VuXML: chromium -- multiple vulnerabilities

VuXML ID	e30e0c99-a1b7-11e4-b85c-00262d5ed8ee
Discovery	2015-01-21
Entry	2015-01-21

Google Chrome Releases reports:

62 security fixes in this release, including:

[430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.

[435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.

[434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer.

[422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.

[444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.

[435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.

[442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.

[442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.

[443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.

[429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG.

[427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin.

[427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.

[402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.

[428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.

[419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG.

[416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG.

[399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.

[433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.

[428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl.

[426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.

[422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.

[418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.

[414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.

[414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.

[430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.

[414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia.

[449894] CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives.

Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently 3.30.33.15).

[source]

CVE Name	CVE-2014-7923
CVE Name	CVE-2014-7924
CVE Name	CVE-2014-7925
CVE Name	CVE-2014-7926
CVE Name	CVE-2014-7927
CVE Name	CVE-2014-7928
CVE Name	CVE-2014-7929
CVE Name	CVE-2014-7930
CVE Name	CVE-2014-7931
CVE Name	CVE-2014-7932
CVE Name	CVE-2014-7933
CVE Name	CVE-2014-7934
CVE Name	CVE-2014-7935
CVE Name	CVE-2014-7936
CVE Name	CVE-2014-7937
CVE Name	CVE-2014-7938
CVE Name	CVE-2014-7939
CVE Name	CVE-2014-7940
CVE Name	CVE-2014-7941
CVE Name	CVE-2014-7942
CVE Name	CVE-2014-7943
CVE Name	CVE-2014-7944
CVE Name	CVE-2014-7945
CVE Name	CVE-2014-7946
CVE Name	CVE-2014-7947
CVE Name	CVE-2014-7948
CVE Name	CVE-2015-1205
URL	http://googlechromereleases.blogspot.nl

chromium -- multiple vulnerabilities

Details

References