Debian DSA-3238-1 : chromium-browser - security update

2015-04-29T00:00:00

Description

Several vulnerabilities were discovered in the chromium web browser. - CVE-2015-1235 A Same Origin Policy bypass issue was discovered in the HTML parser. - CVE-2015-1236 Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API. - CVE-2015-1237 Khalil Zhani discovered a use-after-free issue in IPC. - CVE-2015-1238 'cloudfuzzer' discovered an out-of-bounds write in the skia library. - CVE-2015-1240 'w3bd3vil' discovered an out-of-bounds read in the WebGL implementation. - CVE-2015-1241 Phillip Moon and Matt Weston discovered a way to trigger local user interface actions remotely via a crafted website. - CVE-2015-1242 A type confusion issue was discovered in the v8 JavaScript library. - CVE-2015-1244 Mike Ruddy discovered a way to bypass the HTTP Strict Transport Security policy. - CVE-2015-1245 Khalil Zhani discovered a use-after-free issue in the pdfium library. - CVE-2015-1246 Atte Kettunen discovered an out-of-bounds read issue in webkit/blink. - CVE-2015-1247 Jann Horn discovered that 'file:' URLs in OpenSearch documents were not sanitized, which could allow local files to be read remotely when using the OpenSearch feature from a crafted website. - CVE-2015-1248 Vittorio Gambaletta discovered a way to bypass the SafeBrowsing feature, which could allow the remote execution of a downloaded executable file. - CVE-2015-1249 The chrome 41 development team found various issues from internal fuzzing, audits, and other studies. - CVE-2015-3333 Multiple issues were discovered and fixed in v8 4.2.7.14. - CVE-2015-3334 It was discovered that remote websites could capture video data from attached web cameras without permission. - CVE-2015-3336 It was discovered that remote websites could cause user interface disruptions like window fullscreening and mouse pointer locking.

{"id": "DEBIAN_DSA-3238.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DSA-3238-1 : chromium-browser - security update", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\n - CVE-2015-1235 A Same Origin Policy bypass issue was discovered in the HTML parser.\n\n - CVE-2015-1236 Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API.\n\n - CVE-2015-1237 Khalil Zhani discovered a use-after-free issue in IPC.\n\n - CVE-2015-1238 'cloudfuzzer' discovered an out-of-bounds write in the skia library.\n\n - CVE-2015-1240 'w3bd3vil' discovered an out-of-bounds read in the WebGL implementation.\n\n - CVE-2015-1241 Phillip Moon and Matt Weston discovered a way to trigger local user interface actions remotely via a crafted website.\n\n - CVE-2015-1242 A type confusion issue was discovered in the v8 JavaScript library.\n\n - CVE-2015-1244 Mike Ruddy discovered a way to bypass the HTTP Strict Transport Security policy.\n\n - CVE-2015-1245 Khalil Zhani discovered a use-after-free issue in the pdfium library.\n\n - CVE-2015-1246 Atte Kettunen discovered an out-of-bounds read issue in webkit/blink.\n\n - CVE-2015-1247 Jann Horn discovered that 'file:' URLs in OpenSearch documents were not sanitized, which could allow local files to be read remotely when using the OpenSearch feature from a crafted website.\n\n - CVE-2015-1248 Vittorio Gambaletta discovered a way to bypass the SafeBrowsing feature, which could allow the remote execution of a downloaded executable file.\n\n - CVE-2015-1249 The chrome 41 development team found various issues from internal fuzzing, audits, and other studies.\n\n - CVE-2015-3333 Multiple issues were discovered and fixed in v8 4.2.7.14.\n\n - CVE-2015-3334 It was discovered that remote websites could capture video data from attached web cameras without permission.\n\n - CVE-2015-3336 It was discovered that remote websites could cause user interface disruptions like window fullscreening and mouse pointer locking.", "published": "2015-04-29T00:00:00", "modified": "2021-01-11T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/83120", "reporter": "This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3334", "https://security-tracker.debian.org/tracker/CVE-2015-1236", "https://security-tracker.debian.org/tracker/CVE-2015-1238", "https://security-tracker.debian.org/tracker/CVE-2015-1242", "https://security-tracker.debian.org/tracker/CVE-2015-3333", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1242", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1240", "https://security-tracker.debian.org/tracker/CVE-2015-1235", "https://security-tracker.debian.org/tracker/CVE-2015-1240", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1244", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1238", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1245", "https://www.debian.org/security/2015/dsa-3238", "https://security-tracker.debian.org/tracker/CVE-2015-1246", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1247", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1248", "https://security-tracker.debian.org/tracker/CVE-2015-1245", "https://security-tracker.debian.org/tracker/CVE-2015-1247", "https://security-tracker.debian.org/tracker/CVE-2015-1237", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1236", "https://security-tracker.debian.org/tracker/CVE-2015-1248", "https://packages.debian.org/source/jessie/chromium-browser", "https://security-tracker.debian.org/tracker/CVE-2015-3336", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1249", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1237", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3333", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1246", "https://security-tracker.debian.org/tracker/CVE-2015-1241", "https://security-tracker.debian.org/tracker/CVE-2015-1244", "https://security-tracker.debian.org/tracker/CVE-2015-3334", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3336", "https://security-tracker.debian.org/tracker/CVE-2015-1249", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1235", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1241"], "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249", "CVE-2015-3333", "CVE-2015-3334", "CVE-2015-3336"], "immutableFields": [], "lastseen": "2023-01-11T14:53:07", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "archlinux", "idList": ["ASA-201504-19"]}, {"type": "chrome", "idList": ["GCSA-2222529096158216213"]}, {"type": "cve", "idList": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249", "CVE-2015-3333", "CVE-2015-3334", "CVE-2015-3336"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3238-1:9F70A", "DEBIAN:DSA-3238-1:B141F"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-1235", "DEBIANCVE:CVE-2015-1236", "DEBIANCVE:CVE-2015-1237", "DEBIANCVE:CVE-2015-1238", "DEBIANCVE:CVE-2015-1240", "DEBIANCVE:CVE-2015-1241", "DEBIANCVE:CVE-2015-1242", "DEBIANCVE:CVE-2015-1244", "DEBIANCVE:CVE-2015-1245", "DEBIANCVE:CVE-2015-1246", "DEBIANCVE:CVE-2015-1247", "DEBIANCVE:CVE-2015-1248", "DEBIANCVE:CVE-2015-1249", "DEBIANCVE:CVE-2015-3333", "DEBIANCVE:CVE-2015-3334", "DEBIANCVE:CVE-2015-3336"]}, {"type": "freebsd", "idList": ["B57F690E-ECC9-11E4-876C-00262D5ED8EE"]}, {"type": "gentoo", "idList": ["GLSA-201506-04"]}, {"type": "kaspersky", "idList": ["KLA10546"]}, {"type": "mageia", "idList": ["MGASA-2015-0164"]}, {"type": "nessus", "idList": ["8778.PASL", "FREEBSD_PKG_B57F690EECC911E4876C00262D5ED8EE.NASL", "GENTOO_GLSA-201506-04.NASL", "GOOGLE_CHROME_42_0_2311_90.NASL", "MACOSX_GOOGLE_CHROME_42_0_2311_90.NASL", "OPENSUSE-2015-320.NASL", "REDHAT-RHSA-2015-0816.NASL", "UBUNTU_USN-2570-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121381", "OPENVAS:1361412562310703238", "OPENVAS:1361412562310805421", "OPENVAS:1361412562310805422", "OPENVAS:1361412562310805423", "OPENVAS:1361412562310805457", "OPENVAS:1361412562310805468", "OPENVAS:1361412562310805469", "OPENVAS:1361412562310805503", "OPENVAS:1361412562310805504", "OPENVAS:1361412562310805505", "OPENVAS:1361412562310842181", "OPENVAS:703238"]}, {"type": "osv", "idList": ["OSV:DSA-3238-1"]}, {"type": "redhat", "idList": ["RHSA-2015:0816"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31999", "SECURITYVULNS:VULN:14346", "SECURITYVULNS:VULN:14435"]}, {"type": "thn", "idList": ["THN:5567C5205B537235576972984F283879"]}, {"type": "threatpost", "idList": ["THREATPOST:9A58ECA2DAAEE4EA3304CFA18B16F775"]}, {"type": "ubuntu", "idList": ["USN-2570-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-1235", "UB:CVE-2015-1236", "UB:CVE-2015-1237", "UB:CVE-2015-1238", "UB:CVE-2015-1240", "UB:CVE-2015-1241", "UB:CVE-2015-1242", "UB:CVE-2015-1244", "UB:CVE-2015-1245", "UB:CVE-2015-1246", "UB:CVE-2015-1247", "UB:CVE-2015-1248", "UB:CVE-2015-1249", "UB:CVE-2015-3333", "UB:CVE-2015-3334", "UB:CVE-2015-3336"]}]}, "score": {"value": 0.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "chrome", "idList": ["GCSA-2222529096158216213"]}, {"type": "cve", "idList": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249", "CVE-2015-3333", "CVE-2015-3334", "CVE-2015-3336"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3238-1:9F70A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-1235", "DEBIANCVE:CVE-2015-1246", "DEBIANCVE:CVE-2015-1249"]}, {"type": "freebsd", "idList": ["B57F690E-ECC9-11E4-876C-00262D5ED8EE"]}, {"type": "gentoo", "idList": ["GLSA-201506-04"]}, {"type": "nessus", "idList": ["8778.PASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107358"]}, {"type": "redhat", "idList": ["RHSA-2015:0816"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14435"]}, {"type": "thn", "idList": ["THN:5567C5205B537235576972984F283879"]}, {"type": "ubuntu", "idList": ["USN-2570-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-1240"]}]}, "exploitation": null, "vulnersScore": 0.5}, "_state": {"dependencies": 1673449426, "score": 1673449353}, "_internal": {"score_hash": "9ab1fb3af5cfbb0a8966448691b62052"}, "pluginID": "83120", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3238. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83120);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1235\", \"CVE-2015-1236\", \"CVE-2015-1237\", \"CVE-2015-1238\", \"CVE-2015-1240\", \"CVE-2015-1241\", \"CVE-2015-1242\", \"CVE-2015-1244\", \"CVE-2015-1245\", \"CVE-2015-1246\", \"CVE-2015-1247\", \"CVE-2015-1248\", \"CVE-2015-1249\", \"CVE-2015-3333\", \"CVE-2015-3334\", \"CVE-2015-3336\");\n script_bugtraq_id(74165, 74167, 74221, 74225, 74227);\n script_xref(name:\"DSA\", value:\"3238\");\n\n script_name(english:\"Debian DSA-3238-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in the chromium web browser.\n\n - CVE-2015-1235\n A Same Origin Policy bypass issue was discovered in the\n HTML parser.\n\n - CVE-2015-1236\n Amitay Dobo discovered a Same Origin Policy bypass in\n the Web Audio API.\n\n - CVE-2015-1237\n Khalil Zhani discovered a use-after-free issue in IPC.\n\n - CVE-2015-1238\n 'cloudfuzzer' discovered an out-of-bounds write in the\n skia library.\n\n - CVE-2015-1240\n 'w3bd3vil' discovered an out-of-bounds read in the WebGL\n implementation.\n\n - CVE-2015-1241\n Phillip Moon and Matt Weston discovered a way to trigger\n local user interface actions remotely via a crafted\n website.\n\n - CVE-2015-1242\n A type confusion issue was discovered in the v8\n JavaScript library.\n\n - CVE-2015-1244\n Mike Ruddy discovered a way to bypass the HTTP Strict\n Transport Security policy.\n\n - CVE-2015-1245\n Khalil Zhani discovered a use-after-free issue in the\n pdfium library.\n\n - CVE-2015-1246\n Atte Kettunen discovered an out-of-bounds read issue in\n webkit/blink.\n\n - CVE-2015-1247\n Jann Horn discovered that 'file:' URLs in OpenSearch\n documents were not sanitized, which could allow local\n files to be read remotely when using the OpenSearch\n feature from a crafted website.\n\n - CVE-2015-1248\n Vittorio Gambaletta discovered a way to bypass the\n SafeBrowsing feature, which could allow the remote\n execution of a downloaded executable file.\n\n - CVE-2015-1249\n The chrome 41 development team found various issues from\n internal fuzzing, audits, and other studies.\n\n - CVE-2015-3333\n Multiple issues were discovered and fixed in v8\n 4.2.7.14.\n\n - CVE-2015-3334\n It was discovered that remote websites could capture\n video data from attached web cameras without permission.\n\n - CVE-2015-3336\n It was discovered that remote websites could cause user\n interface disruptions like window fullscreening and\n mouse pointer locking.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1245\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-3333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-3334\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-3336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3238\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 42.0.2311.90-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"chromedriver\", reference:\"42.0.2311.90-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium\", reference:\"42.0.2311.90-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-dbg\", reference:\"42.0.2311.90-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-inspector\", reference:\"42.0.2311.90-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"chromium-l10n\", reference:\"42.0.2311.90-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:8.0"], "solution": "Upgrade the chromium-browser packages.\n\nFor the stable distribution (jessie), these problems have been fixed in version 42.0.2311.90-1~deb8u1.", "nessusSeverity": "High", "cvssScoreSource": "", "vendor_cvss2": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2015-04-26T00:00:00", "vulnerabilityPublicationDate": "2015-04-19T00:00:00", "exploitableWith": []}

{"osv": [{"lastseen": "2022-08-10T07:10:30", "description": "\nSeveral vulnerabilities were discovered in the chromium web browser.\n\n\n* [CVE-2015-1235](https://security-tracker.debian.org/tracker/CVE-2015-1235)\nA Same Origin Policy bypass issue was discovered in the HTML \n parser.\n* [CVE-2015-1236](https://security-tracker.debian.org/tracker/CVE-2015-1236)\nAmitay Dobo discovered a Same Origin Policy bypass in the Web Audio \n API.\n* [CVE-2015-1237](https://security-tracker.debian.org/tracker/CVE-2015-1237)\nKhalil Zhani discovered a use-after-free issue in IPC.\n* [CVE-2015-1238](https://security-tracker.debian.org/tracker/CVE-2015-1238)\ncloudfuzzer discovered an out-of-bounds write in the skia \n library.\n* [CVE-2015-1240](https://security-tracker.debian.org/tracker/CVE-2015-1240)\nw3bd3vil discovered an out-of-bounds read in the WebGL \n implementation.\n* [CVE-2015-1241](https://security-tracker.debian.org/tracker/CVE-2015-1241)\nPhillip Moon and Matt Weston discovered a way to trigger local user\n interface actions remotely via a crafted website.\n* [CVE-2015-1242](https://security-tracker.debian.org/tracker/CVE-2015-1242)\nA type confusion issue was discovered in the v8 javascript \n library.\n* [CVE-2015-1244](https://security-tracker.debian.org/tracker/CVE-2015-1244)\nMike Ruddy discovered a way to bypass the HTTP Strict Transport Security\n policy.\n* [CVE-2015-1245](https://security-tracker.debian.org/tracker/CVE-2015-1245)\nKhalil Zhani discovered a use-after-free issue in the pdfium \n library.\n* [CVE-2015-1246](https://security-tracker.debian.org/tracker/CVE-2015-1246)\nAtte Kettunen discovered an out-of-bounds read issue in \n webkit/blink.\n* [CVE-2015-1247](https://security-tracker.debian.org/tracker/CVE-2015-1247)\nJann Horn discovered that file: URLs in OpenSearch documents were not\n sanitized, which could allow local files to be read remotely when using\n the OpenSearch feature from a crafted website.\n* [CVE-2015-1248](https://security-tracker.debian.org/tracker/CVE-2015-1248)\nVittorio Gambaletta discovered a way to bypass the SafeBrowsing feature,\n which could allow the remote execution of a downloaded executable \n file.\n* [CVE-2015-1249](https://security-tracker.debian.org/tracker/CVE-2015-1249)\nThe chrome 41 development team found various issues from internal\n fuzzing, audits, and other studies.\n* [CVE-2015-3333](https://security-tracker.debian.org/tracker/CVE-2015-3333)\nMultiple issues were discovered and fixed in v8 4.2.7.14.\n* [CVE-2015-3334](https://security-tracker.debian.org/tracker/CVE-2015-3334)\nIt was discovered that remote websites could capture video data from\n attached web cameras without permission.\n* [CVE-2015-3336](https://security-tracker.debian.org/tracker/CVE-2015-3336)\nIt was discovered that remote websites could cause user interface\n disruptions like window fullscreening and mouse pointer locking.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 42.0.2311.90-1~deb8u1.\n\n\nFor the testing (stretch) and unstable (sid) distributions, these problems\nhave been fixed in version 42.0.2311.90-1.\n\n\nWe recommend that you upgrade your chromium-browser packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2015-04-26T00:00:00", "type": "osv", "title": "chromium-browser - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3336", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "modified": "2022-08-10T07:10:28", "id": "OSV:DSA-3238-1", "href": "https://osv.dev/vulnerability/DSA-3238-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-21T22:46:32", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3238-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nApril 26, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2015-1235 CVE-2015-1236 CVE-2015-1237 CVE-2015-1238\n CVE-2015-1240 CVE-2015-1241 CVE-2015-1242 CVE-2015-1244\n CVE-2015-1245 CVE-2015-1246 CVE-2015-1247 CVE-2015-1248\n CVE-2015-1249 CVE-2015-3333 CVE-2015-3334 CVE-2015-3336\n\nSeveral vulnerabilities were discovered in the chromium web browser.\n\nCVE-2015-1235\n\n A Same Origin Policy bypass issue was discovered in the HTML parser.\n\nCVE-2015-1236\n\n Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API.\n\nCVE-2015-1237\n\n Khalil Zhani discovered a use-after-free issue in IPC.\n\nCVE-2015-1238\n\n cloudfuzzer discovered an out-of-bounds write in the skia library.\n\nCVE-2015-1240\n\n w3bd3vil discovered an out-of-bounds read in the WebGL implementation.\n\nCVE-2015-1241\n\n Phillip Moon and Matt Weston discovered a way to trigger local user\n interface actions remotely via a crafted website.\n\nCVE-2015-1242\n\n A type confusion issue was discovered in the v8 javascript library.\n\nCVE-2015-1244\n\n Mike Ruddy discovered a way to bypass the HTTP Strict Transport Security\n policy.\n\nCVE-2015-1245\n\n Khalil Zhani discovered a use-after-free issue in the pdfium library.\n\nCVE-2015-1246\n\n Atte Kettunen discovered an out-of-bounds read issue in webkit/blink.\n\nCVE-2015-1247\n\n Jann Horn discovered that "file:" URLs in OpenSearch documents were not\n sanitized, which could allow local files to be read remotely when using\n the OpenSearch feature from a crafted website.\n\nCVE-2015-1248\n\n Vittorio Gambaletta discovered a way to bypass the SafeBrowsing feature,\n which could allow the remote execution of a downloaded executable file.\n\nCVE-2015-1249\n\n The chrome 41 development team found various issues from internal\n fuzzing, audits, and other studies.\n\nCVE-2015-3333\n\n Multiple issues were discovered and fixed in v8 4.2.7.14.\n\nCVE-2015-3334\n\n It was discovered that remote websites could capture video data from\n attached web cameras without permission.\n\nCVE-2015-3336\n\n It was discovered that remote websites could cause user interface\n disruptions like window fullscreening and mouse pointer locking.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 42.0.2311.90-1~deb8u1.\n\nFor the testing (stretch) and unstable (sid) distributions, these problems\nhave been fixed in version 42.0.2311.90-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-04-27T02:41:29", "type": "debian", "title": "[SECURITY] [DSA 3238-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249", "CVE-2015-3333", "CVE-2015-3334", "CVE-2015-3336"], "modified": "2015-04-27T02:41:29", "id": "DEBIAN:DSA-3238-1:9F70A", "href": "https://lists.debian.org/debian-security-announce/2015/msg00126.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-28T01:02:52", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3238-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nApril 26, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2015-1235 CVE-2015-1236 CVE-2015-1237 CVE-2015-1238\n CVE-2015-1240 CVE-2015-1241 CVE-2015-1242 CVE-2015-1244\n CVE-2015-1245 CVE-2015-1246 CVE-2015-1247 CVE-2015-1248\n CVE-2015-1249 CVE-2015-3333 CVE-2015-3334 CVE-2015-3336\n\nSeveral vulnerabilities were discovered in the chromium web browser.\n\nCVE-2015-1235\n\n A Same Origin Policy bypass issue was discovered in the HTML parser.\n\nCVE-2015-1236\n\n Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API.\n\nCVE-2015-1237\n\n Khalil Zhani discovered a use-after-free issue in IPC.\n\nCVE-2015-1238\n\n cloudfuzzer discovered an out-of-bounds write in the skia library.\n\nCVE-2015-1240\n\n w3bd3vil discovered an out-of-bounds read in the WebGL implementation.\n\nCVE-2015-1241\n\n Phillip Moon and Matt Weston discovered a way to trigger local user\n interface actions remotely via a crafted website.\n\nCVE-2015-1242\n\n A type confusion issue was discovered in the v8 javascript library.\n\nCVE-2015-1244\n\n Mike Ruddy discovered a way to bypass the HTTP Strict Transport Security\n policy.\n\nCVE-2015-1245\n\n Khalil Zhani discovered a use-after-free issue in the pdfium library.\n\nCVE-2015-1246\n\n Atte Kettunen discovered an out-of-bounds read issue in webkit/blink.\n\nCVE-2015-1247\n\n Jann Horn discovered that "file:" URLs in OpenSearch documents were not\n sanitized, which could allow local files to be read remotely when using\n the OpenSearch feature from a crafted website.\n\nCVE-2015-1248\n\n Vittorio Gambaletta discovered a way to bypass the SafeBrowsing feature,\n which could allow the remote execution of a downloaded executable file.\n\nCVE-2015-1249\n\n The chrome 41 development team found various issues from internal\n fuzzing, audits, and other studies.\n\nCVE-2015-3333\n\n Multiple issues were discovered and fixed in v8 4.2.7.14.\n\nCVE-2015-3334\n\n It was discovered that remote websites could capture video data from\n attached web cameras without permission.\n\nCVE-2015-3336\n\n It was discovered that remote websites could cause user interface\n disruptions like window fullscreening and mouse pointer locking.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 42.0.2311.90-1~deb8u1.\n\nFor the testing (stretch) and unstable (sid) distributions, these problems\nhave been fixed in version 42.0.2311.90-1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-04-27T02:41:29", "type": "debian", "title": "[SECURITY] [DSA 3238-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249", "CVE-2015-3333", "CVE-2015-3334", "CVE-2015-3336"], "modified": "2015-04-27T02:41:29", "id": "DEBIAN:DSA-3238-1:B141F", "href": "https://lists.debian.org/debian-security-announce/2015/msg00126.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-24T12:54:03", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2015-1235 \nA Same Origin Policy bypass issue was discovered in the HTML\nparser.\n\nCVE-2015-1236 \nAmitay Dobo discovered a Same Origin Policy bypass in the Web Audio\nAPI.\n\nCVE-2015-1237 \nKhalil Zhani discovered a use-after-free issue in IPC.\n\nCVE-2015-1238cloudfuzzer \ndiscovered an out-of-bounds write in the skia\nlibrary.\n\nCVE-2015-1240w3bd3vil \ndiscovered an out-of-bounds read in the WebGL\nimplementation.\n\nCVE-2015-1241 \nPhillip Moon and Matt Weston discovered a way to trigger local user\ninterface actions remotely via a crafted website.\n\nCVE-2015-1242 \nA type confusion issue was discovered in the v8 javascript\nlibrary.\n\nCVE-2015-1244 \nMike Ruddy discovered a way to bypass the HTTP Strict Transport Security\npolicy.\n\nCVE-2015-1245 \nKhalil Zhani discovered a use-after-free issue in the pdfium\nlibrary.\n\nCVE-2015-1246 \nAtte Kettunen discovered an out-of-bounds read issue in\nwebkit/blink.\n\nCVE-2015-1247Jann Horn discovered that file: \nURLs in OpenSearch documents were not\nsanitized, which could allow local files to be read remotely when using\nthe OpenSearch feature from a crafted website.\n\nCVE-2015-1248 \nVittorio Gambaletta discovered a way to bypass the SafeBrowsing feature,\nwhich could allow the remote execution of a downloaded executable\nfile.\n\nCVE-2015-1249 \nThe chrome 41 development team found various issues from internal\nfuzzing, audits, and other studies.\n\nCVE-2015-3333 \nMultiple issues were discovered and fixed in v8 4.2.7.14.\n\nCVE-2015-3334 \nIt was discovered that remote websites could capture video data from\nattached web cameras without permission.\n\nCVE-2015-3336 \nIt was discovered that remote websites could cause user interface\ndisruptions like window fullscreening and mouse pointer locking.", "cvss3": {}, "published": "2015-04-26T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3238-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3336", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703238", "href": "http://plugins.openvas.org/nasl.php?oid=703238", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3238.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3238-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703238);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-1235\", \"CVE-2015-1236\", \"CVE-2015-1237\", \"CVE-2015-1238\",\n \"CVE-2015-1240\", \"CVE-2015-1241\", \"CVE-2015-1242\", \"CVE-2015-1244\",\n \"CVE-2015-1245\", \"CVE-2015-1246\", \"CVE-2015-1247\", \"CVE-2015-1248\",\n \"CVE-2015-1249\", \"CVE-2015-3333\", \"CVE-2015-3334\", \"CVE-2015-3336\");\n script_name(\"Debian Security Advisory DSA 3238-1 (chromium-browser - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-04-26 00:00:00 +0200 (Sun, 26 Apr 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3238.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"chromium-browser on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 42.0.2311.90-1~deb8u1.\n\nFor the testing (stretch) and unstable (sid) distributions, these problems\nhave been fixed in version 42.0.2311.90-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2015-1235 \nA Same Origin Policy bypass issue was discovered in the HTML\nparser.\n\nCVE-2015-1236 \nAmitay Dobo discovered a Same Origin Policy bypass in the Web Audio\nAPI.\n\nCVE-2015-1237 \nKhalil Zhani discovered a use-after-free issue in IPC.\n\nCVE-2015-1238cloudfuzzer \ndiscovered an out-of-bounds write in the skia\nlibrary.\n\nCVE-2015-1240w3bd3vil \ndiscovered an out-of-bounds read in the WebGL\nimplementation.\n\nCVE-2015-1241 \nPhillip Moon and Matt Weston discovered a way to trigger local user\ninterface actions remotely via a crafted website.\n\nCVE-2015-1242 \nA type confusion issue was discovered in the v8 javascript\nlibrary.\n\nCVE-2015-1244 \nMike Ruddy discovered a way to bypass the HTTP Strict Transport Security\npolicy.\n\nCVE-2015-1245 \nKhalil Zhani discovered a use-after-free issue in the pdfium\nlibrary.\n\nCVE-2015-1246 \nAtte Kettunen discovered an out-of-bounds read issue in\nwebkit/blink.\n\nCVE-2015-1247Jann Horn discovered that file: \nURLs in OpenSearch documents were not\nsanitized, which could allow local files to be read remotely when using\nthe OpenSearch feature from a crafted website.\n\nCVE-2015-1248 \nVittorio Gambaletta discovered a way to bypass the SafeBrowsing feature,\nwhich could allow the remote execution of a downloaded executable\nfile.\n\nCVE-2015-1249 \nThe chrome 41 development team found various issues from internal\nfuzzing, audits, and other studies.\n\nCVE-2015-3333 \nMultiple issues were discovered and fixed in v8 4.2.7.14.\n\nCVE-2015-3334 \nIt was discovered that remote websites could capture video data from\nattached web cameras without permission.\n\nCVE-2015-3336 \nIt was discovered that remote websites could cause user interface\ndisruptions like window fullscreening and mouse pointer locking.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"42.0.2311.90-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"42.0.2311.90-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"42.0.2311.90-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"42.0.2311.90-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"42.0.2311.90-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"42.0.2311.90-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"42.0.2311.90-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"42.0.2311.90-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"42.0.2311.90-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:53", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2015-1235\nA Same Origin Policy bypass issue was discovered in the HTML\nparser.\n\nCVE-2015-1236\nAmitay Dobo discovered a Same Origin Policy bypass in the Web Audio\nAPI.\n\nCVE-2015-1237\nKhalil Zhani discovered a use-after-free issue in IPC.\n\nCVE-2015-1238cloudfuzzer\ndiscovered an out-of-bounds write in the skia\nlibrary.\n\nCVE-2015-1240w3bd3vil\ndiscovered an out-of-bounds read in the WebGL\nimplementation.\n\nCVE-2015-1241\nPhillip Moon and Matt Weston discovered a way to trigger local user\ninterface actions remotely via a crafted website.\n\nCVE-2015-1242\nA type confusion issue was discovered in the v8 javascript\nlibrary.\n\nCVE-2015-1244\nMike Ruddy discovered a way to bypass the HTTP Strict Transport Security\npolicy.\n\nCVE-2015-1245\nKhalil Zhani discovered a use-after-free issue in the pdfium\nlibrary.\n\nCVE-2015-1246\nAtte Kettunen discovered an out-of-bounds read issue in\nwebkit/blink.\n\nCVE-2015-1247Jann Horn discovered that file:\nURLs in OpenSearch documents were not\nsanitized, which could allow local files to be read remotely when using\nthe OpenSearch feature from a crafted website.\n\nCVE-2015-1248\nVittorio Gambaletta discovered a way to bypass the SafeBrowsing feature,\nwhich could allow the remote execution of a downloaded executable\nfile.\n\nCVE-2015-1249\nThe chrome 41 development team found various issues from internal\nfuzzing, audits, and other studies.\n\nCVE-2015-3333\nMultiple issues were discovered and fixed in v8 4.2.7.14.\n\nCVE-2015-3334\nIt was discovered that remote websites could capture video data from\nattached web cameras without permission.\n\nCVE-2015-3336\nIt was discovered that remote websites could cause user interface\ndisruptions like window fullscreening and mouse pointer locking.", "cvss3": {}, "published": "2015-04-26T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3238-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3336", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703238", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703238", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3238.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3238-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703238\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2015-1235\", \"CVE-2015-1236\", \"CVE-2015-1237\", \"CVE-2015-1238\",\n \"CVE-2015-1240\", \"CVE-2015-1241\", \"CVE-2015-1242\", \"CVE-2015-1244\",\n \"CVE-2015-1245\", \"CVE-2015-1246\", \"CVE-2015-1247\", \"CVE-2015-1248\",\n \"CVE-2015-1249\", \"CVE-2015-3333\", \"CVE-2015-3334\", \"CVE-2015-3336\");\n script_name(\"Debian Security Advisory DSA 3238-1 (chromium-browser - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-04-26 00:00:00 +0200 (Sun, 26 Apr 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3238.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these problems have been fixed in\nversion 42.0.2311.90-1~deb8u1.\n\nFor the testing (stretch) and unstable (sid) distributions, these problems\nhave been fixed in version 42.0.2311.90-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2015-1235\nA Same Origin Policy bypass issue was discovered in the HTML\nparser.\n\nCVE-2015-1236\nAmitay Dobo discovered a Same Origin Policy bypass in the Web Audio\nAPI.\n\nCVE-2015-1237\nKhalil Zhani discovered a use-after-free issue in IPC.\n\nCVE-2015-1238cloudfuzzer\ndiscovered an out-of-bounds write in the skia\nlibrary.\n\nCVE-2015-1240w3bd3vil\ndiscovered an out-of-bounds read in the WebGL\nimplementation.\n\nCVE-2015-1241\nPhillip Moon and Matt Weston discovered a way to trigger local user\ninterface actions remotely via a crafted website.\n\nCVE-2015-1242\nA type confusion issue was discovered in the v8 javascript\nlibrary.\n\nCVE-2015-1244\nMike Ruddy discovered a way to bypass the HTTP Strict Transport Security\npolicy.\n\nCVE-2015-1245\nKhalil Zhani discovered a use-after-free issue in the pdfium\nlibrary.\n\nCVE-2015-1246\nAtte Kettunen discovered an out-of-bounds read issue in\nwebkit/blink.\n\nCVE-2015-1247Jann Horn discovered that file:\nURLs in OpenSearch documents were not\nsanitized, which could allow local files to be read remotely when using\nthe OpenSearch feature from a crafted website.\n\nCVE-2015-1248\nVittorio Gambaletta discovered a way to bypass the SafeBrowsing feature,\nwhich could allow the remote execution of a downloaded executable\nfile.\n\nCVE-2015-1249\nThe chrome 41 development team found various issues from internal\nfuzzing, audits, and other studies.\n\nCVE-2015-3333\nMultiple issues were discovered and fixed in v8 4.2.7.14.\n\nCVE-2015-3334\nIt was discovered that remote websites could capture video data from\nattached web cameras without permission.\n\nCVE-2015-3336\nIt was discovered that remote websites could cause user interface\ndisruptions like window fullscreening and mouse pointer locking.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"42.0.2311.90-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"42.0.2311.90-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"42.0.2311.90-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"42.0.2311.90-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"42.0.2311.90-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"42.0.2311.90-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"42.0.2311.90-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"42.0.2311.90-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"42.0.2311.90-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:14:07", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-04-21T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Apr15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3335", "CVE-2015-3336", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310805469", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805469", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-02 Apr15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805469\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2015-3335\", \"CVE-2015-3334\", \"CVE-2015-3333\", \"CVE-2015-1249\",\n \"CVE-2015-1247\", \"CVE-2015-1246\", \"CVE-2015-1244\", \"CVE-2015-1242\",\n \"CVE-2015-1241\", \"CVE-2015-1240\", \"CVE-2015-1238\", \"CVE-2015-1237\",\n \"CVE-2015-1236\", \"CVE-2015-1235\", \"CVE-2015-3336\");\n script_bugtraq_id(72715, 74227, 74225, 74221);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-04-21 18:47:21 +0530 (Tue, 21 Apr 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Apr15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - Missing address space usage limitation in the NaCl process.\n\n - Permissions for camera and microphone are merged into a single 'Media'\n permission instead of treated as two separate permission.\n\n - Flaw in the 'SearchEngineTabHelper::OnPageHasOSDD' function in\n ui/search_engines/search_engine_tab_helper.cc script that is triggered when\n handling URLs for OpenSearch descriptor.\n\n - An unspecified out-of-bounds read flaw in Blink.\n\n - A flaw related to WebSocket connections as HSTS\n (HTTP Strict Transport Security) is not enforced.\n\n - A type confusion flaw in the 'ReduceTransitionElementsKind' function in\n hydrogen-check-elimination.cc script related to HTransitionElementsKind\n handling.\n\n - A Tap-Jacking flaw that is triggered as certain synthetic Tap events aren't\n preceded by TapDown events.\n\n - An unspecified out-of-bounds read flaw in WebGL related to handling of ES3\n commands.\n\n - An unspecified out-of-bounds write flaw in Skia.\n\n - A use-after-free error in content/renderer/render_frame_impl.cc script.\n\n - A flaw in the 'MediaElementAudioSourceNode::process' function in\n modules/webaudio/MediaElementAudioSourceNode.cpp script.\n\n - An unspecified flaw in the HTML Parser.\n\n - Multiple unspecified Vulnerabilities\n\n - Browser does not confirm with the user before setting\n CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass security restrictions, conduct row-hammer attacks,\n obtain sensitive data, trigger unintended UI actions via crafted dimension,\n cause a denial of service and other unspecified impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 42.0.2311.90 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 42.0.2311.90 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"42.0.2311.90\"))\n{\n report = 'Installed version: ' + chromeVer + '\\n' +\n 'Fixed version: 42.0.2311.90' + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:14:07", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-04-21T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Apr15 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3335", "CVE-2015-3336", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310805468", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805468", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-02 Apr15 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805468\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2015-3335\", \"CVE-2015-3334\", \"CVE-2015-3333\", \"CVE-2015-1249\",\n \"CVE-2015-1247\", \"CVE-2015-1246\", \"CVE-2015-1244\", \"CVE-2015-1242\",\n \"CVE-2015-1241\", \"CVE-2015-1240\", \"CVE-2015-1238\", \"CVE-2015-1237\",\n \"CVE-2015-1236\", \"CVE-2015-1235\", \"CVE-2015-3336\");\n script_bugtraq_id(72715, 74227, 74225, 74221);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-04-21 18:46:52 +0530 (Tue, 21 Apr 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Apr15 (Linux)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - Missing address space usage limitation in the NaCl process.\n\n - Permissions for camera and microphone are merged into a single 'Media'\n permission instead of treated as two separate permission.\n\n - Flaw in the 'SearchEngineTabHelper::OnPageHasOSDD' function in\n ui/search_engines/search_engine_tab_helper.cc script that is triggered when\n handling URLs for OpenSearch descriptor.\n\n - An unspecified out-of-bounds read flaw in Blink.\n\n - A flaw related to WebSocket connections as HSTS\n (HTTP Strict Transport Security) is not enforced.\n\n - A type confusion flaw in the 'ReduceTransitionElementsKind' function in\n hydrogen-check-elimination.cc script related to HTransitionElementsKind\n handling.\n\n - A Tap-Jacking flaw that is triggered as certain synthetic Tap events aren't\n preceded by TapDown events.\n\n - An unspecified out-of-bounds read flaw in WebGL related to handling of ES3\n commands.\n\n - An unspecified out-of-bounds write flaw in Skia.\n\n - A use-after-free error in content/renderer/render_frame_impl.cc script.\n\n - A flaw in the 'MediaElementAudioSourceNode::process' function in\n modules/webaudio/MediaElementAudioSourceNode.cpp script.\n\n - An unspecified flaw in the HTML Parser.\n\n - Multiple unspecified Vulnerabilities\n\n - Browser does not confirm with the user before setting\n CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass security restrictions, conduct row-hammer attacks,\n obtain sensitive data, trigger unintended UI actions via crafted dimension,\n cause a denial of service and other unspecified impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 42.0.2311.90 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 42.0.2311.90 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"42.0.2311.90\"))\n{\n report = 'Installed version: ' + chromeVer + '\\n' +\n 'Fixed version: 42.0.2311.90' + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:13:36", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-04-21T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-02 Apr15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3335", "CVE-2015-3336", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310805457", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805457", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities-02 Apr15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805457\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2015-3335\", \"CVE-2015-3334\", \"CVE-2015-3333\", \"CVE-2015-1249\",\n \"CVE-2015-1247\", \"CVE-2015-1246\", \"CVE-2015-1244\", \"CVE-2015-1242\",\n \"CVE-2015-1241\", \"CVE-2015-1240\", \"CVE-2015-1238\", \"CVE-2015-1237\",\n \"CVE-2015-1236\", \"CVE-2015-1235\", \"CVE-2015-3336\");\n script_bugtraq_id(72715, 74227, 74225, 74221);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-04-21 18:18:54 +0530 (Tue, 21 Apr 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-02 Apr15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - Missing address space usage limitation in the NaCl process.\n\n - Permissions for camera and microphone are merged into a single 'Media'\n permission instead of treated as two separate permission.\n\n - Flaw in the 'SearchEngineTabHelper::OnPageHasOSDD' function in\n ui/search_engines/search_engine_tab_helper.cc script that is triggered when\n handling URLs for OpenSearch descriptor.\n\n - An unspecified out-of-bounds read flaw in Blink.\n\n - A flaw related to WebSocket connections as HSTS\n (HTTP Strict Transport Security) is not enforced.\n\n - A type confusion flaw in the 'ReduceTransitionElementsKind' function in\n hydrogen-check-elimination.cc script related to HTransitionElementsKind\n handling.\n\n - A Tap-Jacking flaw that is triggered as certain synthetic Tap events aren't\n preceded by TapDown events.\n\n - An unspecified out-of-bounds read flaw in WebGL related to handling of ES3\n commands.\n\n - An unspecified out-of-bounds write flaw in Skia.\n\n - A use-after-free error in content/renderer/render_frame_impl.cc script.\n\n - A flaw in the 'MediaElementAudioSourceNode::process' function in\n modules/webaudio/MediaElementAudioSourceNode.cpp script.\n\n - An unspecified flaw in the HTML Parser.\n\n - Multiple unspecified Vulnerabilities\n\n - Browser does not confirm with the user before setting\n CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass security restrictions, conduct row-hammer attacks,\n obtain sensitive data, trigger unintended UI actions via crafted dimension,\n cause a denial of service and other unspecified impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 42.0.2311.90 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 42.0.2311.90 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"42.0.2311.90\"))\n{\n report = 'Installed version: ' + chromeVer + '\\n' +\n 'Fixed version: 42.0.2311.90' + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-04-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for oxide-qt USN-2570-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1321", "CVE-2015-1238", "CVE-2015-1249"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842181", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842181", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for oxide-qt USN-2570-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842181\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-04-28 05:17:12 +0200 (Tue, 28 Apr 2015)\");\n script_cve_id(\"CVE-2015-1235\", \"CVE-2015-1236\", \"CVE-2015-1237\", \"CVE-2015-1238\",\n \"CVE-2015-1240\", \"CVE-2015-1241\", \"CVE-2015-1242\", \"CVE-2015-1244\",\n \"CVE-2015-1246\", \"CVE-2015-1249\", \"CVE-2015-1321\", \"CVE-2015-3333\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for oxide-qt USN-2570-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'oxide-qt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"An issue was discovered in the HTML parser\nin Blink. If a user were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to bypass same-origin restrictions.\n(CVE-2015-1235)\n\nAn issue was discovered in the Web Audio API implementation in Blink. If\na user were tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to bypass same-origin restrictions.\n(CVE-2015-1236)\n\nA use-after-free was discovered in Chromium. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash, or execute arbitrary\ncode with the privileges of the sandboxed render process. (CVE-2015-1237)\n\nAn out-of-bounds write was discovered in Skia. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application crash or execute\narbitrary code with the privileges of the user invoking the program.\n(CVE-2015-1238)\n\nAn out-of-bounds read was discovered in the WebGL implementation. If a\nuser were tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to cause a denial of service via renderer\ncrash. (CVE-2015-1240)\n\nAn issue was discovered with the interaction of page navigation and touch\nevent handling. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to conduct\n'tap jacking' attacks. (CVE-2015-1241)\n\nA type confusion bug was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash, or execute arbitrary\ncode with the privileges of the sandboxed render process. (CVE-2015-1242)\n\nIt was discovered that websocket connections were not upgraded whenever a\nHSTS policy is active. A remote attacker could potentially exploit this\nto conduct a man in the middle (MITM) attack. (CVE-2015-1244)\n\nAn out-of-bounds read was discovered in Blink. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash.\n(CVE-2015-1246)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2015-1249)\n\nA use-aft ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"oxide-qt on Ubuntu 14.10,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2570-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2570-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.6.5-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.6.5-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:amd64\", ver:\"1.6.5-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:i386\", ver:\"1.6.5-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:i386\", ver:\"1.6.5-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:amd64\", ver:\"1.6.5-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:amd64\", ver:\"1.6.5-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.6.5-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:amd64\", ver:\"1.6.5-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:i386\", ver:\"1.6.5-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:amd64\", ver:\"1.6.5-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:i386\", ver:\"1.6.5-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:11", "description": "Gentoo Linux Local Security Checks GLSA 201506-04", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201506-04", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1265", "CVE-2015-1247", "CVE-2015-1257", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1250", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1243", "CVE-2015-1252", "CVE-2015-1233", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1256", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1238", "CVE-2015-1264", "CVE-2015-1234"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121381", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121381", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201506-04.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121381\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:51 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201506-04\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201506-04\");\n script_cve_id(\"CVE-2015-1233\", \"CVE-2015-1234\", \"CVE-2015-1235\", \"CVE-2015-1236\", \"CVE-2015-1237\", \"CVE-2015-1238\", \"CVE-2015-1240\", \"CVE-2015-1241\", \"CVE-2015-1242\", \"CVE-2015-1243\", \"CVE-2015-1244\", \"CVE-2015-1245\", \"CVE-2015-1246\", \"CVE-2015-1247\", \"CVE-2015-1248\", \"CVE-2015-1250\", \"CVE-2015-1251\", \"CVE-2015-1252\", \"CVE-2015-1253\", \"CVE-2015-1254\", \"CVE-2015-1255\", \"CVE-2015-1256\", \"CVE-2015-1257\", \"CVE-2015-1258\", \"CVE-2015-1259\", \"CVE-2015-1260\", \"CVE-2015-1262\", \"CVE-2015-1263\", \"CVE-2015-1264\", \"CVE-2015-1265\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201506-04\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 43.0.2357.65\"), vulnerable: make_list(\"lt 43.0.2357.65\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:28", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-03-13T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-01 Mar15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1220", "CVE-2015-1218", "CVE-2015-1214", "CVE-2011-5319", "CVE-2015-1223", "CVE-2015-1225", "CVE-2015-1231", "CVE-2015-1217", "CVE-2015-1213", "CVE-2015-1239", "CVE-2015-1227", "CVE-2015-1228", "CVE-2015-1224", "CVE-2015-1215", "CVE-2015-1222", "CVE-2015-1226", "CVE-2015-1245", "CVE-2015-1219", "CVE-2015-1229", "CVE-2015-1221", "CVE-2015-1216", "CVE-2015-1232", "CVE-2014-9689", "CVE-2015-1238", "CVE-2015-1230"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310805504", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805504", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln01_mar15_macosx.nasl 14183 2019-03-14 13:19:22Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities-01 Mar15 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805504\");\n script_version(\"$Revision: 14183 $\");\n script_cve_id(\"CVE-2015-1213\", \"CVE-2015-1214\", \"CVE-2015-1215\", \"CVE-2015-1216\",\n \"CVE-2015-1217\", \"CVE-2015-1218\", \"CVE-2015-1219\", \"CVE-2015-1220\",\n \"CVE-2015-1221\", \"CVE-2015-1222\", \"CVE-2015-1223\", \"CVE-2015-1224\",\n \"CVE-2015-1225\", \"CVE-2015-1226\", \"CVE-2015-1227\", \"CVE-2015-1228\",\n \"CVE-2015-1229\", \"CVE-2015-1230\", \"CVE-2015-1231\", \"CVE-2015-1232\",\n \"CVE-2015-1238\", \"CVE-2015-1239\", \"CVE-2015-1245\", \"CVE-2014-9689\",\n \"CVE-2011-5319\");\n script_bugtraq_id(72901, 72916);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 14:19:22 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-13 14:48:07 +0530 (Fri, 13 Mar 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-01 Mar15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For details refer\n reference section.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to dereference already freed memory, potentially execute arbitrary code,\n potentially disclose memory contents, gain unauthorized access to information,\n cause a denial of service, conduct cookie-injection attacks and other unspecified\n impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 41.0.2272.76 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 41.0.2272.76 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=444957\");\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=463349\");\n script_xref(name:\"URL\", value:\"https://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"41.0.2272.76\"))\n{\n report = 'Installed version: ' + chromeVer + '\\n' +\n 'Fixed version: 41.0.2272.76' + '\\n';\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:39", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-03-13T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-01 Mar15 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1220", "CVE-2015-1218", "CVE-2015-1214", "CVE-2011-5319", "CVE-2015-1223", "CVE-2015-1225", "CVE-2015-1231", "CVE-2015-1217", "CVE-2015-1213", "CVE-2015-1239", "CVE-2015-1227", "CVE-2015-1228", "CVE-2015-1224", "CVE-2015-1215", "CVE-2015-1222", "CVE-2015-1226", "CVE-2015-1245", "CVE-2015-1219", "CVE-2015-1229", "CVE-2015-1221", "CVE-2015-1216", "CVE-2015-1232", "CVE-2014-9689", "CVE-2015-1238", "CVE-2015-1230"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310805505", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805505", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln01_mar15_lin.nasl 14183 2019-03-14 13:19:22Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities-01 Mar15 (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805505\");\n script_version(\"$Revision: 14183 $\");\n script_cve_id(\"CVE-2015-1213\", \"CVE-2015-1214\", \"CVE-2015-1215\", \"CVE-2015-1216\",\n \"CVE-2015-1217\", \"CVE-2015-1218\", \"CVE-2015-1219\", \"CVE-2015-1220\",\n \"CVE-2015-1221\", \"CVE-2015-1222\", \"CVE-2015-1223\", \"CVE-2015-1224\",\n \"CVE-2015-1225\", \"CVE-2015-1226\", \"CVE-2015-1227\", \"CVE-2015-1228\",\n \"CVE-2015-1229\", \"CVE-2015-1230\", \"CVE-2015-1231\", \"CVE-2015-1232\",\n \"CVE-2015-1238\", \"CVE-2015-1239\", \"CVE-2015-1245\", \"CVE-2014-9689\",\n \"CVE-2011-5319\");\n script_bugtraq_id(72901, 72916);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 14:19:22 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-13 14:49:29 +0530 (Fri, 13 Mar 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-01 Mar15 (Linux)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For details refer\n reference section.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to dereference already freed memory, potentially execute arbitrary code,\n potentially disclose memory contents, gain unauthorized access to information,\n cause a denial of service, conduct cookie-injection attacks and other unspecified\n impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 41.0.2272.76 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 41.0.2272.76 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=444957\");\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=463349\");\n script_xref(name:\"URL\", value:\"https://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"41.0.2272.76\"))\n{\n report = 'Installed version: ' + chromeVer + '\\n' +\n 'Fixed version: 41.0.2272.76' + '\\n';\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:44", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-03-13T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities-01 Mar15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1220", "CVE-2015-1218", "CVE-2015-1214", "CVE-2011-5319", "CVE-2015-1223", "CVE-2015-1225", "CVE-2015-1231", "CVE-2015-1217", "CVE-2015-1213", "CVE-2015-1239", "CVE-2015-1227", "CVE-2015-1228", "CVE-2015-1224", "CVE-2015-1215", "CVE-2015-1222", "CVE-2015-1226", "CVE-2015-1245", "CVE-2015-1219", "CVE-2015-1229", "CVE-2015-1221", "CVE-2015-1216", "CVE-2015-1232", "CVE-2014-9689", "CVE-2015-1238", "CVE-2015-1230"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310805503", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805503", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_vuln01_mar15_win.nasl 14183 2019-03-14 13:19:22Z cfischer $\n#\n# Google Chrome Multiple Vulnerabilities-01 Mar15 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805503\");\n script_version(\"$Revision: 14183 $\");\n script_cve_id(\"CVE-2015-1213\", \"CVE-2015-1214\", \"CVE-2015-1215\", \"CVE-2015-1216\",\n \"CVE-2015-1217\", \"CVE-2015-1218\", \"CVE-2015-1219\", \"CVE-2015-1220\",\n \"CVE-2015-1221\", \"CVE-2015-1222\", \"CVE-2015-1223\", \"CVE-2015-1224\",\n \"CVE-2015-1225\", \"CVE-2015-1226\", \"CVE-2015-1227\", \"CVE-2015-1228\",\n \"CVE-2015-1229\", \"CVE-2015-1230\", \"CVE-2015-1231\", \"CVE-2015-1232\",\n \"CVE-2015-1238\", \"CVE-2015-1239\", \"CVE-2015-1245\", \"CVE-2014-9689\",\n \"CVE-2011-5319\");\n script_bugtraq_id(72901, 72916);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 14:19:22 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-13 14:45:49 +0530 (Fri, 13 Mar 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities-01 Mar15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For details refer\n reference section.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to dereference already freed memory, potentially execute arbitrary code,\n potentially disclose memory contents, gain unauthorized access to information,\n cause a denial of service, conduct cookie-injection attacks and other unspecified\n impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 41.0.2272.76 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 41.0.2272.76 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=444957\");\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=463349\");\n script_xref(name:\"URL\", value:\"https://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"41.0.2272.76\"))\n{\n report = 'Installed version: ' + chromeVer + '\\n' +\n 'Fixed version: 41.0.2272.76' + '\\n';\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:13:51", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-27T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities -02 Jan15 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-7923", "CVE-2014-9646", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2015-1361", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-9654", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-9648", "CVE-2015-1248", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-9647", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310805423", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805423", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities -02 Jan15 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805423\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2015-1346\", \"CVE-2015-1205\", \"CVE-2014-7948\", \"CVE-2014-7947\",\n \"CVE-2014-7946\", \"CVE-2014-7945\", \"CVE-2014-7944\", \"CVE-2014-7943\",\n \"CVE-2014-7942\", \"CVE-2014-7941\", \"CVE-2014-7940\", \"CVE-2014-7939\",\n \"CVE-2014-7938\", \"CVE-2014-7937\", \"CVE-2014-7936\", \"CVE-2014-7935\",\n \"CVE-2014-7934\", \"CVE-2014-7933\", \"CVE-2014-7932\", \"CVE-2014-7931\",\n \"CVE-2014-7930\", \"CVE-2014-7929\", \"CVE-2014-7928\", \"CVE-2014-7927\",\n \"CVE-2014-7926\", \"CVE-2014-7925\", \"CVE-2014-7924\", \"CVE-2014-7923\",\n \"CVE-2014-9648\", \"CVE-2014-9647\", \"CVE-2014-9646\", \"CVE-2015-1361\",\n \"CVE-2015-1360\", \"CVE-2015-1359\", \"CVE-2015-1248\", \"CVE-2014-9654\");\n script_bugtraq_id(72288);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-01-27 17:11:51 +0530 (Tue, 27 Jan 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities -02 Jan15 (Linux)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For more details\n about the vulnerabilities, refer the reference section.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service attack, man-in-the-middle attack, bypass\n certain security restrictions and compromise a user's system, bypass the\n SafeBrowsing or possibly have unspecified other impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 40.0.2214.91 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 40.0.2214.91 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62383\");\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=380663\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2015/01/stable-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nchr_ver = infos['version'];\nchrPath = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"40.0.2214.91\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"40.0.2214.91\", install_path:chrPath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:12:50", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-27T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities -02 Jan15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-7923", "CVE-2014-9646", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2015-1361", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-9654", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-9648", "CVE-2015-1248", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-9647", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310805421", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities -02 Jan15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805421\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2015-1346\", \"CVE-2015-1205\", \"CVE-2014-7948\", \"CVE-2014-7947\",\n \"CVE-2014-7946\", \"CVE-2014-7945\", \"CVE-2014-7944\", \"CVE-2014-7943\",\n \"CVE-2014-7942\", \"CVE-2014-7941\", \"CVE-2014-7940\", \"CVE-2014-7939\",\n \"CVE-2014-7938\", \"CVE-2014-7937\", \"CVE-2014-7936\", \"CVE-2014-7935\",\n \"CVE-2014-7934\", \"CVE-2014-7933\", \"CVE-2014-7932\", \"CVE-2014-7931\",\n \"CVE-2014-7930\", \"CVE-2014-7929\", \"CVE-2014-7928\", \"CVE-2014-7927\",\n \"CVE-2014-7926\", \"CVE-2014-7925\", \"CVE-2014-7924\", \"CVE-2014-7923\",\n \"CVE-2014-9648\", \"CVE-2014-9647\", \"CVE-2014-9646\", \"CVE-2015-1361\",\n \"CVE-2015-1360\", \"CVE-2015-1359\", \"CVE-2015-1248\", \"CVE-2014-9654\");\n script_bugtraq_id(72288);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-01-27 17:11:51 +0530 (Tue, 27 Jan 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities -02 Jan15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For more details\n about the vulnerabilities, refer the reference section.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service attack, man-in-the-middle attack, bypass\n certain security restrictions and compromise a user's system, bypass the\n SafeBrowsing or possibly have unspecified other impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 40.0.2214.91 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 40.0.2214.91 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62383\");\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=380663\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2015/01/stable-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nchr_ver = infos['version'];\nchrPath = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"40.0.2214.91\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"40.0.2214.91\", install_path:chrPath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:12:45", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-27T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities -02 Jan15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-7923", "CVE-2014-9646", "CVE-2014-7937", "CVE-2014-7936", "CVE-2014-7931", "CVE-2015-1359", "CVE-2014-7944", "CVE-2014-7924", "CVE-2015-1205", "CVE-2014-7947", "CVE-2015-1361", "CVE-2014-7948", "CVE-2015-1360", "CVE-2014-7940", "CVE-2015-1346", "CVE-2014-9654", "CVE-2014-7933", "CVE-2014-7932", "CVE-2014-9648", "CVE-2015-1248", "CVE-2014-7941", "CVE-2014-7939", "CVE-2014-7934", "CVE-2014-7926", "CVE-2014-7927", "CVE-2014-7942", "CVE-2014-7945", "CVE-2014-7930", "CVE-2014-7929", "CVE-2014-7925", "CVE-2014-7943", "CVE-2014-7946", "CVE-2014-9647", "CVE-2014-7935", "CVE-2014-7928", "CVE-2014-7938"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310805422", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805422", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities -02 Jan15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805422\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2015-1346\", \"CVE-2015-1205\", \"CVE-2014-7948\", \"CVE-2014-7947\",\n \"CVE-2014-7946\", \"CVE-2014-7945\", \"CVE-2014-7944\", \"CVE-2014-7943\",\n \"CVE-2014-7942\", \"CVE-2014-7941\", \"CVE-2014-7940\", \"CVE-2014-7939\",\n \"CVE-2014-7938\", \"CVE-2014-7937\", \"CVE-2014-7936\", \"CVE-2014-7935\",\n \"CVE-2014-7934\", \"CVE-2014-7933\", \"CVE-2014-7932\", \"CVE-2014-7931\",\n \"CVE-2014-7930\", \"CVE-2014-7929\", \"CVE-2014-7928\", \"CVE-2014-7927\",\n \"CVE-2014-7926\", \"CVE-2014-7925\", \"CVE-2014-7924\", \"CVE-2014-7923\",\n \"CVE-2014-9648\", \"CVE-2014-9647\", \"CVE-2014-9646\", \"CVE-2015-1361\",\n \"CVE-2015-1360\", \"CVE-2015-1359\", \"CVE-2015-1248\", \"CVE-2014-9654\");\n script_bugtraq_id(72288);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-01-27 17:11:51 +0530 (Tue, 27 Jan 2015)\");\n script_name(\"Google Chrome Multiple Vulnerabilities -02 Jan15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For more details\n about the vulnerabilities, refer the reference section.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service attack, man-in-the-middle attack, bypass\n certain security restrictions and compromise a user's system, bypass the\n SafeBrowsing or possibly have unspecified other impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to\n 40.0.2214.91 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 40.0.2214.91 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62383\");\n script_xref(name:\"URL\", value:\"https://code.google.com/p/chromium/issues/detail?id=380663\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2015/01/stable-update.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nchr_ver = infos['version'];\nchrPath = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"40.0.2214.91\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"40.0.2214.91\", install_path:chrPath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:58", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3238-1 security@debian.org\r\nhttp://www.debian.org/security/ Michael Gilbert\r\nApril 26, 2015 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : chromium-browser\r\nCVE ID : CVE-2015-1235 CVE-2015-1236 CVE-2015-1237 CVE-2015-1238\r\n CVE-2015-1240 CVE-2015-1241 CVE-2015-1242 CVE-2015-1244\r\n CVE-2015-1245 CVE-2015-1246 CVE-2015-1247 CVE-2015-1248\r\n CVE-2015-1249 CVE-2015-3333 CVE-2015-3334 CVE-2015-3336\r\n\r\nSeveral vulnerabilities were discovered in the chromium web browser.\r\n\r\nCVE-2015-1235\r\n\r\n A Same Origin Policy bypass issue was discovered in the HTML parser.\r\n\r\nCVE-2015-1236\r\n\r\n Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API.\r\n\r\nCVE-2015-1237\r\n\r\n Khalil Zhani discovered a use-after-free issue in IPC.\r\n\r\nCVE-2015-1238\r\n\r\n cloudfuzzer discovered an out-of-bounds write in the skia library.\r\n\r\nCVE-2015-1240\r\n\r\n w3bd3vil discovered an out-of-bounds read in the WebGL implementation.\r\n\r\nCVE-2015-1241\r\n\r\n Phillip Moon and Matt Weston discovered a way to trigger local user\r\n interface actions remotely via a crafted website.\r\n\r\nCVE-2015-1242\r\n\r\n A type confusion issue was discovered in the v8 javascript library.\r\n\r\nCVE-2015-1244\r\n\r\n Mike Ruddy discovered a way to bypass the HTTP Strict Transport Security\r\n policy.\r\n\r\nCVE-2015-1245\r\n\r\n Khalil Zhani discovered a use-after-free issue in the pdfium library.\r\n\r\nCVE-2015-1246\r\n\r\n Atte Kettunen discovered an out-of-bounds read issue in webkit/blink.\r\n\r\nCVE-2015-1247\r\n\r\n Jann Horn discovered that "file:" URLs in OpenSearch documents were not\r\n sanitized, which could allow local files to be read remotely when using\r\n the OpenSearch feature from a crafted website.\r\n\r\nCVE-2015-1248\r\n\r\n Vittorio Gambaletta discovered a way to bypass the SafeBrowsing feature,\r\n which could allow the remote execution of a downloaded executable file.\r\n\r\nCVE-2015-1249\r\n\r\n The chrome 41 development team found various issues from internal\r\n fuzzing, audits, and other studies.\r\n\r\nCVE-2015-3333\r\n\r\n Multiple issues were discovered and fixed in v8 4.2.7.14.\r\n\r\nCVE-2015-3334\r\n\r\n It was discovered that remote websites could capture video data from\r\n attached web cameras without permission.\r\n\r\nCVE-2015-3336\r\n\r\n It was discovered that remote websites could cause user interface\r\n disruptions like window fullscreening and mouse pointer locking.\r\n\r\nFor the stable distribution (jessie), these problems have been fixed in\r\nversion 42.0.2311.90-1~deb8u1.\r\n\r\nFor the testing (stretch) and unstable (sid) distributions, these problems\r\nhave been fixed in version 42.0.2311.90-1.\r\n\r\nWe recommend that you upgrade your chromium-browser packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQQcBAEBCgAGBQJVPaCNAAoJELjWss0C1vRzg+sf/iimJ1F9r0xfcyisL5j8I6Bh\r\nOjrlAOS6tngtr8Mq7RUR4hh5Dusm6gzGswuftgZ3RtiYnBcCBIpE7QEaSRJS9lDW\r\n6N31qxEC7F9fs7tccaoqkRnEbYTxCNRwp1Y6DsNxj5zzFzvMpJf9zvpI+vBwEUK5\r\ncEqZ0X57v0VjW/OEpAuSY5KFodvFvOLteTpi50cMzvBOo/0JWcepXpt5mvbvYowu\r\neA2dQDhlcwlpKWS8Fobc7T2JkpA0oobG3RmzOGCuX2mPnXEndNBoAE35vNqRV5Fs\r\n70k1Y8b9Z3P4l0vnaGcQXnz9pvBsA1chm+vIJ12VTUh2ZVFTxvyCupDOwsryEeNM\r\npgPQqi8I3UOzP2jyuBm+/a5ADtCzTuw+fCFXpkETul6jlAPFzFth+KTHZtOX6cXi\r\nD2pUGYlNTLRoayRSl962ikGuje556Hdhj9jnOzyQvDOKvdt/RykNM/S0aSBHqub/\r\nv1+5M4PKgWVmOpj00f2uQqhLPw1bUC8LVLaWzusNWY/Jf1ljiyZtjD+/+fn2kW6e\r\nJjXSAqkbfSBz1xu9OSsUDuFj5RnB/NEYIxtTp8dr2xUKVVaWHoDX17mbZ6V4SpIp\r\nbI21vmHXGxzxvHlkv8l/7x/Mmyoec0N/gYxQBHVsmBmXCF62ombK0NmAtShdNekr\r\n0lVKpWCOgKabUvW8nvfFrZjb8YVXETLvAAKkgW1bQNEgNT2bIs0AyoF06VJ+lF4j\r\nWm+6tKLsoJoVAQ835paEZbw/4c39ABZM25ZIquo0srZ+WeoFBsnLZ78hOvsZUrLl\r\n1scj2tIwJXI1aEmMkqCsjF8bizDpzjOiQsxNL7MteIsVi+BCRhqatXOqTuKjkgZT\r\nQaMKOtbS/tbp2qq+uL7rFbmaPArV6YtEBghWjW8KfgoS7/n8Q6XmMdhzPA3sYqMp\r\n14U+KqbvcAvjujiJzT0wfo7rfkdcdPmhdWEGILTmxYkIg38IvOYv3bLJKFhRSUK7\r\nB1+RIqXOHGxpqY2vyZQxgJTzHZ8dwjSDDtceuSaKbZhxi+pl4RlVQpYbzEDW2IEo\r\nBJDYNHjqm0yyeY9n90O6y0lwpz78mr6+SxDR+3qaUsGyrt6LGI2yNGTsULjc7sXu\r\nI1Bcbel+NtR/xmTBBz9Czueg4jD5ik+CB2sNi90qgQlZhlbcSlN03fFQ6eCpYSH5\r\nEThWT5rAiscpZHGgXfVabaAv+w1OLi0ljK6A08sYyAz0CMGHz24VlxJtXZBfuu6C\r\nY2C4eDZ/M96wtWz2d4p6sm62spKhZoRHD0JjKlGBLeloeqlTagcAw08zf964ozPI\r\nwYoeI52SYPjal9YikqPLlzYiJDkAi+ejxEobZ0dGSHKuohqVIIAygOJCbq5ouoY=\r\n=D5o5\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-05-05T00:00:00", "type": "securityvulns", "title": "[SECURITY] [DSA 3238-1] chromium-browser security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1247", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-3336", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "modified": "2015-05-05T00:00:00", "id": "SECURITYVULNS:DOC:31999", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31999", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:51:19", "description": "No description provided", "edition": 2, "cvss3": {}, "published": "2015-05-25T00:00:00", "type": "securityvulns", "title": "Google Chrome / Chromium multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1265", "CVE-2015-1247", "CVE-2015-1257", "CVE-2015-3334", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1263", "CVE-2015-1251", "CVE-2015-1262", "CVE-2015-1260", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1250", "CVE-2015-1253", "CVE-2015-3336", "CVE-2015-1254", "CVE-2015-1259", "CVE-2015-1243", "CVE-2015-1252", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1256", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-3333", "CVE-2015-1261", "CVE-2015-1237", "CVE-2015-1258", "CVE-2015-1255", "CVE-2015-1238", "CVE-2015-1264", "CVE-2015-1249"], "modified": "2015-05-25T00:00:00", "id": "SECURITYVULNS:VULN:14435", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14435", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:44:50", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 2, "cvss3": {}, "published": "2015-03-23T00:00:00", "type": "securityvulns", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9057", "CVE-2015-1165", "CVE-2015-1220", "CVE-2015-1218", "CVE-2015-1214", "CVE-2015-2275", "CVE-2015-1223", "CVE-2015-1231", "CVE-2015-1217", "CVE-2015-1592", "CVE-2015-1213", "CVE-2014-9472", "CVE-2015-1227", "CVE-2015-1464", "CVE-2015-2062", "CVE-2015-1228", "CVE-2015-1224", "CVE-2015-1215", "CVE-2015-1222", "CVE-2013-2184", "CVE-2014-8487", "CVE-2015-1219", "CVE-2015-1229", "CVE-2015-1221", "CVE-2015-1216", "CVE-2015-1238", "CVE-2015-1230", "CVE-2015-1306", "CVE-2015-1026"], "modified": "2015-03-23T00:00:00", "id": "SECURITYVULNS:VULN:14346", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14346", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2023-01-11T14:53:35", "description": "Chromium was updated to latest stable release 42.0.2311.90 to fix security issues and bugs. The following vulnerabilities were fixed :\n\n - CVE-2015-1235: Cross-origin-bypass in HTML parser.\n\n - CVE-2015-1236: Cross-origin-bypass in Blink.\n\n - CVE-2015-1237: Use-after-free in IPC.\n\n - CVE-2015-1238: Out-of-bounds write in Skia.\n\n - CVE-2015-1240: Out-of-bounds read in WebGL.\n\n - CVE-2015-1241: Tap-Jacking.\n\n - CVE-2015-1242: Type confusion in V8.\n\n - CVE-2015-1244: HSTS bypass in WebSockets.\n\n - CVE-2015-1245: Use-after-free in PDFium.\n\n - CVE-2015-1246: Out-of-bounds read in Blink.\n\n - CVE-2015-1247: Scheme issues in OpenSearch.\n\n - CVE-2015-1248: SafeBrowsing bypass.\n\n - CVE-2015-1249: Various fixes from internal audits, fuzzing and other initiatives.\n\n - CVE-2015-3333: Multiple vulnerabilities in V8 fixed at the tip of the 4.2 branch (currently 4.2.77.14).\n\n - CVE-2015-3336: fullscreen and UI locking without user confirmeation\n\n - CVE-2015-3335: unspecified impact of crafed programs running in NaCl sandbox \n\n - CVE-2015-3334: 'Media: Allowed by you' sometimes not shown in a permissions table\n\nNew functionality added :\n\n - A number of new apps, extension and Web Platform APIs (including the Push API!)\n\n - Lots of under the hood changes for stability and performance", "cvss3": {}, "published": "2015-04-23T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Chromium (openSUSE-2015-320)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249", "CVE-2015-3333", "CVE-2015-3334", "CVE-2015-3335", "CVE-2015-3336"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-320.NASL", "href": "https://www.tenable.com/plugins/nessus/83025", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-320.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83025);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-1235\", \"CVE-2015-1236\", \"CVE-2015-1237\", \"CVE-2015-1238\", \"CVE-2015-1240\", \"CVE-2015-1241\", \"CVE-2015-1242\", \"CVE-2015-1244\", \"CVE-2015-1245\", \"CVE-2015-1246\", \"CVE-2015-1247\", \"CVE-2015-1248\", \"CVE-2015-1249\", \"CVE-2015-3333\", \"CVE-2015-3334\", \"CVE-2015-3335\", \"CVE-2015-3336\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2015-320)\");\n script_summary(english:\"Check for the openSUSE-2015-320 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chromium was updated to latest stable release 42.0.2311.90 to fix\nsecurity issues and bugs. The following vulnerabilities were fixed :\n\n - CVE-2015-1235: Cross-origin-bypass in HTML parser.\n\n - CVE-2015-1236: Cross-origin-bypass in Blink.\n\n - CVE-2015-1237: Use-after-free in IPC.\n\n - CVE-2015-1238: Out-of-bounds write in Skia.\n\n - CVE-2015-1240: Out-of-bounds read in WebGL.\n\n - CVE-2015-1241: Tap-Jacking.\n\n - CVE-2015-1242: Type confusion in V8.\n\n - CVE-2015-1244: HSTS bypass in WebSockets.\n\n - CVE-2015-1245: Use-after-free in PDFium.\n\n - CVE-2015-1246: Out-of-bounds read in Blink.\n\n - CVE-2015-1247: Scheme issues in OpenSearch.\n\n - CVE-2015-1248: SafeBrowsing bypass.\n\n - CVE-2015-1249: Various fixes from internal audits,\n fuzzing and other initiatives.\n\n - CVE-2015-3333: Multiple vulnerabilities in V8 fixed at\n the tip of the 4.2 branch (currently 4.2.77.14).\n\n - CVE-2015-3336: fullscreen and UI locking without user\n confirmeation\n\n - CVE-2015-3335: unspecified impact of crafed programs\n running in NaCl sandbox \n\n - CVE-2015-3334: 'Media: Allowed by you' sometimes not\n shown in a permissions table\n\nNew functionality added :\n\n - A number of new apps, extension and Web Platform APIs\n (including the Push API!)\n\n - Lots of under the hood changes for stability and\n performance\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=927302\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-42.0.2311.90-78.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-debuginfo-42.0.2311.90-78.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-42.0.2311.90-78.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debuginfo-42.0.2311.90-78.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debugsource-42.0.2311.90-78.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-gnome-42.0.2311.90-78.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-kde-42.0.2311.90-78.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-42.0.2311.90-78.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-debuginfo-42.0.2311.90-78.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-42.0.2311.90-23.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromedriver-debuginfo-42.0.2311.90-23.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-42.0.2311.90-23.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debuginfo-42.0.2311.90-23.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-debugsource-42.0.2311.90-23.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-gnome-42.0.2311.90-23.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-desktop-kde-42.0.2311.90-23.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-42.0.2311.90-23.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"chromium-ffmpegsumo-debuginfo-42.0.2311.90-23.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:02", "description": "Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium.(CVE-2015-1235, CVE-2015-1236, CVE-2015-1237, CVE-2015-1238, CVE-2015-1240, CVE-2015-1241, CVE-2015-1242, CVE-2015-1244, CVE-2015-1245, CVE-2015-1246, CVE-2015-1247, CVE-2015-1248, CVE-2015-1249)\n\nAll Chromium users should upgrade to these updated packages, which contain Chromium version 42.0.2311.90, which corrects these issues.\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "cvss3": {}, "published": "2015-04-17T00:00:00", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2015:0816)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249"], "modified": "2021-02-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser", "p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.6"], "id": "REDHAT-RHSA-2015-0816.NASL", "href": "https://www.tenable.com/plugins/nessus/82846", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0816. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82846);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\"CVE-2015-1235\", \"CVE-2015-1236\", \"CVE-2015-1237\", \"CVE-2015-1238\", \"CVE-2015-1240\", \"CVE-2015-1241\", \"CVE-2015-1242\", \"CVE-2015-1244\", \"CVE-2015-1245\", \"CVE-2015-1246\", \"CVE-2015-1247\", \"CVE-2015-1248\", \"CVE-2015-1249\");\n script_bugtraq_id(74165, 74167);\n script_xref(name:\"RHSA\", value:\"2015:0816\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2015:0816)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated chromium-browser packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Chromium to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Chromium.(CVE-2015-1235, CVE-2015-1236, CVE-2015-1237,\nCVE-2015-1238, CVE-2015-1240, CVE-2015-1241, CVE-2015-1242,\nCVE-2015-1244, CVE-2015-1245, CVE-2015-1246, CVE-2015-1247,\nCVE-2015-1248, CVE-2015-1249)\n\nAll Chromium users should upgrade to these updated packages, which\ncontain Chromium version 42.0.2311.90, which corrects these issues.\nAfter installing the update, Chromium must be restarted for the\nchanges to take effect.\"\n );\n # http://googlechromereleases.blogspot.com/2015/04/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://chromereleases.googleblog.com/2015/04/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0816\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1245\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1235\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0816\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-42.0.2311.90-1.el6_6\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-42.0.2311.90-1.el6_6\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-42.0.2311.90-1.el6_6\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-42.0.2311.90-1.el6_6\", allowmaj:TRUE)) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:33", "description": "Google Chrome Releases reports :\n\n45 new security fixes, including :\n\n- [456518] High CVE-2015-1235: Cross-origin-bypass in HTML parser.\nCredit to anonymous.\n\n- [313939] Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo.\n\n- [461191] High CVE-2015-1237: Use-after-free in IPC. Credit to Khalil Zhani.\n\n- [445808] High CVE-2015-1238: Out-of-bounds write in Skia. Credit to cloudfuzzer.\n\n- [463599] Medium CVE-2015-1240: Out-of-bounds read in WebGL. Credit to w3bd3vil.\n\n- [418402] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon and Matt Weston of Sandfield Information Systems.\n\n- [460917] High CVE-2015-1242: Type confusion in V8. Credit to fcole@onshape.com.\n\n- [455215] Medium CVE-2015-1244: HSTS bypass in WebSockets. Credit to Mike Ruddy.\n\n- [444957] Medium CVE-2015-1245: Use-after-free in PDFium. Credit to Khalil Zhani.\n\n- [437399] Medium CVE-2015-1246: Out-of-bounds read in Blink. Credit to Atte Kettunen of OUSPG.\n\n- [429838] Medium CVE-2015-1247: Scheme issues in OpenSearch. Credit to Jann Horn.\n\n- [380663] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to Vittorio Gambaletta (VittGam).\n\n- [476786] CVE-2015-1249: Various fixes from internal audits, fuzzing and other initiatives. Multiple vulnerabilities in V8 fixed at the tip of the 4.2 branch (currently 4.2.77.14).", "cvss3": {}, "published": "2015-04-28T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (b57f690e-ecc9-11e4-876c-00262d5ed8ee)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "p-cpe:/a:freebsd:freebsd:chromium-npapi", "p-cpe:/a:freebsd:freebsd:chromium-pulse", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_B57F690EECC911E4876C00262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/nessus/83095", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83095);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-1235\", \"CVE-2015-1236\", \"CVE-2015-1237\", \"CVE-2015-1238\", \"CVE-2015-1240\", \"CVE-2015-1241\", \"CVE-2015-1242\", \"CVE-2015-1244\", \"CVE-2015-1245\", \"CVE-2015-1246\", \"CVE-2015-1247\", \"CVE-2015-1248\", \"CVE-2015-1249\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (b57f690e-ecc9-11e4-876c-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n45 new security fixes, including :\n\n- [456518] High CVE-2015-1235: Cross-origin-bypass in HTML parser.\nCredit to anonymous.\n\n- [313939] Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit\nto Amitay Dobo.\n\n- [461191] High CVE-2015-1237: Use-after-free in IPC. Credit to Khalil\nZhani.\n\n- [445808] High CVE-2015-1238: Out-of-bounds write in Skia. Credit to\ncloudfuzzer.\n\n- [463599] Medium CVE-2015-1240: Out-of-bounds read in WebGL. Credit\nto w3bd3vil.\n\n- [418402] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon\nand Matt Weston of Sandfield Information Systems.\n\n- [460917] High CVE-2015-1242: Type confusion in V8. Credit to\nfcole@onshape.com.\n\n- [455215] Medium CVE-2015-1244: HSTS bypass in WebSockets. Credit to\nMike Ruddy.\n\n- [444957] Medium CVE-2015-1245: Use-after-free in PDFium. Credit to\nKhalil Zhani.\n\n- [437399] Medium CVE-2015-1246: Out-of-bounds read in Blink. Credit\nto Atte Kettunen of OUSPG.\n\n- [429838] Medium CVE-2015-1247: Scheme issues in OpenSearch. Credit\nto Jann Horn.\n\n- [380663] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to\nVittorio Gambaletta (VittGam).\n\n- [476786] CVE-2015-1249: Various fixes from internal audits, fuzzing\nand other initiatives. Multiple vulnerabilities in V8 fixed at the tip\nof the 4.2 branch (currently 4.2.77.14).\"\n );\n # http://googlechromereleases.blogspot.nl/2015/04/stable-channel-update_14.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2a57bf0f\"\n );\n # https://vuxml.freebsd.org/freebsd/b57f690e-ecc9-11e4-876c-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a8e7b4ce\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-npapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<42.0.2311.90\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-npapi<42.0.2311.90\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"chromium-pulse<42.0.2311.90\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:14", "description": "The version of Google Chrome installed on the remote Mac OS X host is prior to 42.0.2311.90. It is, therefore, affected by multiple vulnerabilities :\n\n - A cross-origin bypass vulnerability exists due to an unspecified flaw in the HTML parser. (CVE-2015-1235)\n\n - A cross-origin bypass vulnerability exists due to a flaw in MediaElementAudioSourceNode.cpp when handling audio content. (CVE-2015-1236)\n\n - A use-after-free error exists in render_frame_impl.cc due to improper handling of a frame when it receives messages while detaching. An attacker can exploit this flaw to dereference already freed memory and execute arbitrary code. (CVE-2015-1237)\n\n - An unspecified out-of-bounds write flaw exists in the Skia filters. (CVE-2015-1238)\n\n - An out-of-bounds read flaw exists in WebGL due to improper handling of ES3 commands. An attacker can exploit this flaw to disclose memory contents.\n (CVE-2015-1240)\n\n - An unspecified tap-jacking flaw exists when certain tap events aren't preceded by TapDown events. An attacker can exploit this to direct taps to cross-pages and cross-domains. (CVE-2015-1241)\n\n - A type confusion error exists in the ReduceTransitionElementsKind() function in hydrogen-check-elimination.cc. An attacker can exploit this error to execute arbitrary code. (CVE-2015-1242)\n\n - A flaw exists related to WebSocket connections due to HTTP Strict Transport Security (HSTS) not being strictly enforced. A man-in-the-middle attacker can exploit this flaw to view and manipulate protected communication.\n (CVE-2015-1244)\n\n - A use-after-free error exists in open_pdf_in_reader_view.cc due to improper handling handling the 'Open PDF in Reader' bubble on navigations.\n An attacker can exploit this flaw to dereference already freed memory and execute arbitrary code. (CVE-2015-1245)\n\n - An unspecified out-of-bounds read flaw exists in Blink.\n An attacker can exploit this to disclose memory contents. (CVE-2015-1246)\n\n - A flaw exists in the OnPageHasOSDD() function in search_engine_tab_helper.cc due to improper handling of URLs for the OpenSearch descriptor. An attacker can exploit this flaw to disclose sensitive information.\n (CVE-2015-1247)\n\n - An unspecified flaw exists that allows an attacker to bypass SafeBrowsing. (CVE-2015-1248)\n\n - Multiple unspecified vulnerabilities exist that allow an attacker to have an unspecified impact. (CVE-2015-1249)\n\n - Multiple unspecified vulnerabilities exist in V8 that allow an attacker to cause a denial of service and other unspecified impacts.\n (CVE-2015-3333)\n\n - A media permission handling weakness exists due to camera and microphone permissions being merged into a single 'Media' permission. An attacker can exploit this, via a specially crafted website, to turn on a victim's camera while the victim believes camera access is prohibited. (CVE-2015-3334)\n\n - A flaw exists due to missing address space usage limitation (RLIMIT_AS and RLIMIT_DATA) in the Native Client (NaCl) process. This allows a remote attacker to run a crafted program in the NaCl sandbox and to conduct row-hammer attacks. (CVE-2015-3335) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-04-16T00:00:00", "type": "nessus", "title": "Google Chrome < 42.0.2311.90 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249", "CVE-2015-3333", "CVE-2015-3334", "CVE-2015-3335"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_42_0_2311_90.NASL", "href": "https://www.tenable.com/plugins/nessus/82826", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82826);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2015-1235\",\n \"CVE-2015-1236\",\n \"CVE-2015-1237\",\n \"CVE-2015-1238\",\n \"CVE-2015-1240\",\n \"CVE-2015-1241\",\n \"CVE-2015-1242\",\n \"CVE-2015-1244\",\n \"CVE-2015-1245\",\n \"CVE-2015-1246\",\n \"CVE-2015-1247\",\n \"CVE-2015-1248\",\n \"CVE-2015-1249\",\n \"CVE-2015-3333\",\n \"CVE-2015-3334\",\n \"CVE-2015-3335\"\n );\n script_bugtraq_id(\n 72715,\n 74165,\n 74167,\n 74221,\n 74225\n );\n\n script_name(english:\"Google Chrome < 42.0.2311.90 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version number of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is\nprior to 42.0.2311.90. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A cross-origin bypass vulnerability exists due to an\n unspecified flaw in the HTML parser. (CVE-2015-1235)\n\n - A cross-origin bypass vulnerability exists due to a flaw\n in MediaElementAudioSourceNode.cpp when handling audio\n content. (CVE-2015-1236)\n\n - A use-after-free error exists in render_frame_impl.cc\n due to improper handling of a frame when it receives\n messages while detaching. An attacker can exploit this\n flaw to dereference already freed memory and execute\n arbitrary code. (CVE-2015-1237)\n\n - An unspecified out-of-bounds write flaw exists in the\n Skia filters. (CVE-2015-1238)\n\n - An out-of-bounds read flaw exists in WebGL due to\n improper handling of ES3 commands. An attacker can\n exploit this flaw to disclose memory contents.\n (CVE-2015-1240)\n\n - An unspecified tap-jacking flaw exists when certain tap\n events aren't preceded by TapDown events. An attacker\n can exploit this to direct taps to cross-pages and\n cross-domains. (CVE-2015-1241)\n\n - A type confusion error exists in the\n ReduceTransitionElementsKind() function in\n hydrogen-check-elimination.cc. An attacker can exploit\n this error to execute arbitrary code. (CVE-2015-1242)\n\n - A flaw exists related to WebSocket connections due to\n HTTP Strict Transport Security (HSTS) not being strictly\n enforced. A man-in-the-middle attacker can exploit this\n flaw to view and manipulate protected communication.\n (CVE-2015-1244)\n\n - A use-after-free error exists in\n open_pdf_in_reader_view.cc due to improper handling\n handling the 'Open PDF in Reader' bubble on navigations.\n An attacker can exploit this flaw to dereference already\n freed memory and execute arbitrary code. (CVE-2015-1245)\n\n - An unspecified out-of-bounds read flaw exists in Blink.\n An attacker can exploit this to disclose memory\n contents. (CVE-2015-1246)\n\n - A flaw exists in the OnPageHasOSDD() function in\n search_engine_tab_helper.cc due to improper handling\n of URLs for the OpenSearch descriptor. An attacker can\n exploit this flaw to disclose sensitive information.\n (CVE-2015-1247)\n\n - An unspecified flaw exists that allows an attacker to\n bypass SafeBrowsing. (CVE-2015-1248)\n\n - Multiple unspecified vulnerabilities exist that allow an\n attacker to have an unspecified impact. (CVE-2015-1249)\n\n - Multiple unspecified vulnerabilities exist in V8 that\n allow an attacker to cause a denial of service and\n other unspecified impacts.\n (CVE-2015-3333)\n\n - A media permission handling weakness exists due to\n camera and microphone permissions being merged into a\n single 'Media' permission. An attacker can exploit this,\n via a specially crafted website, to turn on a victim's\n camera while the victim believes camera access is\n prohibited. (CVE-2015-3334)\n\n - A flaw exists due to missing address space usage\n limitation (RLIMIT_AS and RLIMIT_DATA) in the Native\n Client (NaCl) process. This allows a remote attacker to\n run a crafted program in the NaCl sandbox and to conduct\n row-hammer attacks. (CVE-2015-3335)\n \nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?72311cf0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 42.0.2311.90 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3335\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'42.0.2311.90', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:56:18", "description": "The version of Google Chrome on the remote host is prior to 42.0.2311.90 and is affected by the following vulnerabilities :\n\n - A cross-origin bypass vulnerability exists due to an unspecified flaw in the HTML parser. (CVE-2015-1235)\n\n - A cross-origin bypass vulnerability exists due to a flaw in 'MediaElementAudioSourceNode.cpp' when handling audio content. (CVE-2015-1236)\n\n - A use-after-free error exists in 'render_frame_impl.cc' due to improper handling of a frame when it receives messages while detaching. An attacker can exploit this flaw to dereference already freed memory and execute arbitrary code. (CVE-2015-1237)\n\n - An unspecified out-of-bounds write flaw exists in the Skia filters. (CVE-2015-1238)\n\n - An out-of-bounds read flaw exists in WebGL due to improper handling of ES3 commands. An attacker can exploit this flaw to disclose memory contents. (CVE-2015-1240)\n\n - An unspecified tap-jacking flaw exists when certain tap events aren't preceded by TapDown events. An attacker can exploit this to direct taps to cross-pages and cross-domains. (CVE-2015-1241)\n\n - A type confusion error exists in the ReduceTransitionElementsKind() function in 'hydrogen-check-elimination.cc'. An attacker can exploit this error to execute arbitrary code. (CVE-2015-1242)\n\n - A flaw exists related to WebSocket connections due to HTTP Strict Transport Security (HSTS) not being strictly enforced. A man-in-the-middle attacker can exploit this flaw to view and manipulate protected communication. (CVE-2015-1244) - A use-after-free error exists in 'open_pdf_in_reader_view.cc' due to improper handling in the 'Open PDF in Reader' bubble on navigations. An attacker can exploit this flaw to dereference already freed memory and execute arbitrary code. (CVE-2015-1245)\n\n - An unspecified out-of-bounds read flaw exists in Blink. An attacker can exploit this to disclose memory contents. (CVE-2015-1246)\n\n - A flaw exists in the OnPageHasOSDD() function in 'search_engine_tab_helper.cc' due to improper handling of URLs for the OpenSearch descriptor. An attacker can exploit this flaw to disclose sensitive information. (CVE-2015-1247)\n\n - An unspecified flaw exists that allows an attacker to bypass SafeBrowsing. (CVE-2015-1248)\n\n - Multiple unspecified vulnerabilities exist that allow an attacker to have an unspecified impact. (CVE-2015-1249)\n\n - Multiple unspecified vulnerabilities exist in V8 that allow an attacker to cause a denial of service and other unspecified impacts. (CVE-2015-3333)\n\n - A media permission handling weakness exists due to camera and microphone permissions being merged into a single 'Media' permission. An attacker can exploit this, via a specially crafted website, to turn on a victim's camera while the victim believes camera access is prohibited. (CVE-2015-3334)\n\n - A flaw exists due to missing address space usage limitation (RLIMIT_AS and RLIMIT_DATA) in the Native Client (NaCl) process. This allows a remote attacker to run a crafted program in the NaCl sandbox and to conduct row-hammer attacks. (CVE-2015-3335)", "cvss3": {}, "published": "2015-06-15T00:00:00", "type": "nessus", "title": "Google Chrome < 42.0.2311.90 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249", "CVE-2015-3333", "CVE-2015-3334", "CVE-2015-3335"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "8778.PASL", "href": "https://www.tenable.com/plugins/nnm/8778", "sourceData": "Binary data 8778.pasl", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:07", "description": "The version of Google Chrome installed on the remote Windows host is prior to 42.0.2311.90. It is, therefore, affected by multiple vulnerabilities :\n\n - A cross-origin bypass vulnerability exists due to an unspecified flaw in the HTML parser. (CVE-2015-1235)\n\n - A cross-origin bypass vulnerability exists due to a flaw in MediaElementAudioSourceNode.cpp when handling audio content. (CVE-2015-1236)\n\n - A use-after-free error exists in render_frame_impl.cc due to improper handling of a frame when it receives messages while detaching. An attacker can exploit this flaw to dereference already freed memory and execute arbitrary code. (CVE-2015-1237)\n\n - An unspecified out-of-bounds write flaw exists in the Skia filters. (CVE-2015-1238)\n\n - An out-of-bounds read flaw exists in WebGL due to improper handling of ES3 commands. An attacker can exploit this flaw to disclose memory contents.\n (CVE-2015-1240)\n\n - An unspecified tap-jacking flaw exists when certain tap events aren't preceded by TapDown events. An attacker can exploit this to direct taps to cross-pages and cross-domains. (CVE-2015-1241)\n\n - A type confusion error exists in the ReduceTransitionElementsKind() function in hydrogen-check-elimination.cc. An attacker can exploit this error to execute arbitrary code. (CVE-2015-1242)\n\n - A flaw exists related to WebSocket connections due to HTTP Strict Transport Security (HSTS) not being strictly enforced. A man-in-the-middle attacker can exploit this flaw to view and manipulate protected communication.\n (CVE-2015-1244)\n\n - A use-after-free error exists in open_pdf_in_reader_view.cc due to improper handling handling the 'Open PDF in Reader' bubble on navigations.\n An attacker can exploit this flaw to dereference already freed memory and execute arbitrary code. (CVE-2015-1245)\n\n - An unspecified out-of-bounds read flaw exists in Blink.\n An attacker can exploit this to disclose memory contents. (CVE-2015-1246)\n\n - A flaw exists in the OnPageHasOSDD() function in search_engine_tab_helper.cc due to improper handling of URLs for the OpenSearch descriptor. An attacker can exploit this flaw to disclose sensitive information.\n (CVE-2015-1247)\n\n - An unspecified flaw exists that allows an attacker to bypass SafeBrowsing. (CVE-2015-1248)\n\n - Multiple unspecified vulnerabilities exist that allow an attacker to have an unspecified impact. (CVE-2015-1249)\n\n - Multiple unspecified vulnerabilities exist in V8 that allow an attacker to cause a denial of service and other unspecified impacts.\n (CVE-2015-3333)\n\n - A media permission handling weakness exists due to camera and microphone permissions being merged into a single 'Media' permission. An attacker can exploit this, via a specially crafted website, to turn on a victim's camera while the victim believes camera access is prohibited. (CVE-2015-3334)\n\n - A flaw exists due to missing address space usage limitation (RLIMIT_AS and RLIMIT_DATA) in the Native Client (NaCl) process. This allows a remote attacker to run a crafted program in the NaCl sandbox and to conduct row-hammer attacks. (CVE-2015-3335)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-04-16T00:00:00", "type": "nessus", "title": "Google Chrome < 42.0.2311.90 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249", "CVE-2015-3333", "CVE-2015-3334", "CVE-2015-3335"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_42_0_2311_90.NASL", "href": "https://www.tenable.com/plugins/nessus/82825", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82825);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-1235\",\n \"CVE-2015-1236\",\n \"CVE-2015-1237\",\n \"CVE-2015-1238\",\n \"CVE-2015-1240\",\n \"CVE-2015-1241\",\n \"CVE-2015-1242\",\n \"CVE-2015-1244\",\n \"CVE-2015-1245\",\n \"CVE-2015-1246\",\n \"CVE-2015-1247\",\n \"CVE-2015-1248\",\n \"CVE-2015-1249\",\n \"CVE-2015-3333\",\n \"CVE-2015-3334\",\n \"CVE-2015-3335\"\n );\n script_bugtraq_id(\n 72715,\n 74165,\n 74167,\n 74221,\n 74225\n );\n\n script_name(english:\"Google Chrome < 42.0.2311.90 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 42.0.2311.90. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A cross-origin bypass vulnerability exists due to an\n unspecified flaw in the HTML parser. (CVE-2015-1235)\n\n - A cross-origin bypass vulnerability exists due to a flaw\n in MediaElementAudioSourceNode.cpp when handling audio\n content. (CVE-2015-1236)\n\n - A use-after-free error exists in render_frame_impl.cc\n due to improper handling of a frame when it receives\n messages while detaching. An attacker can exploit this\n flaw to dereference already freed memory and execute\n arbitrary code. (CVE-2015-1237)\n\n - An unspecified out-of-bounds write flaw exists in the\n Skia filters. (CVE-2015-1238)\n\n - An out-of-bounds read flaw exists in WebGL due to\n improper handling of ES3 commands. An attacker can\n exploit this flaw to disclose memory contents.\n (CVE-2015-1240)\n\n - An unspecified tap-jacking flaw exists when certain tap\n events aren't preceded by TapDown events. An attacker\n can exploit this to direct taps to cross-pages and\n cross-domains. (CVE-2015-1241)\n\n - A type confusion error exists in the\n ReduceTransitionElementsKind() function in\n hydrogen-check-elimination.cc. An attacker can exploit\n this error to execute arbitrary code. (CVE-2015-1242)\n\n - A flaw exists related to WebSocket connections due to\n HTTP Strict Transport Security (HSTS) not being strictly\n enforced. A man-in-the-middle attacker can exploit this\n flaw to view and manipulate protected communication.\n (CVE-2015-1244)\n\n - A use-after-free error exists in\n open_pdf_in_reader_view.cc due to improper handling\n handling the 'Open PDF in Reader' bubble on navigations.\n An attacker can exploit this flaw to dereference already\n freed memory and execute arbitrary code. (CVE-2015-1245)\n\n - An unspecified out-of-bounds read flaw exists in Blink.\n An attacker can exploit this to disclose memory\n contents. (CVE-2015-1246)\n\n - A flaw exists in the OnPageHasOSDD() function in\n search_engine_tab_helper.cc due to improper handling\n of URLs for the OpenSearch descriptor. An attacker can\n exploit this flaw to disclose sensitive information.\n (CVE-2015-1247)\n\n - An unspecified flaw exists that allows an attacker to\n bypass SafeBrowsing. (CVE-2015-1248)\n\n - Multiple unspecified vulnerabilities exist that allow an\n attacker to have an unspecified impact. (CVE-2015-1249)\n\n - Multiple unspecified vulnerabilities exist in V8 that\n allow an attacker to cause a denial of service and\n other unspecified impacts.\n (CVE-2015-3333)\n\n - A media permission handling weakness exists due to\n camera and microphone permissions being merged into a\n single 'Media' permission. An attacker can exploit this,\n via a specially crafted website, to turn on a victim's\n camera while the victim believes camera access is\n prohibited. (CVE-2015-3334)\n\n - A flaw exists due to missing address space usage\n limitation (RLIMIT_AS and RLIMIT_DATA) in the Native\n Client (NaCl) process. This allows a remote attacker to\n run a crafted program in the NaCl sandbox and to conduct\n row-hammer attacks. (CVE-2015-3335)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?72311cf0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 42.0.2311.90 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3335\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'42.0.2311.90', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:01", "description": "An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions.\n(CVE-2015-1235)\n\nAn issue was discovered in the Web Audio API implementation in Blink.\nIf a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2015-1236)\n\nA use-after-free was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1237)\n\nAn out-of-bounds write was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1238)\n\nAn out-of-bounds read was discovered in the WebGL implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2015-1240)\n\nAn issue was discovered with the interaction of page navigation and touch event handling. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct 'tap jacking' attacks. (CVE-2015-1241)\n\nA type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1242)\n\nIt was discovered that websocket connections were not upgraded whenever a HSTS policy is active. A remote attacker could potentially exploit this to conduct a man in the middle (MITM) attack.\n(CVE-2015-1244)\n\nAn out-of-bounds read was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2015-1246)\n\nMultiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1249)\n\nA use-after-free was discovered in the file picker implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1321)\n\nMultiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-3333).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-04-28T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 14.10 / 15.04 : oxide-qt vulnerabilities (USN-2570-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1246", "CVE-2015-1249", "CVE-2015-1321", "CVE-2015-3333"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0", "p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs", "p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2570-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83109", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2570-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83109);\n script_version(\"2.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-1235\", \"CVE-2015-1236\", \"CVE-2015-1237\", \"CVE-2015-1238\", \"CVE-2015-1240\", \"CVE-2015-1241\", \"CVE-2015-1242\", \"CVE-2015-1244\", \"CVE-2015-1246\", \"CVE-2015-1249\", \"CVE-2015-1321\", \"CVE-2015-3333\");\n script_bugtraq_id(74165, 74167, 74221, 74411);\n script_xref(name:\"USN\", value:\"2570-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 14.10 / 15.04 : oxide-qt vulnerabilities (USN-2570-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An issue was discovered in the HTML parser in Blink. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to bypass same-origin restrictions.\n(CVE-2015-1235)\n\nAn issue was discovered in the Web Audio API implementation in Blink.\nIf a user were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to bypass same-origin\nrestrictions. (CVE-2015-1236)\n\nA use-after-free was discovered in Chromium. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash, or\nexecute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2015-1237)\n\nAn out-of-bounds write was discovered in Skia. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash or execute arbitrary code with the privileges of the user\ninvoking the program. (CVE-2015-1238)\n\nAn out-of-bounds read was discovered in the WebGL implementation. If a\nuser were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to cause a denial of service\nvia renderer crash. (CVE-2015-1240)\n\nAn issue was discovered with the interaction of page navigation and\ntouch event handling. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to conduct\n'tap jacking' attacks. (CVE-2015-1241)\n\nA type confusion bug was discovered in V8. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash, or\nexecute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2015-1242)\n\nIt was discovered that websocket connections were not upgraded\nwhenever a HSTS policy is active. A remote attacker could potentially\nexploit this to conduct a man in the middle (MITM) attack.\n(CVE-2015-1244)\n\nAn out-of-bounds read was discovered in Blink. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via renderer\ncrash. (CVE-2015-1246)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2015-1249)\n\nA use-after-free was discovered in the file picker implementation. If\na user were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to cause a denial of service\nvia application crash or execute arbitrary code with the privileges of\nthe user invoking the program. (CVE-2015-1321)\n\nMultiple security issues were discovered in V8. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via renderer crash or execute arbitrary code with the\nprivileges of the sandboxed render process. (CVE-2015-3333).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2570-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected liboxideqtcore0, oxideqt-codecs and / or\noxideqt-codecs-extra packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|14\\.10|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 14.10 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.6.5-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"oxideqt-codecs\", pkgver:\"1.6.5-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"oxideqt-codecs-extra\", pkgver:\"1.6.5-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"liboxideqtcore0\", pkgver:\"1.6.5-0ubuntu0.14.10.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"oxideqt-codecs\", pkgver:\"1.6.5-0ubuntu0.14.10.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"oxideqt-codecs-extra\", pkgver:\"1.6.5-0ubuntu0.14.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.6.5-0ubuntu0.15.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"oxideqt-codecs\", pkgver:\"1.6.5-0ubuntu0.15.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"oxideqt-codecs-extra\", pkgver:\"1.6.5-0ubuntu0.15.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liboxideqtcore0 / oxideqt-codecs / oxideqt-codecs-extra\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:30", "description": "The remote host is affected by the vulnerability described in GLSA-201506-04 (Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker can cause arbitrary remote code execution, Denial of Service or bypass of security mechanisms.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2015-06-23T00:00:00", "type": "nessus", "title": "GLSA-201506-04 : Chromium: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1233", "CVE-2015-1234", "CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1243", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1250", "CVE-2015-1251", "CVE-2015-1252", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1255", "CVE-2015-1256", "CVE-2015-1257", "CVE-2015-1258", "CVE-2015-1259", "CVE-2015-1260", "CVE-2015-1262", "CVE-2015-1263", "CVE-2015-1264", "CVE-2015-1265"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:chromium", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201506-04.NASL", "href": "https://www.tenable.com/plugins/nessus/84332", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201506-04.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84332);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1233\", \"CVE-2015-1234\", \"CVE-2015-1235\", \"CVE-2015-1236\", \"CVE-2015-1237\", \"CVE-2015-1238\", \"CVE-2015-1240\", \"CVE-2015-1241\", \"CVE-2015-1242\", \"CVE-2015-1243\", \"CVE-2015-1244\", \"CVE-2015-1245\", \"CVE-2015-1246\", \"CVE-2015-1247\", \"CVE-2015-1248\", \"CVE-2015-1250\", \"CVE-2015-1251\", \"CVE-2015-1252\", \"CVE-2015-1253\", \"CVE-2015-1254\", \"CVE-2015-1255\", \"CVE-2015-1256\", \"CVE-2015-1257\", \"CVE-2015-1258\", \"CVE-2015-1259\", \"CVE-2015-1260\", \"CVE-2015-1262\", \"CVE-2015-1263\", \"CVE-2015-1264\", \"CVE-2015-1265\");\n script_bugtraq_id(73484, 73486, 74165, 74389, 74723, 74727);\n script_xref(name:\"GLSA\", value:\"201506-04\");\n\n script_name(english:\"GLSA-201506-04 : Chromium: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201506-04\n(Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can cause arbitrary remote code execution, Denial of\n Service or bypass of security mechanisms.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201506-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-43.0.2357.65'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 43.0.2357.65\"), vulnerable:make_list(\"lt 43.0.2357.65\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Chromium-browser 42.0.2311.90 fixes several security issues, among others a cross-origin-bypass in HTML parser (CVE-2015-1235), a cross-origin-bypass in Blink (CVE-2015-1236), a use-after-free in IPC (CVE-2015-1237), an out-of-bounds write in Skia (CVE-2015-1238), an out-of-bounds read in WebGL (CVE-2015-1240), Tap-Jacking (CVE-2015-1241), type confusion in V8 (CVE-2015-1242), HSTS bypass in WebSockets (CVE-2015-1244), a use-after-free in PDFium (CVE-2015-1245), an out-of-bounds read in Blink (CVE-2015-1246), scheme issues in OpenSearch, (CVE-2015-1247), and a SafeBrowsing bypass (CVE-2015-1248). Also included are various fixes from internal audits, fuzzing and other initiatives (CVE-2015-1249), and multiple vulnerabilities in V8 have been fixed at the tip of the 4.2 branch (currently 4.2.77.14) (CVE-2015-3333). \n", "cvss3": {}, "published": "2015-04-23T21:14:25", "type": "mageia", "title": "Updated chromium-browser-stable packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249", "CVE-2015-3333"], "modified": "2015-04-23T21:14:25", "id": "MGASA-2015-0164", "href": "https://advisories.mageia.org/MGASA-2015-0164.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "chrome": [{"lastseen": "2021-12-30T22:34:28", "description": "The Chrome team is overjoyed to announce the promotion of Chrome 42 to the stable channel for Windows, Mac and Linux. Chrome 42.0.2311.90 contains a number of fixes and improvements, including: \n\n\n\n * A number of new apps, extension and Web Platform APIs (including the [Push API](<https://dvcs.w3.org/hg/push/raw-file/tip/index.html>)!)\n * Lots of under the hood changes for stability and performance\n * The answer to [life, the universe and everything](<https://www.google.com/search?&q=answer+to+life%2C+the+universe+and+everything&gws_rd=ssl>)\n\nA list of changes is available in the [log](<https://chromium.googlesource.com/chromium/src/+log/41.0.2272.0..42.0.2311.0?pretty=fuller&n=10000>). \n\n**Security Fixes and Rewards** \n\n_Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed._ \n\nThis update includes [45 security fixes](<https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+label%3ARelease-0-M42&sort=id+-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&cells=tiles>). Below, we highlight fixes that were contributed by external researchers. Please see the [Chromium security page](<http://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more information. \n\n[$7500][[456518](<https://code.google.com/p/chromium/issues/detail?id=456518>)] High CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous. \n[$4000][[313939](<https://code.google.com/p/chromium/issues/detail?id=313939>)] Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo. \n[$3000][[461191](<https://code.google.com/p/chromium/issues/detail?id=461191>)] High CVE-2015-1237: Use-after-free in IPC. Credit to Khalil Zhani. \n[$2000][[445808](<https://code.google.com/p/chromium/issues/detail?id=445808>)] High CVE-2015-1238: Out-of-bounds write in Skia. Credit to cloudfuzzer. \n[$1000][[463599](<https://code.google.com/p/chromium/issues/detail?id=463599>)] Medium CVE-2015-1240: Out-of-bounds read in WebGL. Credit to w3bd3vil. \n[$1000][[418402](<https://code.google.com/p/chromium/issues/detail?id=418402>)] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon and Matt Weston of Sandfield. \n[$500][[460917](<https://code.google.com/p/chromium/issues/detail?id=460917>)] High CVE-2015-1242: Type confusion in V8. Credit to fcole@onshape.com. \n[$500][[455215](<https://code.google.com/p/chromium/issues/detail?id=455215>)] Medium CVE-2015-1244: HSTS bypass in WebSockets. Credit to Mike Ruddy. \n[$500][[444957](<https://code.google.com/p/chromium/issues/detail?id=444957>)] Medium CVE-2015-1245: Use-after-free in PDFium. Credit to Khalil Zhani. \n[$500][[437399](<https://code.google.com/p/chromium/issues/detail?id=437399>)] Medium CVE-2015-1246: Out-of-bounds read in Blink. Credit to Atte Kettunen of OUSPG. \n[$500][[429838](<https://code.google.com/p/chromium/issues/detail?id=429838>)] Medium CVE-2015-1247: Scheme issues in OpenSearch. Credit to Jann Horn. \n[$500][[380663](<https://code.google.com/p/chromium/issues/detail?id=380663>)] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to Vittorio Gambaletta (VittGam). \n\nWe would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additional rewards and their recipients will updated here when all reports have gone through the reward panel. \n\nAs usual, our ongoing internal security work was responsible for a wide range of fixes: \n[[476786](<https://code.google.com/p/chromium/issues/detail?id=476786>)] CVE-2015-1249: Various fixes from internal audits, fuzzing and other initiatives. \nMultiple vulnerabilities in V8 fixed at the tip of the 4.2 branch (currently 4.2.77.14). \n\nMany of the above bugs were detected using [AddressSanitizer](<http://code.google.com/p/address-sanitizer/wiki/AddressSanitizer>) or [MemorySanitizer](<https://code.google.com/p/memory-sanitizer/wiki/MemorySanitizer>). \n\nInterested in switching release channels? [Find out how](<http://www.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<http://crbug.com/>). \n\nAlex Mineer \nGoogle Chrome", "cvss3": {}, "published": "2015-04-14T00:00:00", "type": "chrome", "title": "Stable Channel Update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249"], "modified": "2015-04-14T00:00:00", "id": "GCSA-2222529096158216213", "href": "https://chromereleases.googleblog.com/2015/04/stable-channel-update_14.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:37", "description": "- CVE-2015-1235 (cross-origin bypass)\n\nA vulnerability was discovered that allows cross-origin-bypass in the\nHTML parser.\n\n- CVE-2015-1236 (cross-origin bypass)\n\nA vulnerability was discovered that allows cross-origin-bypass in the\nrendering engine Blink.\n\n- CVE-2015-1237 (arbitrary code execution)\n\nAn use-after-free flaw was discovered in IPC that may lead to arbitrary\ncode execution and denial of service.\n\n- CVE-2015-1238 (arbitrary code execution)\n\nAn out-of-bounds write flaw was discovered in Skia that may lead to\narbitrary code execution and denial of service.\n\n- CVE-2015-1240 (denial of service)\n\nAn out-of-bounds read flaw was discovered in WebGL that may lead to\ninformation disclosure and denial of service.\n\n- CVE-2015-1241 (tap-jacking)\n\nA tap-jacking flaw was discovered that allows the hijacking of tabs to\nshow arbitrary content.\n\n- CVE-2015-1242 (arbitrary code execution)\n\nA Type confusion flaw was discovered in V8 that may lead to arbitrary\ncode execution and denial of service.\n\n- CVE-2015-1244 (security policy bypass)\n\nA security policy flaw was discovered that allowes HSTS bypass in\nWebSockets that may lead to downgrade attacks and cookie hijacking.\n\n- CVE-2015-1245 (arbitrary code execution)\n\nAn use-after-free flaw was discovered in PDFium that may lead to\narbitrary code execution and denial of service.\n\n- CVE-2015-1246 (denial of service)\n\nAn out-of-bounds read flaw was discovered in the rendering engine Blink\nthat may leads to information disclosure and denial of service.\n\n- CVE-2015-1247 (unspecified)\n\nA scheme issues flaw was discovered in OpenSearch that is leading to\nunspecified issues.\n\n- CVE-2015-1248 (filter bypass)\n\nA flaw was discovered that is leading to SafeBrowsing filter bypass.\n\n- CVE-2015-1249 (various)\n\nVarious vulnerabilities were discovered by internal audits, fuzzing and\nother initiatives.", "edition": 2, "cvss3": {}, "published": "2015-04-18T00:00:00", "type": "archlinux", "title": "chromium: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1247", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1235", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1249"], "modified": "2015-04-18T00:00:00", "id": "ASA-201504-19", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:32", "description": "\n\nGoogle Chrome Releases reports:\n\n45 new security fixes, including:\n\n[456518] High CVE-2015-1235: Cross-origin-bypass in HTML\n\t parser. Credit to anonymous.\n[313939] Medium CVE-2015-1236: Cross-origin-bypass in Blink.\n\t Credit to Amitay Dobo.\n[461191] High CVE-2015-1237: Use-after-free in IPC. Credit to\n\t Khalil Zhani.\n[445808] High CVE-2015-1238: Out-of-bounds write in Skia.\n\t Credit to cloudfuzzer.\n[463599] Medium CVE-2015-1240: Out-of-bounds read in WebGL.\n\t Credit to w3bd3vil.\n[418402] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip\n\t Moon and Matt Weston of Sandfield Information Systems.\n[460917] High CVE-2015-1242: Type confusion in V8. Credit to\n\t fcole@onshape.com.\n[455215] Medium CVE-2015-1244: HSTS bypass in WebSockets.\n\t Credit to Mike Ruddy.\n[444957] Medium CVE-2015-1245: Use-after-free in PDFium. Credit\n\t to Khalil Zhani.\n[437399] Medium CVE-2015-1246: Out-of-bounds read in Blink.\n\t Credit to Atte Kettunen of OUSPG.\n[429838] Medium CVE-2015-1247: Scheme issues in OpenSearch.\n\t Credit to Jann Horn.\n[380663] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to\n\t Vittorio Gambaletta (VittGam).\n[476786] CVE-2015-1249: Various fixes from internal audits,\n\t fuzzing and other initiatives. Multiple vulnerabilities in V8\n\t fixed at the tip of the 4.2 branch (currently 4.2.77.14).\n\n\n\n", "cvss3": {}, "published": "2015-04-14T00:00:00", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249"], "modified": "2015-04-14T00:00:00", "id": "B57F690E-ECC9-11E4-876C-00262D5ED8EE", "href": "https://vuxml.freebsd.org/freebsd/b57f690e-ecc9-11e4-876c-00262d5ed8ee.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T20:35:42", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Chromium to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nChromium.(CVE-2015-1235, CVE-2015-1236, CVE-2015-1237, CVE-2015-1238,\nCVE-2015-1240, CVE-2015-1241, CVE-2015-1242, CVE-2015-1244, CVE-2015-1245,\nCVE-2015-1246, CVE-2015-1247, CVE-2015-1248, CVE-2015-1249)\n\nAll Chromium users should upgrade to these updated packages, which contain\nChromium version 42.0.2311.90, which corrects these issues. After\ninstalling the update, Chromium must be restarted for the changes to take\neffect.\n", "cvss3": {}, "published": "2015-04-16T00:00:00", "type": "redhat", "title": "(RHSA-2015:0816) Important: chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249"], "modified": "2018-06-07T05:04:21", "id": "RHSA-2015:0816", "href": "https://access.redhat.com/errata/RHSA-2015:0816", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2023-02-08T16:15:10", "description": "### *Detect date*:\n04/14/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, cause denial of service or possible execute arbitrary code.\n\n### *Affected products*:\nGoogle Chrome versions earlier than 42.0.2311.90\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Get Google Chrome](<https://www.google.com/c>)\n\n### *Original advisories*:\n[Google update new](<http://googlechromereleases.blogspot.ru/2015/04/stable-channel-update_14.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+GoogleChromeReleases+\$Google+Chrome+Releases\$>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2015-1240](<https://vulners.com/cve/CVE-2015-1240>)5.0Critical \n[CVE-2015-1238](<https://vulners.com/cve/CVE-2015-1238>)7.5Critical \n[CVE-2015-1245](<https://vulners.com/cve/CVE-2015-1245>)6.8High \n[CVE-2015-1244](<https://vulners.com/cve/CVE-2015-1244>)5.0Critical \n[CVE-2015-1242](<https://vulners.com/cve/CVE-2015-1242>)7.5Critical \n[CVE-2015-1241](<https://vulners.com/cve/CVE-2015-1241>)4.3Warning \n[CVE-2015-1249](<https://vulners.com/cve/CVE-2015-1249>)7.5Critical \n[CVE-2015-1248](<https://vulners.com/cve/CVE-2015-1248>)4.3Warning \n[CVE-2015-1247](<https://vulners.com/cve/CVE-2015-1247>)5.0Critical \n[CVE-2015-1246](<https://vulners.com/cve/CVE-2015-1246>)5.0Critical \n[CVE-2015-1236](<https://vulners.com/cve/CVE-2015-1236>)4.3Warning \n[CVE-2015-1237](<https://vulners.com/cve/CVE-2015-1237>)7.5Critical \n[CVE-2015-1235](<https://vulners.com/cve/CVE-2015-1235>)5.0Critical", "cvss3": {}, "published": "2015-04-14T00:00:00", "type": "kaspersky", "title": "KLA10546 Multiple vulnerabilities in Google Chrome", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1249"], "modified": "2020-06-03T00:00:00", "id": "KLA10546", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10546/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2018-10-06T22:57:03", "description": "Google has released [Chrome 42](<http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html>), a major security upgrade to the browser that includes patches for 45 vulnerabilities.\n\nThe latest version of Chrome carries with it fixes for a number of high-severity bugs, including a cross-origin bypass in the HTML parser. That vulnerability earned an anonymous security researcher a reward of $7,500 from Google. In all, the company paid out more than $21,000 in rewards to external researchers who reported bugs fixed in this version.\n\nAmong the other serious flaws patched in Chrome 42 is a use-after-free in the IPC component of the browser and a type confusion bug in the V8 engine. There also is a cross-origin bypass in the Blink layout engine, for which Google paid a $4,000 reward to researcher Amitay Dobo.\n\nThe list of security vulnerabilities fixed in Chrome 42 for which Google paid rewards:\n\n[$7500][[456518](<https://code.google.com/p/chromium/issues/detail?id=456518>)] High CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous.\n\n[$4000][[313939](<https://code.google.com/p/chromium/issues/detail?id=313939>)] Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo.\n\n[$3000][[461191](<https://code.google.com/p/chromium/issues/detail?id=461191>)] High CVE-2015-1237: Use-after-free in IPC. Credit to Khalil Zhani.\n\n[$2000][[445808](<https://code.google.com/p/chromium/issues/detail?id=445808>)] High CVE-2015-1238: Out-of-bounds write in Skia. Credit to cloudfuzzer.\n\n[$1000][[463599](<https://code.google.com/p/chromium/issues/detail?id=463599>)] Medium CVE-2015-1240: Out-of-bounds read in WebGL. Credit to w3bd3vil.\n\n[$1000][[418402](<https://code.google.com/p/chromium/issues/detail?id=418402>)] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon and Matt Weston of Sandfield Information Systems.\n\n[$500][[460917](<https://code.google.com/p/chromium/issues/detail?id=460917>)] High CVE-2015-1242: Type confusion in V8. Credit to fcole@onshape.com.\n\n[$500][[455215](<https://code.google.com/p/chromium/issues/detail?id=455215>)] Medium CVE-2015-1244: HSTS bypass in WebSockets. Credit to Mike Ruddy.\n\n[$500][[444957](<https://code.google.com/p/chromium/issues/detail?id=444957>)] Medium CVE-2015-1245: Use-after-free in PDFium. Credit to Khalil Zhani.\n\n[$500][[437399](<https://code.google.com/p/chromium/issues/detail?id=437399>)] Medium CVE-2015-1246: Out-of-bounds read in Blink. Credit to Atte Kettunen of OUSPG.\n\n[$500][[429838](<https://code.google.com/p/chromium/issues/detail?id=429838>)] Medium CVE-2015-1247: Scheme issues in OpenSearch. Credit to Jann Horn.\n\n[$500][[380663](<https://code.google.com/p/chromium/issues/detail?id=380663>)] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to Vittorio Gambaletta (VittGam).\n\nIn addition to the bugs reported by external researchers, Google also fixed a number of [flaws](<https://code.google.com/p/chromium/issues/detail?id=476786>) discovered through its own internal audits and research.\n", "cvss3": {}, "published": "2015-04-14T14:44:57", "type": "threatpost", "title": "Google Fixes Dozens of Bugs in Chrome 42", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248"], "modified": "2015-04-14T18:44:57", "id": "THREATPOST:9A58ECA2DAAEE4EA3304CFA18B16F775", "href": "https://threatpost.com/google-fixes-dozens-of-bugs-in-chrome-42/112248/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "thn": [{"lastseen": "2018-01-27T10:06:50", "description": "[![download-update-google-chrome](https://2.bp.blogspot.com/-OY8G_7PKi_E/VS5YWKpQmMI/AAAAAAAAikc/Y3N9Ag_b0B4/s1600/update-google-chrome.png)](<https://2.bp.blogspot.com/-OY8G_7PKi_E/VS5YWKpQmMI/AAAAAAAAikc/Y3N9Ag_b0B4/s1600/update-google-chrome.png>)\n\nGoogle has finally rolled out the latest version of its popular web browser, i.e. **_Chrome 42 for Windows, Mac, and Linux _**users that now lets websites send you alerts, no matter your browser is open or not.\n\n \n\n\nThe release of the latest Chrome 42 version is a great deal as it costs Google more than $21,000.\n\n \n\n\n**Yes, $21,000!**\n\n \n\n\nThe latest version of [Chrome](<https://thehackernews.com/search/label/Google%20Chrome>) comes with fixes for 45 security vulnerabilities in the web browser, reported by different security researchers [listed below].\n\n \n\n\n**Let's know about the Major updates**:\n\n \n\n\nMajor [updates](<https://googlechromereleases.blogspot.in/2015/04/stable-channel-update_14.html>) and significant improvements for Chrome version 42 includes:\n\n * Advanced [Push API](<https://w3c.github.io/push-api/>) and [Notifications API](<https://notifications.spec.whatwg.org/>)\n * **_Disabled Oracle's Java plugin by default_** as well as other extensions that use NPAPI\n * Patched 45 security bugs and paid out more than $21,000\n\n**Push API**:\n\n \n\n\nGoogle includes Push API in its web browser for the first time. Push API, when combined with the new notifications API, allows websites to push notifications to you through your browser, even when the browser window is closed.\n\n \n\n\nThe Push API feature is an optional feature, which means that you can enable or disable it as per your need. This will offer users an app-like experience on the web.\n\n \n\n\n**What else?**\n\n \n\n\nChrome 42 brings the **_end of official support for [NPAPI](<https://developer.chrome.com/extensions/npapi>)_** (\"Netscape Plugin API\") by disabling old browser plugins by default that use NPAPI, including Oracle\u2019s Java plugin and Silverlight.\n\n \n\n\nHowever, if you really want this blocked plugin, you can manually enable NPAPI support in Chrome's settings. But, you\u2019ll not enjoy NPAPI support for a long time as by September this year, Google will permanently remove this option.\n\n \n\n\n**Why Google want to vanish NPAPI?**\n\n \n\n\nThe open-source project team has been trying to kill off NPAPI [since 2013](<https://blog.chromium.org/2013/09/saying-goodbye-to-our-old-friend-npapi.html>), describing NPAPI as a dangerous security and stability risk.\n\n \n\n\nThe search engine giant believes that by disallowing to run Java plugin would certainly reduce the possibility of the attack against its Chrome browser.\n\n \n\n\n**Google patches total 45 security holes in its Chrome Browser:**\n\n \n\n\nThere were a number of high-severity vulnerabilities, including one known as **_Cross-origin bypass in the HTML parser_**. An anonymous security researcher was paid a **_reward of $7,500_** from Google for this critical vulnerability.\n\n \n\n\nThe list of rest security bugs fixed in Chrome 42 for which Google paid rewards are:\n\n * CVE-2015-1236 (Medium): Cross-origin-bypass in Blink -- Reward $4000 to Amitay Dobo\n * CVE-2015-1237 (High): Use-after-free in IPC -- Reward $3000 to Khalil Zhani\n * CVE-2015-1238 (High): Out-of-bounds write in Skia -- Reward $2000 to cloudfuzzer\n * CVE-2015-1240 (Medium): Out-of-bounds read in WebGL -- Reward $1000 to w3bd3vil\n * CVE-2015-1241 (Medium): Tap-Jacking -- Reward $1000 to Phillip Moon and Matt Weston of Sandfield Information Systems\n * CVE-2015-1242 (High): Type confusion in V8 -- Reward $500 to fcole@onshape.com\n * CVE-2015-1244 (Medium): HSTS bypass in WebSockets -- Reward $500 to Mike Ruddy\n * CVE-2015-1245 (Medium): Use-after-free in PDFium -- Reward $500 to Khalil Zhani\n * CVE-2015-1246 (Medium): Out-of-bounds read in Blink -- Reward $500 to Atte Kettunen of OUSPG\n * CVE-2015-1247 (Medium): Scheme issues in OpenSearch -- Reward $500 to Jann Horn\n * CVE-2015-1248 (Medium): SafeBrowsing bypass -- Reward $500 to Vittorio Gambaletta (VittGam)\n\nSo, if I talk about the total cost Google spent in bug bounties to external security researchers who contributed reported bugs fixed in this latest version, its around $21,500 in total.\n\n \n\n\n**Let's Update Chrome 42:**\n\n \n\n\nYou can now update this latest version, Chrome Version 42, using the browser\u2019s built-in silent update or download it straight forward from [google.com/chrome](<https://www.google.com/chrome/>). Linux users need to install the Distro Package Manager.\n\n \n\n\nHave you updated Chrome 42 already? Let us know your experience with Chrome 42 in the comment box below!\n", "cvss3": {}, "published": "2015-04-15T01:31:00", "type": "thn", "title": "Google Launches Chrome 42 with Push Notifications", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2015-1247", "CVE-2015-1246", "CVE-2015-1244", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1248", "CVE-2015-1236", "CVE-2015-1242", "CVE-2015-1245", "CVE-2015-1237", "CVE-2015-1238"], "modified": "2015-04-15T12:31:50", "id": "THN:5567C5205B537235576972984F283879", "href": "https://thehackernews.com/2015/04/download-google-chrome.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2023-01-26T13:28:13", "description": "## Releases\n\n * Ubuntu 15.04 \n * Ubuntu 14.10 \n * Ubuntu 14.04 ESM\n\n## Packages\n\n * oxide-qt \\- Web browser engine library for Qt (QML plugin)\n\nAn issue was discovered in the HTML parser in Blink. If a user were \ntricked in to opening a specially crafted website, an attacker could \npotentially exploit this to bypass same-origin restrictions. \n(CVE-2015-1235)\n\nAn issue was discovered in the Web Audio API implementation in Blink. If \na user were tricked in to opening a specially crafted website, an attacker \ncould potentially exploit this to bypass same-origin restrictions. \n(CVE-2015-1236)\n\nA use-after-free was discovered in Chromium. If a user were tricked in to \nopening a specially crafted website, an attacker could potentially exploit \nthis to cause a denial of service via renderer crash, or execute arbitrary \ncode with the privileges of the sandboxed render process. (CVE-2015-1237)\n\nAn out-of-bounds write was discovered in Skia. If a user were tricked in \nto opening a specially crafted website, an attacker could potentially \nexploit this to cause a denial of service via application crash or execute \narbitrary code with the privileges of the user invoking the program. \n(CVE-2015-1238)\n\nAn out-of-bounds read was discovered in the WebGL implementation. If a \nuser were tricked in to opening a specially crafted website, an attacker \ncould potentially exploit this to cause a denial of service via renderer \ncrash. (CVE-2015-1240)\n\nAn issue was discovered with the interaction of page navigation and touch \nevent handling. If a user were tricked in to opening a specially crafted \nwebsite, an attacker could potentially exploit this to conduct \n\"tap jacking\" attacks. (CVE-2015-1241)\n\nA type confusion bug was discovered in V8. If a user were tricked in to \nopening a specially crafted website, an attacker could potentially exploit \nthis to cause a denial of service via renderer crash, or execute arbitrary \ncode with the privileges of the sandboxed render process. (CVE-2015-1242)\n\nIt was discovered that websocket connections were not upgraded whenever a \nHSTS policy is active. A remote attacker could potentially exploit this \nto conduct a machine-in-the-middle (MITM) attack. (CVE-2015-1244)\n\nAn out-of-bounds read was discovered in Blink. If a user were tricked in \nto opening a specially crafted website, an attacker could potentially \nexploit this to cause a denial of service via renderer crash. \n(CVE-2015-1246)\n\nMultiple security issues were discovered in Chromium. If a user were \ntricked in to opening a specially crafted website, an attacker could \npotentially exploit these to read uninitialized memory, cause a denial \nof service via application crash or execute arbitrary code with the \nprivileges of the user invoking the program. (CVE-2015-1249)\n\nA use-after-free was discovered in the file picker implementation. If a \nuser were tricked in to opening a specially crafted website, an attacker \ncould potentially exploit this to cause a denial of service via \napplication crash or execute arbitrary code with the privileges of the \nuser invoking the program. (CVE-2015-1321)\n\nMultiple security issues were discovered in V8. If a user were tricked \nin to opening a specially crafted website, an attacker could potentially \nexploit these to read uninitialized memory, cause a denial of service via \nrenderer crash or execute arbitrary code with the privileges of the \nsandboxed render process. (CVE-2015-3333)\n", "cvss3": {}, "published": "2015-04-27T00:00:00", "type": "ubuntu", "title": "Oxide vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1244", "CVE-2015-1246", "CVE-2015-1249", "CVE-2015-1321", "CVE-2015-3333"], "modified": "2015-04-27T00:00:00", "id": "USN-2570-1", "href": "https://ubuntu.com/security/notices/USN-2570-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:07:00", "description": "### Background\n\nChromium is an open-source web browser project.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker can cause arbitrary remote code execution, Denial of Service or bypass of security mechanisms. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-43.0.2357.65\"", "cvss3": {}, "published": "2015-06-23T00:00:00", "type": "gentoo", "title": "Chromium: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1233", "CVE-2015-1234", "CVE-2015-1235", "CVE-2015-1236", "CVE-2015-1237", "CVE-2015-1238", "CVE-2015-1240", "CVE-2015-1241", "CVE-2015-1242", "CVE-2015-1243", "CVE-2015-1244", "CVE-2015-1245", "CVE-2015-1246", "CVE-2015-1247", "CVE-2015-1248", "CVE-2015-1250", "CVE-2015-1251", "CVE-2015-1252", "CVE-2015-1253", "CVE-2015-1254", "CVE-2015-1255", "CVE-2015-1256", "CVE-2015-1257", "CVE-2015-1258", "CVE-2015-1259", "CVE-2015-1260", "CVE-2015-1262", "CVE-2015-1263", "CVE-2015-1264", "CVE-2015-1265"], "modified": "2015-06-23T00:00:00", "id": "GLSA-201506-04", "href": "https://security.gentoo.org/glsa/201506-04", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:16:50", "description": "Google Chrome before 42.0.2311.90 does not always ask the user before\nproceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and\nCONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote\nattackers to cause a denial of service (UI disruption) by constructing a\ncrafted HTML document containing JavaScript code with requestFullScreen and\nrequestPointerLock calls, and arranging for the user to access this\ndocument with a file: URL.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-3336", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3336"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-3336", "href": "https://ubuntu.com/security/CVE-2015-3336", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:16:50", "description": "browser/ui/website_settings/website_settings.cc in Google Chrome before\n42.0.2311.90 does not always display \"Media: Allowed by you\" in a\nPermissions table after the user has granted camera permission to a web\nsite, which might make it easier for user-assisted remote attackers to\nobtain sensitive video data from a device's physical environment via a\ncrafted web site that turns on the camera at a time when the user believes\nthat camera access is prohibited.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-3334", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3334"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-3334", "href": "https://ubuntu.com/security/CVE-2015-3334", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T14:16:50", "description": "Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used\nin Google Chrome before 42.0.2311.90, allow attackers to cause a denial of\nservice or possibly have other impact via unknown vectors.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mikesalvatore](<https://launchpad.net/~mikesalvatore>) | The Ubuntu Security Team does not support libv8\n", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-3333", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3333"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-3333", "href": "https://ubuntu.com/security/CVE-2015-3333", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:16:51", "description": "The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in\nGoogle Chrome before 42.0.2311.90 does not replace the ws scheme with the\nwss scheme whenever an HSTS Policy is active, which makes it easier for\nremote attackers to obtain sensitive information by sniffing the network\nfor WebSocket traffic.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1244", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1244"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1244", "href": "https://ubuntu.com/security/CVE-2015-1244", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T14:16:50", "description": "Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90\nallow attackers to cause a denial of service or possibly have other impact\nvia unknown vectors.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1249", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1249"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1249", "href": "https://ubuntu.com/security/CVE-2015-1249", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:16:50", "description": "Use-after-free vulnerability in the OpenPDFInReaderView::Update function in\nbrowser/ui/views/location_bar/open_pdf_in_reader_view.cc in Google Chrome\nbefore 41.0.2272.76 might allow user-assisted remote attackers to cause a\ndenial of service (heap memory corruption) or possibly have unspecified\nother impact by triggering interaction with a PDFium \"Open PDF in Reader\"\nbutton that has an invalid tab association.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1245", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1245"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1245", "href": "https://ubuntu.com/security/CVE-2015-1245", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:16:51", "description": "The SearchEngineTabHelper::OnPageHasOSDD function in\nbrowser/ui/search_engines/search_engine_tab_helper.cc in Google Chrome\nbefore 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch\ndescriptor XML document, which might allow remote attackers to obtain\nsensitive information from local files via a crafted (1) http or (2) https\nweb site.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1247", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1247"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1247", "href": "https://ubuntu.com/security/CVE-2015-1247", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T14:16:51", "description": "The FileSystem API in Google Chrome before 40.0.2214.91 allows remote\nattackers to bypass the SafeBrowsing for Executable Files protection\nmechanism by creating a .exe file in a temporary filesystem and then\nreferencing this file with a filesystem:http: URL.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1248", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1248"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1248", "href": "https://ubuntu.com/security/CVE-2015-1248", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T14:16:50", "description": "The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc\nin Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90,\nallows remote attackers to cause a denial of service or possibly have\nunspecified other impact via crafted JavaScript code that leverages \"type\nconfusion\" in the check-elimination optimization.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1242", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1242"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1242", "href": "https://ubuntu.com/security/CVE-2015-1242", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:16:51", "description": "Blink, as used in Google Chrome before 42.0.2311.90, allows remote\nattackers to cause a denial of service (out-of-bounds read) via unspecified\nvectors.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1246", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1246"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1246", "href": "https://ubuntu.com/security/CVE-2015-1246", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:16:51", "description": "gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in\nGoogle Chrome before 42.0.2311.90 allows remote attackers to cause a denial\nof service (out-of-bounds read) via a crafted WebGL program that triggers a\nstate inconsistency.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1240", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1240"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1240", "href": "https://ubuntu.com/security/CVE-2015-1240", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:16:51", "description": "Google Chrome before 42.0.2311.90 does not properly consider the\ninteraction of page navigation with the handling of touch events and\ngesture events, which allows remote attackers to trigger unintended UI\nactions via a crafted web site that conducts a \"tapjacking\" attack.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1241", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1241"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1241", "href": "https://ubuntu.com/security/CVE-2015-1241", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T14:16:52", "description": "Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers\nto cause a denial of service (out-of-bounds write) or possibly have\nunspecified other impact via unknown vectors.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1238", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1238"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1238", "href": "https://ubuntu.com/security/CVE-2015-1238", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:16:52", "description": "Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived\nfunction in content/renderer/render_frame_impl.cc in Google Chrome before\n42.0.2311.90 allows remote attackers to cause a denial of service or\npossibly have unspecified other impact via vectors that trigger renderer\nIPC messages during a detach operation.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1237", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1237"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1237", "href": "https://ubuntu.com/security/CVE-2015-1237", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:16:51", "description": "The MediaElementAudioSourceNode::process function in\nmodules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API\nimplementation in Blink, as used in Google Chrome before 42.0.2311.90,\nallows remote attackers to bypass the Same Origin Policy and obtain\nsensitive audio sample values via a crafted web site containing a media\nelement.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1236", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1236"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1236", "href": "https://ubuntu.com/security/CVE-2015-1236", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T14:16:51", "description": "The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp\nin the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90,\nallows remote attackers to bypass the Same Origin Policy via a crafted HTML\ndocument with an IFRAME element.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1235", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235"], "modified": "2015-04-19T00:00:00", "id": "UB:CVE-2015-1235", "href": "https://ubuntu.com/security/CVE-2015-1235", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "debiancve": [{"lastseen": "2021-12-14T17:47:14", "description": "Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service (UI disruption) by constructing a crafted HTML document containing JavaScript code with requestFullScreen and requestPointerLock calls, and arranging for the user to access this document with a file: URL.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-3336", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3336"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-3336", "href": "https://security-tracker.debian.org/tracker/CVE-2015-3336", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-14T17:47:14", "description": "browser/ui/website_settings/website_settings.cc in Google Chrome before 42.0.2311.90 does not always display \"Media: Allowed by you\" in a Permissions table after the user has granted camera permission to a web site, which might make it easier for user-assisted remote attackers to obtain sensitive video data from a device's physical environment via a crafted web site that turns on the camera at a time when the user believes that camera access is prohibited.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-3334", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3334"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-3334", "href": "https://security-tracker.debian.org/tracker/CVE-2015-3334", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-14T17:47:14", "description": "Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-3333", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3333"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-3333", "href": "https://security-tracker.debian.org/tracker/CVE-2015-3333", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:14", "description": "The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1244", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1244"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1244", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1244", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-14T17:47:14", "description": "Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1249", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1249"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1249", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1249", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:14", "description": "Use-after-free vulnerability in the OpenPDFInReaderView::Update function in browser/ui/views/location_bar/open_pdf_in_reader_view.cc in Google Chrome before 41.0.2272.76 might allow user-assisted remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering interaction with a PDFium \"Open PDF in Reader\" button that has an invalid tab association.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1245", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1245"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1245", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1245", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:14", "description": "The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/search_engines/search_engine_tab_helper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local files via a crafted (1) http or (2) https web site.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1247", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1247"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1247", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1247", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-14T17:47:14", "description": "The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1248", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1248"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1248", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1248", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-12-14T17:47:14", "description": "The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages \"type confusion\" in the check-elimination optimization.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1242", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1242"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1242", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1242", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:14", "description": "Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1246", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1246"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1246", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1246", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-14T17:47:14", "description": "gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1240", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1240"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1240", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1240", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-14T17:47:14", "description": "Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a \"tapjacking\" attack.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1241", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1241"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1241", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1241", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-12-14T17:47:14", "description": "Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1238", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1238"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1238", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1238", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:14", "description": "Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages during a detach operation.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1237", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1237"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1237", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1237", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:14", "description": "The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a crafted web site containing a media element.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1236", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1236"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1236", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1236", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-14T17:47:14", "description": "The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "debiancve", "title": "CVE-2015-1235", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235"], "modified": "2015-04-19T10:59:00", "id": "DEBIANCVE:CVE-2015-1235", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1235", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2023-02-09T02:37:04", "description": "Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service (UI disruption) by constructing a crafted HTML document containing JavaScript code with requestFullScreen and requestPointerLock calls, and arranging for the user to access this document with a file: URL.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-3336", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3336"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:13.2", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:opensuse:opensuse:13.1", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-3336", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3336", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:37:00", "description": "browser/ui/website_settings/website_settings.cc in Google Chrome before 42.0.2311.90 does not always display \"Media: Allowed by you\" in a Permissions table after the user has granted camera permission to a web site, which might make it easier for user-assisted remote attackers to obtain sensitive video data from a device's physical environment via a crafted web site that turns on the camera at a time when the user believes that camera access is prohibited.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-3334", "cwe": ["CWE-17"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3334"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:debian:debian_linux:7.0", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:opensuse:opensuse:13.1", "cpe:/o:opensuse:opensuse:13.2", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-3334", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3334", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:36:59", "description": "Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-3333", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3333"], "modified": "2017-01-03T03:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/a:google:v8:4.2.77.7", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-3333", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3333", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:v8:4.2.77.7:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:33:00", "description": "The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1244", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1244"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-1244", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1244", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:59", "description": "Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1249", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1249"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-1249", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1249", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:58", "description": "Use-after-free vulnerability in the OpenPDFInReaderView::Update function in browser/ui/views/location_bar/open_pdf_in_reader_view.cc in Google Chrome before 41.0.2272.76 might allow user-assisted remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering interaction with a PDFium \"Open PDF in Reader\" button that has an invalid tab association.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1245", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1245"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/a:google:chrome:41.0.2272.74", "cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2015-1245", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1245", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:41.0.2272.74:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:59", "description": "The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/search_engines/search_engine_tab_helper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local files via a crafted (1) http or (2) https web site.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1247", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1247"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2015-1247", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1247", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:58", "description": "The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1248", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1248"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/a:google:chrome:40.0.2214.85", "cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2015-1248", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1248", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:40.0.2214.85:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:57", "description": "The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages \"type confusion\" in the check-elimination optimization.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1242", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1242"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/a:google:v8:4.2.77.7", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-1242", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1242", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:v8:4.2.77.7:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:58", "description": "Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1246", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1246"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2015-1246", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1246", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:57", "description": "gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1240", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1240"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-1240", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1240", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:58", "description": "Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a \"tapjacking\" attack.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1241", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1241"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-1241", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1241", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:58", "description": "Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1238", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1238"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-1238", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1238", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:57", "description": "Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages during a detach operation.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1237", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1237"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-1237", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1237", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:56", "description": "The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a crafted web site containing a media element.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1236", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1236"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-1236", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1236", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:32:56", "description": "The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element.", "cvss3": {}, "published": "2015-04-19T10:59:00", "type": "cve", "title": "CVE-2015-1235", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1235"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:google:chrome:42.0.2311.60", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-1235", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1235", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:google:chrome:42.0.2311.60:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"]}]}