Lucene search

[email protected]CVE-2015-1299

HistorySep 03, 2015 - 10:59 p.m.

CVE-2015-1299

2015-09-0322:59:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2015-1299

use-after-free

vulnerability

blink

shared-timer

chrome

google chrome

denial of service

threadtimers.cpp

timer.cpp

nvd

9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%

JSON

Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firing, related to ThreadTimers.cpp and Timer.cpp.

CPENameOperatorVersion
google:chromegoogle chromele44.0.2403

CPE	Name	Operator	Version
google:chrome	google chrome	le	44.0.2403

References

googlechromereleases.blogspot.com/2015/09/stable-channel-update.html

lists.opensuse.org/opensuse-updates/2015-09/msg00029.html

lists.opensuse.org/opensuse-updates/2015-11/msg00013.html

rhn.redhat.com/errata/RHSA-2015-1712.html

www.debian.org/security/2015/dsa-3351

www.securitytracker.com/id/1033472

code.google.com/p/chromium/issues/detail?id=416362

codereview.chromium.org/1153763005/

codereview.chromium.org/956333002/

codereview.chromium.org/959263002/

security.gentoo.org/glsa/201603-09

9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%

JSON

Related for CVE-2015-1299

prion1 ubuntucve1 debiancve1 nessus9 securityvulns2 ubuntu1 openvas8 threatpost1 chrome1 osv1 freebsd1 archlinux1 debian2 redhat1 mageia1 kaspersky1 gentoo1