logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2015-1254

Description

core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing.


Affected Package


OS OS Version Package Name Package Version
ubuntu 14.04 chromium-browser trusty was released [43.0.2357.81-0ubuntu0.14.04.1.1089]
ubuntu upstream chromium-browser 43.0.2357.65
ubuntu 14.10 chromium-browser 43.0.2357.81-0ubuntu0.14.10.1.1131
ubuntu 15.04 chromium-browser 43.0.2357.81-0ubuntu0.15.04.1.1170
ubuntu 15.10 chromium-browser 43.0.2357.81-0ubuntu1.1179
ubuntu 14.04 oxide-qt trusty was released [1.7.8-0ubuntu0.14.04.1]
ubuntu upstream oxide-qt 1.7.8
ubuntu 14.10 oxide-qt 1.7.8-0ubuntu0.14.10.1
ubuntu 15.04 oxide-qt 1.7.8-0ubuntu0.15.04.1
ubuntu 15.10 oxide-qt 1.7.8-0ubuntu1

Related