Vulnerability & Exploit Database

Displaying entries 1 - 10 of 12 in total

Results for: CVE-2015-1278 Back to search

SUSE: CVE-2015-7974: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: January 26, 2016

NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

SUSE: CVE-2015-7705: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: October 27, 2015

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-2783-1:

Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticate...

SUSE: CVE-2015-7704: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: October 27, 2015

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-2783-1:

Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticate...

SUSE: CVE-2015-1278: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: July 22, 2015

content/browser/web_contents/web_contents_impl.cc in Google Chrome before 44.0.2403.89 does not ensure that a PDF document's modal dialog is closed upon navigation to an interstitial page, which allows remote attackers to spoof URLs via a crafted document, as demonstrated by the alert_dialog.pdf document.

RHSA-2015:1499: chromium-browser security update Vulnerability

  • Severity: 8
  • Published: July 22, 2015

Chromium is an open-source web browser, powered by WebKit (Blink).Several flaws were found in the processing of malformed web content. A webpage containing malicious content could cause Chromium to crash or,potentially, execute arbitrary code with the privileges of the user runningChromium. (CVE-2015-1271, CVE-2015-1270, CVE-2015-1272, C...

Google Chrome Vulnerability: CVE-2015-1278 Vulnerability

  • Severity: 4
  • Published: July 22, 2015

content/browser/web_contents/web_contents_impl.cc in Google Chrome before 44.0.2403.89 does not ensure that a PDF document's modal dialog is closed upon navigation to an interstitial page, which allows remote attackers to spoof URLs via a crafted document, as demonstrated by the alert_dialog.pdf document.

Gentoo Linux: CVE-2015-1278: Chromium: Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: July 22, 2015

content/browser/web_contents/web_contents_impl.cc in Google Chrome before 44.0.2403.89 does not ensure that a PDF document's modal dialog is closed upon navigation to an interstitial page, which allows remote attackers to spoof URLs via a crafted document, as demonstrated by the alert_dialog.pdf document.

DSA-3315-1 chromium-browser -- security update Vulnerability

  • Severity: 8
  • Published: July 22, 2015

Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

SUSE: CVE-2014-0223: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: October 08, 2014

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.