Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-1302
HistoryNov 11, 2015 - 12:00 a.m.

CVE-2015-1302

2015-11-1100:00:00
ubuntu.com
ubuntu.com
4

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.7%

The PDF viewer in Google Chrome before 46.0.2490.86 does not properly
restrict scripting messages and API exposure, which allows remote attackers
to bypass the Same Origin Policy via an unintended embedder or unintended
plugin loading, related to pdf.js and out_of_process_instance.cc.

OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchchromium-browser< 47.0.2526.73-0ubuntu1.1218UNKNOWN
ubuntu15.04noarchchromium-browser< 47.0.2526.73-0ubuntu0.15.04.1.1190UNKNOWN
ubuntu15.10noarchchromium-browser< 47.0.2526.73-0ubuntu0.15.10.1.1215UNKNOWN

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.7%

Related for UB:CVE-2015-1302