6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.032 Low
EPSS
Percentile
91.1%
Multiple integer overflows in the XML_GetBuffer function in Expat through
2.1.0, as used in Google Chrome before 44.0.2403.89 and other products,
allow remote attackers to cause a denial of service (heap-based buffer
overflow) or possibly have unspecified other impact via crafted XML data, a
related issue to CVE-2015-2716.
Author | Note |
---|---|
ccdm94 | cmake 3.20.5 and forward uses expat 2.2.10+. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 23.10 | noarch | audacity | < any | UNKNOWN |
ubuntu | 16.04 | noarch | ayttm | < any | UNKNOWN |
ubuntu | 16.04 | noarch | cableswig | < any | UNKNOWN |
ubuntu | 18.04 | noarch | cadaver | < any | UNKNOWN |
ubuntu | 20.04 | noarch | cadaver | < any | UNKNOWN |
ubuntu | 22.04 | noarch | cadaver | < any | UNKNOWN |
ubuntu | 23.10 | noarch | cadaver | < any | UNKNOWN |
ubuntu | 16.04 | noarch | cadaver | < any | UNKNOWN |
ubuntu | 17.10 | noarch | chromium-browser | < 44.0.2403.89-0ubuntu1.1195 | UNKNOWN |
ubuntu | 18.04 | noarch | chromium-browser | < 44.0.2403.89-0ubuntu1.1195 | UNKNOWN |
googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
launchpad.net/bugs/cve/CVE-2015-1283
nvd.nist.gov/vuln/detail/CVE-2015-1283
security-tracker.debian.org/tracker/CVE-2015-1283
ubuntu.com/security/notices/USN-2677-1
ubuntu.com/security/notices/USN-2726-1
ubuntu.com/security/notices/USN-3013-1
ubuntu.com/security/notices/USN-4772-1
ubuntu.com/security/notices/USN-5455-1
www.cve.org/CVERecord?id=CVE-2015-1283