7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.021 Low
EPSS
Percentile
88.9%
platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation in
Blink, as used in Google Chrome before 43.0.2357.65, does not properly
handle an insufficient number of values in an feColorMatrix filter, which
allows remote attackers to cause a denial of service (container overflow)
or possibly have unspecified other impact via a crafted document.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 14.10 | noarch | chromium-browser | < 43.0.2357.81-0ubuntu0.14.10.1.1131 | UNKNOWN |
ubuntu | 15.04 | noarch | chromium-browser | < 43.0.2357.81-0ubuntu0.15.04.1.1170 | UNKNOWN |
ubuntu | 15.10 | noarch | chromium-browser | < 43.0.2357.81-0ubuntu1.1179 | UNKNOWN |
ubuntu | 14.10 | noarch | oxide-qt | < 1.7.8-0ubuntu0.14.10.1 | UNKNOWN |
ubuntu | 15.04 | noarch | oxide-qt | < 1.7.8-0ubuntu0.15.04.1 | UNKNOWN |
ubuntu | 15.10 | noarch | oxide-qt | < 1.7.8-0ubuntu1 | UNKNOWN |
googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html
code.google.com/p/chromium/issues/detail?id=468519
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1257
launchpad.net/bugs/cve/CVE-2015-1257
nvd.nist.gov/vuln/detail/CVE-2015-1257
security-tracker.debian.org/tracker/CVE-2015-1257
src.chromium.org/viewvc/blink?view=rev&revision=193571
src.chromium.org/viewvc/blink?view=rev&revision=193911
ubuntu.com/security/notices/USN-2610-1