logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2015-1263

Description

The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file.


Affected Software


CPE Name Name Version
google:chrome google chrome 42.0.2311.152
debian:debian_linux debian debian linux 8.0

Related