Lucene search
Ubuntu.comUB:CVE-2015-1304HistorySep 29, 2015 - 12:00 a.m.
CVE-2015-1304
2015-09-2900:00:00
ubuntu.com
ubuntu.com
9
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.014 Low
EPSS
Percentile
86.2%
object-observe.js in Google V8, as used in Google Chrome before
45.0.2454.101, does not properly restrict method calls on access-checked
objects, which allows remote attackers to bypass the Same Origin Policy via
a (1) observe or (2) getNotifier call.
Notes
| Author | Note |
|---|---|
| mikesalvatore | The Ubuntu Security Team does not support libv8 |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 17.10 | noarch | chromium-browser | < 45.0.2454.101-0ubuntu1.1201 | UNKNOWN |
| ubuntu | 18.04 | noarch | chromium-browser | < 45.0.2454.101-0ubuntu1.1201 | UNKNOWN |
| ubuntu | 18.10 | noarch | chromium-browser | < 45.0.2454.101-0ubuntu1.1201 | UNKNOWN |
| ubuntu | 14.04 | noarch | chromium-browser | < 45.0.2454.101-0ubuntu0.14.04.1.1099 | UNKNOWN |
| ubuntu | 15.04 | noarch | chromium-browser | < 45.0.2454.101-0ubuntu0.15.04.1.1183 | UNKNOWN |
| ubuntu | 15.10 | noarch | chromium-browser | < 45.0.2454.101-0ubuntu1.1201 | UNKNOWN |
| ubuntu | 16.04 | noarch | chromium-browser | < 45.0.2454.101-0ubuntu1.1201 | UNKNOWN |
| ubuntu | 16.10 | noarch | chromium-browser | < 45.0.2454.101-0ubuntu1.1201 | UNKNOWN |
| ubuntu | 17.04 | noarch | chromium-browser | < 45.0.2454.101-0ubuntu1.1201 | UNKNOWN |
| ubuntu | 17.10 | noarch | oxide-qt | < 1.9.5-0ubuntu1 | UNKNOWN |
Related
prion
prion
Design/Logic Flaw
2015-10-12 01:59:00
debiancve
debiancve
CVE-2015-1304
2015-10-12 01:59:00
seebug
seebug
cve
cve
CVE-2015-1304
2015-10-12 01:59:00
securityvulns
securityvulns
Oxide security vulnerabilities
2015-10-11 00:00:00
[USN-2757-1] Oxide vulnerabilities
2015-10-11 00:00:00
Google Chrome / Chromium / Oxide multiple security vulnerabilities
2015-10-25 00:00:00
archlinux
archlinux
chromium: cross-origin bypass
2015-09-28 00:00:00
openvas
openvas
SuSE Update for Chromium openSUSE-SU-2015:1719-1 (Chromium)
2015-10-13 00:00:00
Google Chrome Multiple Vulnerabilities-02 (Oct 2015) - Linux
2015-10-19 00:00:00
Ubuntu: Security Advisory (USN-2757-1)
2015-10-06 00:00:00
nessus
nessus
Google Chrome < 45.0.2454.101 Multiple Vulnerabilities
2015-09-30 00:00:00
Google Chrome < 45.0.2454.101 Multiple Vulnerabilities (Mac OS X)
2015-09-30 00:00:00
Google Chrome < 45.0.2454.101 Multiple Vulnerabilities
2015-12-04 00:00:00
redhat
redhat
(RHSA-2015:1841) Important: chromium-browser security update
2015-09-29 00:00:00
chrome
chrome
Stable Channel Update
2015-09-24 00:00:00
kaspersky
kaspersky
KLA10673 Security bypass vulnerabilties at Google Chrome
2015-09-24 00:00:00
suse
suse
Security update for Chromium (important)
2015-10-11 14:09:40
Security update for Chromium (important)
2015-11-02 16:35:34
mageia
mageia
Updated chromium-browser packages fix security vulnerabilities
2015-10-04 00:15:27
freebsd
freebsd
chromium -- multiple vulnerabilities
2015-09-24 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2015-10-05 00:00:00
debian
debian
[SECURITY] [DSA 3376-1] chromium-browser security update
2015-10-21 03:08:24
[SECURITY] [DSA 3376-1] chromium-browser security update
2015-10-21 03:08:24
osv
osv
chromium-browser - security update
2015-10-20 00:00:00
gentoo
gentoo
Chromium: Multiple vulnerabilities
2016-03-12 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.014 Low
EPSS
Percentile
86.2%
Related for UB:CVE-2015-1304