Lucene search

[email protected]CVE-2015-1233

HistoryApr 01, 2015 - 9:59 p.m.

CVE-2015-1233

2015-04-0121:59:00

CWE-17

[email protected]

web.nvd.nist.gov

cve-2015-1233

google chrome

remote execution

arbitrary code

security vulnerability

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.063 Low

EPSS

Percentile

93.5%

JSON

Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
google:chromegoogle chromele41.0.2272.102

CPE	Name	Operator	Version
google:chrome	google chrome	le	41.0.2272.102

References

googlechromereleases.blogspot.com/2015/04/stable-channel-update.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00004.html

lists.opensuse.org/opensuse-updates/2015-11/msg00024.html

rhn.redhat.com/errata/RHSA-2015-0778.html

www.securityfocus.com/bid/73484

www.securitytracker.com/id/1032012

www.ubuntu.com/usn/USN-2556-1

code.google.com/p/chromium/issues/detail?id=469058

security.gentoo.org/glsa/201506-04

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.063 Low

EPSS

Percentile

93.5%

JSON

Related for CVE-2015-1233

debiancve1 ubuntucve1 prion1 openvas6 chrome1 redhat1 nessus7 suse1 archlinux1 kaspersky1 mageia1 ubuntu1 gentoo1