Product:

Enterprise_linux_workstation_supplementary

(Redhat)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 86
Date Id Summary Products Score Patch Annotated
2015-03-09 CVE-2015-1229 net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 (aka Proxy Authentication Required) HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response. Ubuntu_linux, Chrome, Enterprise_linux_desktop_supplementary, Enterprise_linux_server, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary N/A
2015-03-09 CVE-2015-1230 The getHiddenProperty function in bindings/core/v8/V8EventListenerList.h in Blink, as used in Google Chrome before 41.0.2272.76, has a name conflict with the AudioContext class, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that adds an AudioContext event listener and triggers "type confusion." Ubuntu_linux, Chrome, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary N/A
2015-03-09 CVE-2015-1231 Multiple unspecified vulnerabilities in Google Chrome before 41.0.2272.76 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Ubuntu_linux, Chrome, Enterprise_linux_desktop_supplementary, Enterprise_linux_server, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary N/A
2015-05-01 CVE-2015-1243 Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an attempt to unregister a MutationObserver object that is not currently registered. Ubuntu_linux, Debian_linux, Chrome, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary N/A
2015-05-01 CVE-2015-1250 Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Ubuntu_linux, Debian_linux, Chrome, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary N/A
2015-07-23 CVE-2015-1270 The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service (read of uninitialized memory) or possibly have unspecified other impact via a crafted file. Debian_linux, Chrome, Opensuse, Solaris, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary N/A
2015-07-23 CVE-2015-1271 PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted PDF document that triggers a large memory allocation. Debian_linux, Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary N/A
2015-07-23 CVE-2015-1272 Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown, related to content/browser/gpu/browser_gpu_channel_host_factory.cc and content/renderer/render_thread_impl.cc. Debian_linux, Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary N/A
2015-07-23 CVE-2015-1273 Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document. Debian_linux, Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary N/A
2015-07-23 CVE-2015-1274 Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous "Always open files of this type" choice, related to download_commands.cc and download_prefs.cc. Debian_linux, Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_workstation_supplementary N/A