logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2015-1288

Description

The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issue to CVE-2015-1263. #### Bugs * <https://code.google.com/p/chromium/issues/detail?id=479162>


Affected Package


OS OS Version Package Name Package Version
ubuntu 14.04 chromium-browser trusty was released [44.0.2403.89-0ubuntu0.14.04.1.1095]
ubuntu upstream chromium-browser 44.0.2403.89
ubuntu 14.10 chromium-browser any
ubuntu 15.04 chromium-browser 44.0.2403.89-0ubuntu0.15.04.1.1177
ubuntu 15.10 chromium-browser 44.0.2403.89-0ubuntu1.1195
ubuntu 16.04 chromium-browser 44.0.2403.89-0ubuntu1.1195

Related