exploitDog

CVE-2015-6779

Опубликовано: 01 дек. 2015

Источник: redhat

CVSS2: 6.4

EPSS Низкий

Описание

PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1287494chromium-browser: Scheme bypass in PDFium

EPSS

Процентиль: 69%

0.00597

Низкий

6.4 Medium

CVSS2

Связанные уязвимости

CVE-2015-6779

ubuntu

около 10 лет назад

PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL.

CVE-2015-6779

nvd

около 10 лет назад

PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL.

CVE-2015-6779

debian

около 10 лет назад

PDFium, as used in Google Chrome before 47.0.2526.73, does not properl ...

GHSA-g87j-f4vq-mvgc

github

больше 3 лет назад

PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL.

openSUSE-SU-2015:2291-1

suse-cvrf

около 10 лет назад

Security update for Chromium

EPSS

Процентиль: 69%

0.00597

Низкий

6.4 Medium

CVSS2