Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2015-AVI-086
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Contournement provisoire
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003e\u003c/p\u003e",
"content": "## Contournement provisoire\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-1218",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1218"
},
{
"name": "CVE-2015-1212",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1212"
},
{
"name": "CVE-2015-1216",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1216"
},
{
"name": "CVE-2015-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1215"
},
{
"name": "CVE-2015-1224",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1224"
},
{
"name": "CVE-2015-1231",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1231"
},
{
"name": "CVE-2015-1230",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1230"
},
{
"name": "CVE-2015-1213",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1213"
},
{
"name": "CVE-2015-1228",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1228"
},
{
"name": "CVE-2015-1221",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1221"
},
{
"name": "CVE-2015-1222",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1222"
},
{
"name": "CVE-2015-1223",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1223"
},
{
"name": "CVE-2015-1229",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1229"
},
{
"name": "CVE-2015-1227",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1227"
},
{
"name": "CVE-2015-1217",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1217"
},
{
"name": "CVE-2015-1226",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1226"
},
{
"name": "CVE-2015-1220",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1220"
},
{
"name": "CVE-2015-1225",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1225"
},
{
"name": "CVE-2015-1219",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1219"
},
{
"name": "CVE-2015-1214",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1214"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-086",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-03-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Chrome\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Google du 03 mars 2015",
"url": "http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=Feed:+GoogleChromeReleases+%28Google+Chrome+Releases%29"
}
]
}
CVE-2015-1212 (GCVE-0-2015-1212)
Vulnerability from cvelistv5 – Published: 2015-02-06 11:00 – Updated: 2024-08-06 04:33
VLAI?
EPSS
Summary
Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
20 references
Date Public ?
2015-02-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "google-chrome-cve20151212-unspecified(100718)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100718"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=451918"
},
{
"name": "72497",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72497"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=451684"
},
{
"name": "62818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62818"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=446459"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=427303"
},
{
"name": "62925",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62925"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=438365"
},
{
"name": "GLSA-201502-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=445679"
},
{
"name": "62917",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62917"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=455225"
},
{
"name": "RHSA-2015:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0163.html"
},
{
"name": "62670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62670"
},
{
"name": "1031709",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031709"
},
{
"name": "openSUSE-SU-2015:0441",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
},
{
"name": "USN-2495-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2495-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "google-chrome-cve20151212-unspecified(100718)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100718"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=451918"
},
{
"name": "72497",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72497"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=451684"
},
{
"name": "62818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62818"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=446459"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=427303"
},
{
"name": "62925",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62925"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=438365"
},
{
"name": "GLSA-201502-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=445679"
},
{
"name": "62917",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62917"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=455225"
},
{
"name": "RHSA-2015:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0163.html"
},
{
"name": "62670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62670"
},
{
"name": "1031709",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031709"
},
{
"name": "openSUSE-SU-2015:0441",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
},
{
"name": "USN-2495-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2495-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "google-chrome-cve20151212-unspecified(100718)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100718"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=451918",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=451918"
},
{
"name": "72497",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72497"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=451684",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=451684"
},
{
"name": "62818",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62818"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=446459",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=446459"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=427303",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=427303"
},
{
"name": "62925",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62925"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=438365",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=438365"
},
{
"name": "GLSA-201502-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=445679",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=445679"
},
{
"name": "62917",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62917"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=455225",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=455225"
},
{
"name": "RHSA-2015:0163",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0163.html"
},
{
"name": "62670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62670"
},
{
"name": "1031709",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031709"
},
{
"name": "openSUSE-SU-2015:0441",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
},
{
"name": "USN-2495-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2495-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1212",
"datePublished": "2015-02-06T11:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:33:20.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1213 (GCVE-0-2015-1213)
Vulnerability from cvelistv5 – Published: 2015-03-09 00:00 – Updated: 2024-08-06 04:33
VLAI?
EPSS
Summary
The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-2521-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/72901 | vdb-entryx_refsource_BID |
| https://code.google.com/p/chromium/issues/detail?… | x_refsource_CONFIRM |
| https://security.gentoo.org/glsa/201503-12 | vendor-advisoryx_refsource_GENTOO |
| http://rhn.redhat.com/errata/RHSA-2015-0627.html | vendor-advisoryx_refsource_REDHAT |
| http://googlechromereleases.blogspot.com/2015/03/… | x_refsource_CONFIRM |
| https://skia.googlesource.com/skia/+/6af314724f51… | x_refsource_CONFIRM |
Date Public ?
2015-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=448423"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://skia.googlesource.com/skia/+/6af314724f51ad79a640844536c667bb83de5690"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=448423"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://skia.googlesource.com/skia/+/6af314724f51ad79a640844536c667bb83de5690"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2521-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=448423",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=448423"
},
{
"name": "GLSA-201503-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"name": "https://skia.googlesource.com/skia/+/6af314724f51ad79a640844536c667bb83de5690",
"refsource": "CONFIRM",
"url": "https://skia.googlesource.com/skia/+/6af314724f51ad79a640844536c667bb83de5690"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1213",
"datePublished": "2015-03-09T00:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:33:20.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1214 (GCVE-0-2015-1214)
Vulnerability from cvelistv5 – Published: 2015-03-09 00:00 – Updated: 2024-08-06 04:33
VLAI?
EPSS
Summary
Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a reset action with a large count value, leading to an out-of-bounds write operation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-2521-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/72901 | vdb-entryx_refsource_BID |
| https://security.gentoo.org/glsa/201503-12 | vendor-advisoryx_refsource_GENTOO |
| http://rhn.redhat.com/errata/RHSA-2015-0627.html | vendor-advisoryx_refsource_REDHAT |
| http://googlechromereleases.blogspot.com/2015/03/… | x_refsource_CONFIRM |
| https://code.google.com/p/chromium/issues/detail?… | x_refsource_CONFIRM |
| https://skia.googlesource.com/skia/+/23d432080cb8… | x_refsource_CONFIRM |
Date Public ?
2015-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=445810"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://skia.googlesource.com/skia/+/23d432080cb8506bf8e371b1637ce8f2de9c0c05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a reset action with a large count value, leading to an out-of-bounds write operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=445810"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://skia.googlesource.com/skia/+/23d432080cb8506bf8e371b1637ce8f2de9c0c05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a reset action with a large count value, leading to an out-of-bounds write operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2521-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=445810",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=445810"
},
{
"name": "https://skia.googlesource.com/skia/+/23d432080cb8506bf8e371b1637ce8f2de9c0c05",
"refsource": "CONFIRM",
"url": "https://skia.googlesource.com/skia/+/23d432080cb8506bf8e371b1637ce8f2de9c0c05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1214",
"datePublished": "2015-03-09T00:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:33:20.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1215 (GCVE-0-2015-1215)
Vulnerability from cvelistv5 – Published: 2015-03-09 00:00 – Updated: 2024-08-06 04:33
VLAI?
EPSS
Summary
The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-2521-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/72901 | vdb-entryx_refsource_BID |
| https://security.gentoo.org/glsa/201503-12 | vendor-advisoryx_refsource_GENTOO |
| http://rhn.redhat.com/errata/RHSA-2015-0627.html | vendor-advisoryx_refsource_REDHAT |
| http://googlechromereleases.blogspot.com/2015/03/… | x_refsource_CONFIRM |
| https://code.google.com/p/chromium/issues/detail?… | x_refsource_CONFIRM |
Date Public ?
2015-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=445809"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=445809"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2521-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=445809",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=445809"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1215",
"datePublished": "2015-03-09T00:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:33:20.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1216 (GCVE-0-2015-1216)
Vulnerability from cvelistv5 – Published: 2015-03-09 00:00 – Updated: 2024-08-06 04:33
VLAI?
EPSS
Summary
Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a frame detachment.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://src.chromium.org/viewvc/blink?revision=18… | x_refsource_CONFIRM |
| https://code.google.com/p/chromium/issues/detail?… | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-2521-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/72901 | vdb-entryx_refsource_BID |
| https://security.gentoo.org/glsa/201503-12 | vendor-advisoryx_refsource_GENTOO |
| http://rhn.redhat.com/errata/RHSA-2015-0627.html | vendor-advisoryx_refsource_REDHAT |
| http://googlechromereleases.blogspot.com/2015/03/… | x_refsource_CONFIRM |
Date Public ?
2015-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://src.chromium.org/viewvc/blink?revision=189574\u0026view=revision"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=454954"
},
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a frame detachment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://src.chromium.org/viewvc/blink?revision=189574\u0026view=revision"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=454954"
},
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1216",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a frame detachment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://src.chromium.org/viewvc/blink?revision=189574\u0026view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=189574\u0026view=revision"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=454954",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=454954"
},
{
"name": "USN-2521-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1216",
"datePublished": "2015-03-09T00:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:33:20.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1217 (GCVE-0-2015-1217)
Vulnerability from cvelistv5 – Published: 2015-03-09 00:00 – Updated: 2024-08-06 04:33
VLAI?
EPSS
Summary
The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-2521-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/72901 | vdb-entryx_refsource_BID |
| https://security.gentoo.org/glsa/201503-12 | vendor-advisoryx_refsource_GENTOO |
| http://rhn.redhat.com/errata/RHSA-2015-0627.html | vendor-advisoryx_refsource_REDHAT |
| https://src.chromium.org/viewvc/blink?revision=18… | x_refsource_CONFIRM |
| http://googlechromereleases.blogspot.com/2015/03/… | x_refsource_CONFIRM |
| https://code.google.com/p/chromium/issues/detail?… | x_refsource_CONFIRM |
| https://codereview.chromium.org/958543002 | x_refsource_CONFIRM |
| https://codereview.chromium.org/910683002 | x_refsource_CONFIRM |
Date Public ?
2015-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://src.chromium.org/viewvc/blink?revision=189796\u0026view=revision"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=456192"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/958543002"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/910683002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage \"type confusion.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://src.chromium.org/viewvc/blink?revision=189796\u0026view=revision"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=456192"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/958543002"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/910683002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage \"type confusion.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2521-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"name": "https://src.chromium.org/viewvc/blink?revision=189796\u0026view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=189796\u0026view=revision"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=456192",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=456192"
},
{
"name": "https://codereview.chromium.org/958543002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/958543002"
},
{
"name": "https://codereview.chromium.org/910683002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/910683002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1217",
"datePublished": "2015-03-09T00:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:33:20.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1218 (GCVE-0-2015-1218)
Vulnerability from cvelistv5 – Published: 2015-03-09 00:00 – Updated: 2024-08-06 04:33
VLAI?
EPSS
Summary
Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-2521-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/72901 | vdb-entryx_refsource_BID |
| https://security.gentoo.org/glsa/201503-12 | vendor-advisoryx_refsource_GENTOO |
| http://rhn.redhat.com/errata/RHSA-2015-0627.html | vendor-advisoryx_refsource_REDHAT |
| http://googlechromereleases.blogspot.com/2015/03/… | x_refsource_CONFIRM |
| https://code.google.com/p/chromium/issues/detail?… | x_refsource_CONFIRM |
| https://src.chromium.org/viewvc/blink?revision=18… | x_refsource_CONFIRM |
Date Public ?
2015-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=456059"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://src.chromium.org/viewvc/blink?revision=189886\u0026view=revision"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=456059"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://src.chromium.org/viewvc/blink?revision=189886\u0026view=revision"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2521-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "GLSA-201503-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=456059",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=456059"
},
{
"name": "https://src.chromium.org/viewvc/blink?revision=189886\u0026view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=189886\u0026view=revision"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1218",
"datePublished": "2015-03-09T00:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:33:20.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1219 (GCVE-0-2015-1219)
Vulnerability from cvelistv5 – Published: 2015-03-09 00:00 – Updated: 2024-08-06 04:33
VLAI?
EPSS
Summary
Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted allocation of a large amount of memory during WebGL rendering.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://code.google.com/p/chromium/issues/detail?… | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-2521-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/72901 | vdb-entryx_refsource_BID |
| https://skia.googlesource.com/skia/+/2ff257bd95c7… | x_refsource_CONFIRM |
| https://security.gentoo.org/glsa/201503-12 | vendor-advisoryx_refsource_GENTOO |
| http://rhn.redhat.com/errata/RHSA-2015-0627.html | vendor-advisoryx_refsource_REDHAT |
| http://googlechromereleases.blogspot.com/2015/03/… | x_refsource_CONFIRM |
Date Public ?
2015-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=446164"
},
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://skia.googlesource.com/skia/+/2ff257bd95c732b9cebc3aac03fbed72d6e6082a"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted allocation of a large amount of memory during WebGL rendering."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=446164"
},
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://skia.googlesource.com/skia/+/2ff257bd95c732b9cebc3aac03fbed72d6e6082a"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted allocation of a large amount of memory during WebGL rendering."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://code.google.com/p/chromium/issues/detail?id=446164",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=446164"
},
{
"name": "USN-2521-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "https://skia.googlesource.com/skia/+/2ff257bd95c732b9cebc3aac03fbed72d6e6082a",
"refsource": "CONFIRM",
"url": "https://skia.googlesource.com/skia/+/2ff257bd95c732b9cebc3aac03fbed72d6e6082a"
},
{
"name": "GLSA-201503-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1219",
"datePublished": "2015-03-09T00:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:33:20.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1220 (GCVE-0-2015-1220)
Vulnerability from cvelistv5 – Published: 2015-03-09 00:00 – Updated: 2024-08-06 04:33
VLAI?
EPSS
Summary
Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF image.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.ubuntu.com/usn/USN-2521-1 | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/72901 | vdb-entryx_refsource_BID |
| https://src.chromium.org/viewvc/blink?revision=18… | x_refsource_CONFIRM |
| https://security.gentoo.org/glsa/201503-12 | vendor-advisoryx_refsource_GENTOO |
| https://code.google.com/p/chromium/issues/detail?… | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2015-0627.html | vendor-advisoryx_refsource_REDHAT |
| http://googlechromereleases.blogspot.com/2015/03/… | x_refsource_CONFIRM |
Date Public ?
2015-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://src.chromium.org/viewvc/blink?revision=188423\u0026view=revision"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=437651"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://src.chromium.org/viewvc/blink?revision=188423\u0026view=revision"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=437651"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2521-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "72901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "https://src.chromium.org/viewvc/blink?revision=188423\u0026view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=188423\u0026view=revision"
},
{
"name": "GLSA-201503-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=437651",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=437651"
},
{
"name": "RHSA-2015:0627",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1220",
"datePublished": "2015-03-09T00:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:33:20.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1221 (GCVE-0-2015-1221)
Vulnerability from cvelistv5 – Published: 2015-03-09 00:00 – Updated: 2024-08-06 04:33
VLAI?
EPSS
Summary
Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink's main thread, related to the shutdown function in web/WebKit.cpp.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://src.chromium.org/viewvc/blink?revision=19… | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-2521-1 | vendor-advisoryx_refsource_UBUNTU |
| https://src.chromium.org/viewvc/blink?revision=19… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/72901 | vdb-entryx_refsource_BID |
| https://code.google.com/p/chromium/issues/detail?… | x_refsource_CONFIRM |
| https://security.gentoo.org/glsa/201503-12 | vendor-advisoryx_refsource_GENTOO |
| http://rhn.redhat.com/errata/RHSA-2015-0627.html | vendor-advisoryx_refsource_REDHAT |
| http://googlechromereleases.blogspot.com/2015/03/… | x_refsource_CONFIRM |
Date Public ?
2015-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://src.chromium.org/viewvc/blink?revision=190021\u0026view=revision"
},
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://src.chromium.org/viewvc/blink?revision=190035\u0026view=revision"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=455368"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink\u0027s main thread, related to the shutdown function in web/WebKit.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://src.chromium.org/viewvc/blink?revision=190021\u0026view=revision"
},
{
"name": "USN-2521-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://src.chromium.org/viewvc/blink?revision=190035\u0026view=revision"
},
{
"name": "72901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=455368"
},
{
"name": "GLSA-201503-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink\u0027s main thread, related to the shutdown function in web/WebKit.cpp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://src.chromium.org/viewvc/blink?revision=190021\u0026view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=190021\u0026view=revision"
},
{
"name": "USN-2521-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2521-1"
},
{
"name": "https://src.chromium.org/viewvc/blink?revision=190035\u0026view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=190035\u0026view=revision"
},
{
"name": "72901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72901"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=455368",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=455368"
},
{
"name": "GLSA-201503-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-12"
},
{
"name": "RHSA-2015:0627",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0627.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1221",
"datePublished": "2015-03-09T00:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:33:20.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…