CVE-2015-5605
chromium-browser: v8 denial of service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code, as demonstrated by an error in garbage collection during allocation of a stack-overflow exception message.
Vulnerabilidad en la implementación de expresiones regulares en Google V8 de Google Chrome en versiones anteriores a la 44.0.2403.89, no maneja correctamente las interrupciones, lo cual permite a atacantes remotos causar una denegación de servicio mediante la caída de la aplicación a través de código JavaScript manipulado, como se demuestra por un error en la recolección de desperdicios durante la asignación de un mensaje de excepción de desbordamiento de pila.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-07-20 CVE Reserved
- 2015-07-23 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-17: DEPRECATED: Code
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html | X_refsource_confirm | |
| http://www.securityfocus.com/bid/76007 | Vdb Entry | |
| http://www.securitytracker.com/id/1033031 | Vdb Entry | |
| https://chromium.googlesource.com/v8/v8.git/+/c67cb287a901ddf03d4ae4dafcf431d09fd3e22c | X_refsource_confirm | |
| https://code.google.com/p/chromium/issues/detail?id=469480 | X_refsource_confirm | |
| https://code.google.com/p/chromium/issues/detail?id=512110 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2015-1499.html | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2015-5605 | 2015-07-27 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1245955 | 2015-07-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | <= 43.0.2357.134 Search vendor "Google" for product "Chrome" and version " <= 43.0.2357.134" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.1 Search vendor "Opensuse" for product "Opensuse" and version "13.1" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.2 Search vendor "Opensuse" for product "Opensuse" and version "13.2" | - |
Affected
| ||||||