» 2017 » 1월

CVE-2016-5220

Posted on 2017년 1월 19일2017년 1월 19일 by admin

CVE-2016-5220

PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to read local files via a crafted PDF file.

Source: CVE-2016-5220

CVE-2016-5221

Posted on 2017년 1월 19일2017년 1월 19일 by admin

CVE-2016-5221

Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page.

Source: CVE-2016-5221

CVE-2016-5222

Posted on 2017년 1월 19일2017년 1월 19일 by admin

CVE-2016-5222

Incorrect handling of invalid URLs in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

Source: CVE-2016-5222

CVE-2016-5199

Posted on 2017년 1월 19일2017년 1월 19일 by admin

CVE-2016-5199

An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

Source: CVE-2016-5199

CVE-2016-5200

Posted on 2017년 1월 19일2017년 1월 19일 by admin

CVE-2016-5200

V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Source: CVE-2016-5200

CVE-2016-5201

Posted on 2017년 1월 19일2017년 1월 19일 by admin

CVE-2016-5201

A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged JavaScript code via a crafted HTML page.

Source: CVE-2016-5201

CVE-2016-5204

Posted on 2017년 1월 19일2017년 1월 19일 by admin

CVE-2016-5204

Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

Source: CVE-2016-5204

CVE-2016-5203

Posted on 2017년 1월 19일2017년 1월 19일 by admin

CVE-2016-5203

A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Source: CVE-2016-5203

CVE-2016-5218

Posted on 2017년 1월 19일2017년 1월 19일 by admin

CVE-2016-5218

The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox (URL bar) via a crafted HTML page containing PDF data.

Source: CVE-2016-5218

CVE-2016-5215

Posted on 2017년 1월 19일2017년 1월 19일 by admin

CVE-2016-5215

A use after free in webaudio in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Source: CVE-2016-5215