[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-3238-1 chromium-browser -- chromium-browser

ID: oval:org.secpod.oval:def:24273Date: (C)2015-05-11   (M)2024-01-29
Class: PATCHFamily: unix




Several vulnerabilities were discovered in the chromium web browser. CVE-2015-1235 A Same Origin Policy bypass issue was discovered in the HTML parser. CVE-2015-1236 Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API. CVE-2015-1237 Khalil Zhani discovered a use-after-free issue in IPC. CVE-2015-1238 cloudfuzzer discovered an out-of-bounds write in the skia library. CVE-2015-1240 w3bd3vil discovered an out-of-bounds read in the WebGL implementation. CVE-2015-1241 Phillip Moon and Matt Weston discovered a way to trigger local user interface actions remotely via a crafted website. CVE-2015-1242 A type confusion issue was discovered in the v8 javascript library. CVE-2015-1244 Mike Ruddy discovered a way to bypass the HTTP Strict Transport Security policy. CVE-2015-1245 Khalil Zhani discovered a use-after-free issue in the pdfium library. CVE-2015-1246 Atte Kettunen discovered an out-of-bounds read issue in webkit/blink. CVE-2015-1247 Jann Horn discovered that "file:" URLs in OpenSearch documents were not sanitized, which could allow local files to be read remotely when using the OpenSearch feature from a crafted website. CVE-2015-1248 Vittorio Gambaletta discovered a way to bypass the SafeBrowsing feature, which could allow the remote execution of a downloaded executable file. CVE-2015-1249 The chrome 41 development team found various issues from internal fuzzing, audits, and other studies. CVE-2015-3333 Multiple issues were discovered and fixed in v8 4.2.7.14. CVE-2015-3334 It was discovered that remote websites could capture video data from attached web cameras without permission. CVE-2015-3336 It was discovered that remote websites could cause user interface disruptions like window fullscreening and mouse pointer locking.

Platform:
Debian 8.x
Product:
chromium
Reference:
DSA-3238-1
CVE-2015-1235
CVE-2015-1236
CVE-2015-1237
CVE-2015-1238
CVE-2015-1240
CVE-2015-1241
CVE-2015-1242
CVE-2015-1244
CVE-2015-1245
CVE-2015-1246
CVE-2015-1247
CVE-2015-1248
CVE-2015-1249
CVE-2015-3333
CVE-2015-3334
CVE-2015-3336
CVE    16
CVE-2015-1242
CVE-2015-1240
CVE-2015-1238
CVE-2015-1249
...

© SecPod Technologies