Google Chrome vulnerabilities

CVE-2015-1209 [HIGH] CWE-416 CVE-2015-1209: Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecif

CVE-2015-1212 [HIGH] CVE-2015-1212: Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Lin Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVE-2015-1211 [HIGH] CVE-2015-1211: The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatch The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.

CVE-2015-1210 [MEDIUM] CVE-2015-1210: The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass

CVE-2015-1360 [HIGH] CVE-2015-1360: Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of ser Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data that is improperly handled during text drawing, related to gpu/GrBitmapTextContext.cpp and gpu/GrDistanceFieldTextContext.cpp, a different vulnerability than CVE-2015-1205.

CVE-2014-9647 [MEDIUM] CVE-2014-9647: Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/src/fpdfview.cpp and fpdfsdk/src/fsdk_mgr.cpp, a different vulnerability than CVE-2015-1205.

CVE-2014-9648 [MEDIUM] CWE-284 CVE-2014-9648: components/navigation_interception/intercept_navigation_resource_throttle.cc in Google Chrome before components/navigation_interception/intercept_navigation_resource_throttle.cc in Google Chrome before 40.0.2214.91 on Android does not properly restrict use of intent: URLs to open an application after navigation to a web site, which allows remote attackers to cause a denial of service (loss of browser access to that site) via crafted JavaScript code,

CVE-2015-1361 [MEDIUM] CVE-2015-1361: platform/image-decoders/ImageFrame.h in Blink, as used in Google Chrome before 40.0.2214.91, does no platform/image-decoders/ImageFrame.h in Blink, as used in Google Chrome before 40.0.2214.91, does not initialize a variable that is used in calls to the Skia SkBitmap::setAlphaType function, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document, a different vulnerability than CVE-

CVE-2015-1359 [MEDIUM] CVE-2015-1359: Multiple off-by-one errors in fpdfapi/fpdf_font/font_int.h in PDFium, as used in Google Chrome befor Multiple off-by-one errors in fpdfapi/fpdf_font/font_int.h in PDFium, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted PDF document, related to an "intra-object-overflow" issue, a different vulnerability than CVE-2015-1205.

CVE-2014-9646 [MEDIUM] CWE-264 CVE-2014-9646: Unquoted Windows search path vulnerability in the GoogleChromeDistribution::DoPostUninstallOperation Unquoted Windows search path vulnerability in the GoogleChromeDistribution::DoPostUninstallOperations function in installer/util/google_chrome_distribution.cc in the uninstall-survey feature in Google Chrome before 40.0.2214.91 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% directory, as demonstrated by program.e

CVE-2014-7933 [HIGH] CVE-2014-7933: Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmp Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data.

CVE-2014-7929 [HIGH] CWE-17 CVE-2014-7929: Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HT Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving movement of a SCRIPT element across d

CVE-2014-7926 [HIGH] CWE-17 CVE-2014-7926: The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.

CVE-2014-7938 [HIGH] CWE-119 CVE-2014-7938: The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a den The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

CVE-2014-7928 [HIGH] CWE-19 CVE-2014-7928: hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, does not properly handle arrays hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, does not properly handle arrays with holes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers an array copy.

CVE-2014-7925 [HIGH] CVE-2014-7925: Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome befor Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improperly maintained.

CVE-2015-1205 [HIGH] CVE-2015-1205: Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVE-2015-1346 [HIGH] CVE-2015-1346: Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVE-2014-7930 [HIGH] CVE-2014-7930: Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in B Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data.

CVE-2014-7932 [HIGH] CVE-2014-7932: Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM impl Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving pending updates of detached elements.