CVE-2015-1218

2015-03-0800:00:00

ubuntu.com

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.016

Percentile

87.8%

JSON

Multiple use-after-free vulnerabilities in the DOM implementation in Blink,
as used in Google Chrome before 41.0.2272.76, allow remote attackers to
cause a denial of service or possibly have unspecified other impact via
vectors that trigger movement of a SCRIPT element to different documents,
related to (1) the HTMLScriptElement::didMoveToNewDocument function in
core/html/HTMLScriptElement.cpp and (2) the
SVGScriptElement::didMoveToNewDocument function in
core/svg/SVGScriptElement.cpp.

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchchromium-browser< 41.0.2272.76-0ubuntu0.14.04.1.1076UNKNOWN
ubuntu14.10noarchchromium-browser< 41.0.2272.76-0ubuntu0.14.10.1.1118UNKNOWN
ubuntu15.04noarchchromium-browser< 41.0.2272.76-0ubuntu1.1134UNKNOWN
ubuntu15.10noarchchromium-browser< 41.0.2272.76-0ubuntu1.1134UNKNOWN
ubuntu14.04noarchoxide-qt< 1.5.5-0ubuntu0.14.04.3UNKNOWN
ubuntu14.10noarchoxide-qt< 1.5.5-0ubuntu0.14.10.2UNKNOWN
ubuntu15.04noarchoxide-qt< 1.5.5-0ubuntu1UNKNOWN
ubuntu15.10noarchoxide-qt< 1.5.5-0ubuntu1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	14.04	noarch	chromium-browser	< 41.0.2272.76-0ubuntu0.14.04.1.1076	UNKNOWN
ubuntu	14.10	noarch	chromium-browser	< 41.0.2272.76-0ubuntu0.14.10.1.1118	UNKNOWN
ubuntu	15.04	noarch	chromium-browser	< 41.0.2272.76-0ubuntu1.1134	UNKNOWN
ubuntu	15.10	noarch	chromium-browser	< 41.0.2272.76-0ubuntu1.1134	UNKNOWN
ubuntu	14.04	noarch	oxide-qt	< 1.5.5-0ubuntu0.14.04.3	UNKNOWN
ubuntu	14.10	noarch	oxide-qt	< 1.5.5-0ubuntu0.14.10.2	UNKNOWN
ubuntu	15.04	noarch	oxide-qt	< 1.5.5-0ubuntu1	UNKNOWN
ubuntu	15.10	noarch	oxide-qt	< 1.5.5-0ubuntu1	UNKNOWN