CVE-2017-0785 – Android Bluetooth - 'Blueborne' Information Leak
https://notcve.org/view.php?id=CVE-2017-0785
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698. Existe una vulnerabilidad de divulgación de información en el sistema de Android (bluetooth). • https://www.exploit-db.com/exploits/44555 https://github.com/ojasookert/CVE-2017-0785 https://github.com/Alfa100001/-CVE-2017-0785-BlueBorne-PoC https://github.com/aymankhalfatni/CVE-2017-0785 https://github.com/CyberKimathi/Py3-CVE-2017-0785 https://github.com/RavSS/Bluetooth-Crash-CVE-2017-0785 https://github.com/MasterCode112/Upgraded_BlueBourne-CVE-2017-0785- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-5114 – chromium-browser: memory lifecycle issue in pdfium
https://notcve.org/view.php?id=CVE-2017-5114
Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file. El uso incorrecto de asignaciones de particiones en PDFium en Google Chrome, en versiones anteriores a la 61.0.3163.79 para Linux, Windows y Mac y a la 61.0.3163.81 para Android, permitía que un atacante remoto pudiese explotar una corrupción de memoria mediante un archivo PDF manipulado. • http://www.debian.org/security/2017/dsa-3985 http://www.securityfocus.com/bid/100610 http://www.securitytracker.com/id/1039291 https://access.redhat.com/errata/RHSA-2017:2676 https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html https://crbug.com/752829 https://security.gentoo.org/glsa/201709-15 https://access.redhat.com/security/cve/CVE-2017-5114 https://bugzilla.redhat.com/show_bug.cgi?id=1488775 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-5120 – chromium-browser: potential https downgrade during redirect navigation
https://notcve.org/view.php?id=CVE-2017-5120
Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could transmit cleartext even though the user had entered an https URL, because of a misdesigned workaround for cases where the domain name in a URL almost matches the domain name in an X.509 server certificate (but differs in the initial "www." substring). El uso incorrecto de redirecciones no coincidentes de www en la navegación por el explorador en Google Chrome, en versiones anteriores a la 61.0.3163.79 para Mac, Windows y Linux y a la 61.0.3163.81 para Android, permitía que un atacante remoto degradase las peticiones HTTPS a HTTP mediante una página HTML manipulada. En otras palabras, Chrome podría transmitir texto en claro incluso aunque el usuario hubiese introducido una URL https. Esto se debe a un método alternativo mal diseñado para los casos en los que el nombre de dominio en una URL casi coincide con el nombre de dominio en un certificado del servidor X.509 (pero difiere en la subcadena "www." inicial). • http://www.debian.org/security/2017/dsa-3985 http://www.securityfocus.com/bid/100610 http://www.securitytracker.com/id/1039291 https://access.redhat.com/errata/RHSA-2017:2676 https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html https://crbug.com/718676 https://security.gentoo.org/glsa/201709-15 https://access.redhat.com/security/cve/CVE-2017-5120 https://bugzilla.redhat.com/show_bug.cgi?id=1488782 •
CVE-2017-5118 – chromium-browser: bypass of content security policy in blink
https://notcve.org/view.php?id=CVE-2017-5118
Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page. Blink en Google Chrome, en versiones anteriores a la 61.0.3163.79 para Mac, Windows y Linux y a la 61.0.3163.81 para Android, no propagaba correctamente las restricciones CSP para páginas de temas JavaScript, lo que permitía que un atacante remoto omitiese la política de seguridad de contenido (CSP) mediante una página HTML manipulada. • http://www.debian.org/security/2017/dsa-3985 http://www.securityfocus.com/bid/100610 http://www.securitytracker.com/id/1039291 https://access.redhat.com/errata/RHSA-2017:2676 https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html https://crbug.com/747847 https://security.gentoo.org/glsa/201709-15 https://access.redhat.com/security/cve/CVE-2017-5118 https://bugzilla.redhat.com/show_bug.cgi?id=1488779 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2017-5116 – chromium-browser: type confusion in v8
https://notcve.org/view.php?id=CVE-2017-5116
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome, en versiones anteriores a la 61.0.3163.79 para Mac, Windows y Linux y a la 61.0.3163.81 para Android, permitía que un atacante remoto ejecutase código arbitrario dentro de un espacio aislado o sandbox mediante una página HTML manipulada. • http://www.debian.org/security/2017/dsa-3985 http://www.securityfocus.com/bid/100610 http://www.securitytracker.com/id/1039291 https://access.redhat.com/errata/RHSA-2017:2676 https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html https://crbug.com/759624 https://security.gentoo.org/glsa/201709-15 https://security.googleblog.com/2018/01/android-security-ecosystem-investments.html https://access.redhat.com/security/cve/CVE-2017-5116 https://bugzilla.redha • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •