Lucene search

[email protected]CVE-2015-6788

HistoryDec 14, 2015 - 11:59 a.m.

CVE-2015-6788

2015-12-1411:59:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

google chrome

objectbackednativehandler

extensions subsystem

cve-2015-6788

type confusion

denial of service

9.3 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.3%

JSON

The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage “type confusion.”

CPENameOperatorVersion
google:chromegoogle chromele47.0.2526.73

CPE	Name	Operator	Version
google:chrome	google chrome	le	47.0.2526.73

References

googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html

rhn.redhat.com/errata/RHSA-2015-2618.html

www.debian.org/security/2015/dsa-3418

www.securityfocus.com/bid/78734

code.google.com/p/chromium/issues/detail?id=548273

codereview.chromium.org/1422383003/

security.gentoo.org/glsa/201603-09

9.3 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.3%

JSON

Related for CVE-2015-6788

ubuntucve1 prion1 debiancve1 debian2 redhat1 archlinux1 nessus8 threatpost1 openvas8 freebsd1 osv1 chrome1 mageia1 suse2 gentoo1