Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_workstation
(Redhat)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-10-27 | CVE-2017-5103 | Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 4.3 | ||
2017-10-27 | CVE-2017-5104 | Inappropriate implementation in interstitials in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to spoof the contents of the omnibox via a crafted HTML page. | Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
2017-10-27 | CVE-2017-5105 | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. | Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
2017-10-27 | CVE-2017-5106 | Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. | Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
2017-10-27 | CVE-2017-5107 | A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page. | Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 5.3 | ||
2017-10-27 | CVE-2017-5108 | Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file. | Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 | ||
2017-10-27 | CVE-2017-5109 | Inappropriate implementation of unload handler handling in permission prompts in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page. | Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 4.3 | ||
2017-10-27 | CVE-2017-5110 | Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. | Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
2017-10-27 | CVE-2017-5111 | A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file. | Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 | ||
2017-10-27 | CVE-2017-5113 | Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 |