Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-1235
HistoryApr 19, 2015 - 12:00 a.m.

CVE-2015-1235

2015-04-1900:00:00
ubuntu.com
ubuntu.com
5

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

80.5%

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp
in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90,
allows remote attackers to bypass the Same Origin Policy via a crafted HTML
document with an IFRAME element.

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchchromium-browser< 43.0.2357.81-0ubuntu0.14.04.1.1089UNKNOWN
ubuntu14.10noarchchromium-browser< 43.0.2357.81-0ubuntu0.14.10.1.1131UNKNOWN
ubuntu15.04noarchchromium-browser< 43.0.2357.81-0ubuntu0.15.04.1.1170UNKNOWN
ubuntu15.10noarchchromium-browser< 43.0.2357.81-0ubuntu1.1179UNKNOWN
ubuntu14.04noarchoxide-qt< 1.6.5-0ubuntu0.14.04.1UNKNOWN
ubuntu14.10noarchoxide-qt< 1.6.5-0ubuntu0.14.10.1UNKNOWN
ubuntu15.04noarchoxide-qt< 1.6.5-0ubuntu0.15.04.1UNKNOWN
ubuntu15.10noarchoxide-qt< 1.7.7-0ubuntu0.15.04.1~ppa1UNKNOWN

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

80.5%

Related for UB:CVE-2015-1235