Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 456
Alerts This Week
Warning Icon 1 456

Debian 8: DSA-3238-1 Critical: Chromium Browser Remote Code Execution

debian
Calendar Grey April 27, 2015
Debian Logo
- ------------------------------------------------------------------------- Debian Security Advisory
Several vulnerabilities were discovered in the chromium web browser

Summary

CVE-2015-1235

A Same Origin Policy bypass issue was discovered in the HTML parser.

CVE-2015-1236

Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API.

CVE-2015-1237

Khalil Zhani discovered a use-after-free issue in IPC.

CVE-2015-1238

cloudfuzzer discovered an out-of-bounds write in the skia library.

CVE-2015-1240

w3bd3vil discovered an out-of-bounds read in the WebGL implementation.

CVE-2015-1241

Phillip Moon and Matt Weston discovered a way to trigger local user
interface actions remotely via a crafted website.

CVE-2015-1242

A type confusion issue was discovered in the v8 javascript library.

CVE-2015-1244

Mike Ruddy discovered a way to bypass the HTTP Strict Transport Security
policy.

CVE-2015-1245

Khalil Zhani discovered a use-after-free issue in the pdfium library.

CVE-2015-1246

Atte Kettunen discovered an out-of-bounds read issue in webkit/blink.

CVE-2015-1247

Jann Horn discovered that "file:" URLs in OpenSearch documents were not
...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: chromium-browser
CVE ID: CVE-2015-1235 CVE-2015-1236 CVE-2015-1237 CVE-2015-1238

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.