Lucene search

[email protected]CVE-2015-1260

HistoryMay 20, 2015 - 10:59 a.m.

CVE-2015-1260

2015-05-2010:59:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2015-1260

use-after-free vulnerabilities

webrtc

google chrome

denial of service

getusermedia

nvd

7.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

85.2%

JSON

Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon completion of a getUserMedia request.

CPENameOperatorVersion
debian:debian_linuxdebian debian linuxeq8.0
google:chromegoogle chromele42.0.2311.152

CPE	Name	Operator	Version
debian:debian_linux	debian debian linux	eq	8.0
google:chrome	google chrome	le	42.0.2311.152

References

googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html

lists.opensuse.org/opensuse-updates/2015-05/msg00091.html

lists.opensuse.org/opensuse-updates/2015-11/msg00015.html

www.debian.org/security/2015/dsa-3267

www.securityfocus.com/bid/74723

www.securitytracker.com/id/1032375

code.google.com/p/chromium/issues/detail?id=474370

codereview.chromium.org/1075833002

security.gentoo.org/glsa/201506-04

7.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

85.2%

JSON

Related for CVE-2015-1260

debiancve1 ubuntucve1 prion1 openvas8 nessus9 ubuntu1 archlinux1 securityvulns2 freebsd1 debian2 chrome1 mageia1 threatpost1 redhat1 kaspersky1 osv1 gentoo1