitytracker.com/id/1032521 http://www.zerodayinitiative.com/advisories/ZDI-15-377 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2015-4335 – redis: Lua sandbox escape and arbitrary code execution
https://notcve.org/view.php?id=CVE-2015-4335
A flaw was discovered in redis that could allow an authenticated user, who was able to use the EVAL command to run Lua code, to break out of the Lua sandbox and execute arbitrary code on the system. • http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162094.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162146.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00014.html http://rhn.redhat.com/errata/RHSA-2015-1676.html http://www.debian.org/security/2015/dsa-3279 http://www.openwall.com/lists/oss-security/2015/06/04/12 http://www.openwall.com • CWE-17: DEPRECATED: Code •
CVE-2015-1252 – chromium-browser: Sandbox escape in Chrome.
https://notcve.org/view.php?id=CVE-2015-1252
common/partial_circular_buffer.cc in Google Chrome before 43.0.2357.65 does not properly handle wraps, which allows remote attackers to bypass a sandbox protection mechanism or cause a denial of service (out-of-bounds write) via vectors that trigger a write operation with a large amount of data, related to the PartialCircularBuffer::Write and PartialCircularBuffer::DoWrite functions. common/partial_circular_buffer.cc en Google Chrome anterior a 43.0.2357.65 no maneja correctamente los envoltorios, lo que permite a atacantes remotos evadir un mecanismo de protección de sandbox o causar una denegación de servicio (escritura fuera de rango) a través de vectores que provocan una operación de escritura con una cantidad grande de datos, relacionado con las funciones PartialCircularBuffer::Write y PartialCircularBuffer::DoWrite. • http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html http://www.debian.org/security/2015/dsa-3267 http://www.securityfocus.com/bid/74723 http://www.securitytracker.com/id/1032375 https://code.google.com/p/chromium/issues/detail?id=474029 https://codereview.chromium.org/1061053002 https://security.gentoo.org/glsa/201506-04 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •