CVE-2018-18351 – chromium-browser: Insufficient policy enforcement in Navigation
https://notcve.org/view.php?id=CVE-2018-18351
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page. La falta de validación adecuada de los frames ancestor al enviar cookies lax en Navigation en Google Chrome en versiones anteriores a la 71.0.3578.80 permitía que un atacante remoto omita la política de la cookie SameSite mediante una página HTML manipulada. • http://www.securityfocus.com/bid/106084 https://access.redhat.com/errata/RHSA-2018:3803 https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html https://crbug.com/833847 https://security.gentoo.org/glsa/201908-18 https://www.debian.org/security/2018/dsa-4352 https://access.redhat.com/security/cve/CVE-2018-18351 https://bugzilla.redhat.com/show_bug.cgi?id=1656565 • CWE-20: Improper Input Validation •
CVE-2018-18340 – chromium-browser: Use after free in MediaRecorder
https://notcve.org/view.php?id=CVE-2018-18340
Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. El ciclo de vida de un objecto incorrecto en MediaRecorder en Google Chrome, en versiones anteriores a la 71.0.3578.80, permite que un atacante remoto explote la corrupción de la memoria dinámica (heap) mediante una página HTML manipulada. • http://www.securityfocus.com/bid/106084 https://access.redhat.com/errata/RHSA-2018:3803 https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html https://crbug.com/896736 https://security.gentoo.org/glsa/201908-18 https://www.debian.org/security/2018/dsa-4352 https://access.redhat.com/security/cve/CVE-2018-18340 https://bugzilla.redhat.com/show_bug.cgi?id=1656554 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVE-2018-18349 – chromium-browser: Insufficient policy enforcement in Blink
https://notcve.org/view.php?id=CVE-2018-18349
Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension. Se permitía de manera incorrecta la navegación remota de tramas en Blink en Google Chrome en versiones anteriores a 71.0.3578.80, lo que permitía que un atacante convenciera a un usuario para que instalase una extensión maliciosa y así acceder a archivos en el sistema de archivos local mediante una extensión de Chrome manipulada. • http://www.securityfocus.com/bid/106084 https://access.redhat.com/errata/RHSA-2018:3803 https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html https://crbug.com/894399 https://security.gentoo.org/glsa/201908-18 https://www.debian.org/security/2018/dsa-4352 https://access.redhat.com/security/cve/CVE-2018-18349 https://bugzilla.redhat.com/show_bug.cgi?id=1656563 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2018-18344 – chromium-browser: Inappropriate implementation in Extensions
https://notcve.org/view.php?id=CVE-2018-18344
Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension. La asignación incorrecta de la funcionalidad de protocolo "setDownloadBehavior" en Extensions en Google Chrome en versiones anteriores a 71.0.3578.80 permitía a un atacante remoto con el control de una extensión instalada acceder a archivos en el sistema remoto mediante una extensión de Chrome manipulada. • http://www.securityfocus.com/bid/106084 https://access.redhat.com/errata/RHSA-2018:3803 https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html https://crbug.com/866426 https://security.gentoo.org/glsa/201908-18 https://www.debian.org/security/2018/dsa-4352 https://access.redhat.com/security/cve/CVE-2018-18344 https://bugzilla.redhat.com/show_bug.cgi?id=1656558 • CWE-269: Improper Privilege Management •
CVE-2018-18347 – chromium-browser: Inappropriate implementation in Navigation
https://notcve.org/view.php?id=CVE-2018-18347
Incorrect handling of failed navigations with invalid URLs in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to trick a user into executing javascript in an arbitrary origin via a crafted HTML page. El manejo incorrecto de sesiones de navegación fallidas con URL inválidas en Navigation en Google Chrome en versiones anteriores a la 71.0.3578.80 permitía a un atacante remoto engañar a un usuario para que ejecutase código JavaScript en un origen arbitrario mediante una página HTML manipulada. • http://www.securityfocus.com/bid/106084 https://access.redhat.com/errata/RHSA-2018:3803 https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html https://crbug.com/850824 https://security.gentoo.org/glsa/201908-18 https://www.debian.org/security/2018/dsa-4352 https://access.redhat.com/security/cve/CVE-2018-18347 https://bugzilla.redhat.com/show_bug.cgi?id=1656561 • CWE-20: Improper Input Validation •