CVE-2015-1284

2015-07-2300:59:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2015-1284

information security

vulnerability

blink

google chrome

denial of service

use-after-free

javascript

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.4%

JSON

The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page’s maximum number of frames, which allows remote attackers to cause a denial of service (invalid count value and use-after-free) or possibly have unspecified other impact via crafted JavaScript code that makes many createElement calls for IFRAME elements.

CPENameOperatorVersion
google:chromegoogle chromele43.0.2357.134
redhat:enterprise_linux_desktop_supplementaryredhat enterprise linux desktop supplementaryeq6.0
redhat:enterprise_linux_server_supplementaryredhat enterprise linux server supplementaryeq6.0
redhat:enterprise_linux_workstation_supplementaryredhat enterprise linux workstation supplementaryeq6.0
redhat:enterprise_linux_server_supplementaryredhat enterprise linux server supplementaryeq6.7.z
opensuse:opensuseopensuseeq13.1
opensuse:opensuseopensuseeq13.2

CPE	Name	Operator	Version
google:chrome	google chrome	le	43.0.2357.134
redhat:enterprise_linux_desktop_supplementary	redhat enterprise linux desktop supplementary	eq	6.0
redhat:enterprise_linux_server_supplementary	redhat enterprise linux server supplementary	eq	6.0
redhat:enterprise_linux_workstation_supplementary	redhat enterprise linux workstation supplementary	eq	6.0
redhat:enterprise_linux_server_supplementary	redhat enterprise linux server supplementary	eq	6.7.z
opensuse:opensuse	opensuse	eq	13.1
opensuse:opensuse	opensuse	eq	13.2