CVE-2015-1249
chromium-browser: Various fixes from internal audits, fuzzing and other initiatives
Severity Score
Exploit Likelihood
Affected Versions
5Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 42.0.2311.90 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos.
Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. All Chromium users should upgrade to these updated packages, which contain Chromium version 42.0.2311.90, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-01-21 CVE Reserved
- 2015-04-17 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
CAPEC
References (35)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-updates/2015-04/msg0004... | 2023-11-07 | |
| http://lists.opensuse.org/opensuse-updates/2015-11/msg0002... | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2015-0816.html | 2023-11-07 | |
| http://ubuntu.com/usn/usn-2570-1 | 2023-11-07 | |
| http://www.debian.org/security/2015/dsa-3238 | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2015-1249 | 2015-04-16 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1211932 | 2015-04-16 |