Lucene search

K
archlinuxArch LinuxASA-201511-8
HistoryNov 13, 2015 - 12:00 a.m.

chromium: information leakage

2015-11-1300:00:00
Arch Linux
lists.archlinux.org
12

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

84.5%

The PDF viewer does not properly restrict scripting messages and API
exposure, which allows remote attackers to bypass the Same Origin Policy
via an unintended embedder or unintended plugin loading, related to
pdf.js and out_of_process_instance.cc.

OSVersionArchitecturePackageVersionFilename
anyanyanychromium< 46.0.2490.86-1UNKNOWN

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

84.5%