logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2015-1263

Description

The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file.


Affected Package


OS OS Version Package Name Package Version
ubuntu 14.04 chromium-browser trusty was released [43.0.2357.81-0ubuntu0.14.04.1.1089]
ubuntu upstream chromium-browser 43.0.2357.65
ubuntu 14.10 chromium-browser 43.0.2357.81-0ubuntu0.14.10.1.1131
ubuntu 15.04 chromium-browser 43.0.2357.81-0ubuntu0.15.04.1.1170
ubuntu 15.10 chromium-browser 43.0.2357.81-0ubuntu1.1179
ubuntu 16.04 chromium-browser 43.0.2357.81-0ubuntu1.1179

Related