cnvd - cnvd-2015-00945

CNVD-2015-00945

Vulnerability from cnvd - Published: 2015-02-09

Title

Google Chrome for Android跨域绕过漏洞

Description

Google Chrome for Android是一款基于安卓的浏览器。 Google Chrome for Android V8绑定存在跨域绕过，允许攻击者构建恶意WEB页，诱使用户解析执行任意代码等。

Severity

高

Patch Name

Google Chrome for Android跨域绕过漏洞的补丁

Patch Description

Google Chrome for Android是一款基于安卓的浏览器。 Google Chrome for Android V8绑定存在跨域绕过，允许攻击者构建恶意WEB页，诱使用户解析执行任意代码等。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

Google Chrome for Android 40.0.2214.109已经修复该漏洞，建议用户下载更新： http://www.google.com/chrome

Reference

http://googlechromereleases.blogspot.jp/2015/02/chrome-for-android-update.html http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1210

Impacted products

Name
google Chrome for Android <40.0.2214.109

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-1210"
    }
  },
  "description": "Google Chrome for Android\u662f\u4e00\u6b3e\u57fa\u4e8e\u5b89\u5353\u7684\u6d4f\u89c8\u5668\u3002\r\n\r\nGoogle Chrome for Android V8\u7ed1\u5b9a\u5b58\u5728\u8de8\u57df\u7ed5\u8fc7\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u6784\u5efa\u6076\u610fWEB\u9875\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\u6267\u884c\u4efb\u610f\u4ee3\u7801\u7b49\u3002",
  "discovererName": "anonymous",
  "formalWay": "Google Chrome for Android 40.0.2214.109\u5df2\u7ecf\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://www.google.com/chrome",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-00945",
  "openTime": "2015-02-09",
  "patchDescription": "Google Chrome for Android\u662f\u4e00\u6b3e\u57fa\u4e8e\u5b89\u5353\u7684\u6d4f\u89c8\u5668\u3002\r\n\r\nGoogle Chrome for Android V8\u7ed1\u5b9a\u5b58\u5728\u8de8\u57df\u7ed5\u8fc7\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u6784\u5efa\u6076\u610fWEB\u9875\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\u6267\u884c\u4efb\u610f\u4ee3\u7801\u7b49\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google Chrome for Android\u8de8\u57df\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "google Chrome for Android \u003c40.0.2214.109"
  },
  "referenceLink": "http://googlechromereleases.blogspot.jp/2015/02/chrome-for-android-update.html\r\nhttp://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1210",
  "serverity": "\u9ad8",
  "submitTime": "2015-02-06",
  "title": "Google Chrome for Android\u8de8\u57df\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2015-1210 (GCVE-0-2015-1210)

Vulnerability from cvelistv5 – Published: 2015-02-06 11:00 – Updated: 2024-08-06 04:33

Summary

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

Severity ?

No CVSS data available.

CWE

Assigner

Chrome

References

URL

Tags

	http://www.securityfocus.com/bid/72497	vdb-entryx_refsource_BID
	http://googlechromereleases.blogspot.com/2015/02/…	x_refsource_CONFIRM
	http://secunia.com/advisories/62818	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/62925	third-party-advisoryx_refsource_SECUNIA
	http://googlechromereleases.blogspot.com/2015/02/…	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-201502-13.xml	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/62917	third-party-advisoryx_refsource_SECUNIA
	https://code.google.com/p/chromium/issues/detail?…	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2015-0163.html	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/62670	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id/1031709	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.ubuntu.com/usn/USN-2495-1	vendor-advisoryx_refsource_UBUNTU
	https://src.chromium.org/viewvc/blink?revision=18…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:33:20.633Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "72497",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72497"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html"
          },
          {
            "name": "62818",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62818"
          },
          {
            "name": "62925",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62925"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html"
          },
          {
            "name": "GLSA-201502-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
          },
          {
            "name": "62917",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62917"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://code.google.com/p/chromium/issues/detail?id=453979"
          },
          {
            "name": "RHSA-2015:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0163.html"
          },
          {
            "name": "62670",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62670"
          },
          {
            "name": "1031709",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031709"
          },
          {
            "name": "openSUSE-SU-2015:0441",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
          },
          {
            "name": "google-chrome-cve20151210-sec-bypass(100716)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100716"
          },
          {
            "name": "USN-2495-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2495-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://src.chromium.org/viewvc/blink?revision=189365\u0026view=revision"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T15:57:01",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "name": "72497",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72497"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html"
        },
        {
          "name": "62818",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62818"
        },
        {
          "name": "62925",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62925"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html"
        },
        {
          "name": "GLSA-201502-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
        },
        {
          "name": "62917",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62917"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://code.google.com/p/chromium/issues/detail?id=453979"
        },
        {
          "name": "RHSA-2015:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0163.html"
        },
        {
          "name": "62670",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62670"
        },
        {
          "name": "1031709",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031709"
        },
        {
          "name": "openSUSE-SU-2015:0441",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
        },
        {
          "name": "google-chrome-cve20151210-sec-bypass(100716)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100716"
        },
        {
          "name": "USN-2495-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2495-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://src.chromium.org/viewvc/blink?revision=189365\u0026view=revision"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2015-1210",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "72497",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72497"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html"
            },
            {
              "name": "62818",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62818"
            },
            {
              "name": "62925",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62925"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html"
            },
            {
              "name": "GLSA-201502-13",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
            },
            {
              "name": "62917",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62917"
            },
            {
              "name": "https://code.google.com/p/chromium/issues/detail?id=453979",
              "refsource": "CONFIRM",
              "url": "https://code.google.com/p/chromium/issues/detail?id=453979"
            },
            {
              "name": "RHSA-2015:0163",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0163.html"
            },
            {
              "name": "62670",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62670"
            },
            {
              "name": "1031709",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031709"
            },
            {
              "name": "openSUSE-SU-2015:0441",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
            },
            {
              "name": "google-chrome-cve20151210-sec-bypass(100716)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100716"
            },
            {
              "name": "USN-2495-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2495-1"
            },
            {
              "name": "https://src.chromium.org/viewvc/blink?revision=189365\u0026view=revision",
              "refsource": "CONFIRM",
              "url": "https://src.chromium.org/viewvc/blink?revision=189365\u0026view=revision"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2015-1210",
    "datePublished": "2015-02-06T11:00:00",
    "dateReserved": "2015-01-21T00:00:00",
    "dateUpdated": "2024-08-06T04:33:20.633Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2015-00945

CVE-2015-1210 (GCVE-0-2015-1210)

Tags

Sightings

Nomenclature