Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-1211

Опубликовано: 06 фев. 2015
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5

Описание

The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.

РелизСтатусПримечание
devel

released

40.0.2214.111-0ubuntu1.1121
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [40.0.2214.111-0ubuntu0.14.04.1.1069]]
lucid

ignored

end of life
precise

ignored

trusty

released

40.0.2214.111-0ubuntu0.14.04.1.1069
trusty/esm

DNE

trusty was released [40.0.2214.111-0ubuntu0.14.04.1.1069]
upstream

released

40.0.2214.111
utopic

released

40.0.2214.111-0ubuntu0.14.10.1.1111
vivid

released

40.0.2214.111-0ubuntu1.1121
wily

released

40.0.2214.111-0ubuntu1.1121

Показывать по

РелизСтатусПримечание
devel

released

1.5.3-0ubuntu2
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1.4.3-0ubuntu0.14.04.1]]
lucid

DNE

precise

DNE

trusty

released

1.4.3-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [1.4.3-0ubuntu0.14.04.1]
upstream

released

1.4.3
utopic

released

1.4.3-0ubuntu0.14.10.1
vivid

released

1.5.3-0ubuntu2
wily

released

1.5.3-0ubuntu2

Показывать по

Ссылки на источники

EPSS

Процентиль: 73%
0.00752
Низкий

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2015-1211

redhat
около 11 лет назад

The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.

nvd логотип

CVE-2015-1211

nvd
около 11 лет назад

The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.

debian логотип

CVE-2015-1211

debian
около 11 лет назад

The OriginCanAccessServiceWorkers function in content/browser/service_ ...

github логотип

GHSA-3c6g-x8mc-8hqx

github
больше 3 лет назад

The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.

EPSS

Процентиль: 73%
0.00752
Низкий

7.5 High

CVSS2