Lucene search

[email protected]CVE-2015-6582

HistorySep 03, 2015 - 10:59 p.m.

CVE-2015-6582

2015-09-0322:59:00

CWE-254

[email protected]

web.nvd.nist.gov

cve-2015-6582

blink

google chrome

denial of service

remote attackers

security vulnerability

7.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.2%

JSON

The decompose function in platform/transforms/TransformationMatrix.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not verify that a matrix inversion succeeded, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted web site.

CPENameOperatorVersion
google:chromegoogle chromele44.0.2403

CPE	Name	Operator	Version
google:chrome	google chrome	le	44.0.2403

References

googlechromereleases.blogspot.com/2015/09/stable-channel-update.html

src.chromium.org/viewvc/blink?view=revision&revision=195670

www.securitytracker.com/id/1033472

code.google.com/p/chromium/issues/detail?id=469247

code.google.com/p/chromium/issues/detail?id=526825

7.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.2%

JSON

Related for CVE-2015-6582

debiancve1 prion1 ubuntucve1 kaspersky1 openvas3 nessus1