VuXML: chromium -- multiple vulnerabilities

VuXML ID	a9350df8-5157-11e5-b5c1-e8e0b747a45a
Discovery	2015-09-01
Entry	2015-09-02

Google Chrome Releases reports:

29 security fixes in this release, including:

[516377] High CVE-2015-1291: Cross-origin bypass in DOM. Credit to anonymous.

[522791] High CVE-2015-1292: Cross-origin bypass in ServiceWorker. Credit to Mariusz Mlynski.

[524074] High CVE-2015-1293: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.

[492263] High CVE-2015-1294: Use-after-free in Skia. Credit to cloudfuzzer.

[502562] High CVE-2015-1295: Use-after-free in Printing. Credit to anonymous.

[421332] High CVE-2015-1296: Character spoofing in omnibox. Credit to zcorpan.

[510802] Medium CVE-2015-1297: Permission scoping error in Webrequest. Credit to Alexander Kashev.

[518827] Medium CVE-2015-1298: URL validation error in extensions. Credit to Rob Wu.

[416362] Medium CVE-2015-1299: Use-after-free in Blink. Credit to taro.suzuki.dev.

[511616] Medium CVE-2015-1300: Information leak in Blink. Credit to cgvwzq.

[526825] CVE-2015-1301: Various fixes from internal audits, fuzzing and other initiatives.

[source]

chromium -- multiple vulnerabilities

Details

References

CVE Name	CVE-2015-1291
CVE Name	CVE-2015-1292
CVE Name	CVE-2015-1293
CVE Name	CVE-2015-1294
CVE Name	CVE-2015-1295
CVE Name	CVE-2015-1296
CVE Name	CVE-2015-1297
CVE Name	CVE-2015-1298
CVE Name	CVE-2015-1299
CVE Name	CVE-2015-1300
CVE Name	CVE-2015-1301
URL	http://googlechromereleases.blogspot.nl