CVE-2015-1205

HIGH

Description

Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

References

http://googlechromereleases.blogspot.com/2015/01/stable-update.html

http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html

http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html

http://secunia.com/advisories/62383

http://secunia.com/advisories/62575

http://security.gentoo.org/glsa/glsa-201502-13.xml

http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

http://www.securityfocus.com/bid/72288

http://www.securitytracker.com/id/1031623

http://www.ubuntu.com/usn/USN-2476-1

https://code.google.com/p/chromium/issues/detail?id=327070

https://code.google.com/p/chromium/issues/detail?id=334448

https://code.google.com/p/chromium/issues/detail?id=410030

https://code.google.com/p/chromium/issues/detail?id=411026

https://code.google.com/p/chromium/issues/detail?id=411156

https://code.google.com/p/chromium/issues/detail?id=413530

https://code.google.com/p/chromium/issues/detail?id=422765

https://code.google.com/p/chromium/issues/detail?id=423899

https://code.google.com/p/chromium/issues/detail?id=425040

https://code.google.com/p/chromium/issues/detail?id=425151

https://code.google.com/p/chromium/issues/detail?id=428828

https://code.google.com/p/chromium/issues/detail?id=429134

https://code.google.com/p/chromium/issues/detail?id=429139

https://code.google.com/p/chromium/issues/detail?id=431187

https://code.google.com/p/chromium/issues/detail?id=431603

https://code.google.com/p/chromium/issues/detail?id=432209

https://code.google.com/p/chromium/issues/detail?id=434723

https://code.google.com/p/chromium/issues/detail?id=435514

https://code.google.com/p/chromium/issues/detail?id=435815

https://code.google.com/p/chromium/issues/detail?id=437655

https://code.google.com/p/chromium/issues/detail?id=438363

https://code.google.com/p/chromium/issues/detail?id=439319

https://code.google.com/p/chromium/issues/detail?id=440572

https://code.google.com/p/chromium/issues/detail?id=440913

https://code.google.com/p/chromium/issues/detail?id=441834

https://code.google.com/p/chromium/issues/detail?id=443274

https://code.google.com/p/chromium/issues/detail?id=443333

https://code.google.com/p/chromium/issues/detail?id=446076

https://code.google.com/p/chromium/issues/detail?id=449894

https://support.apple.com/HT205212

https://support.apple.com/HT205221

Details

Source: MITRE

Published: 2015-01-22

Updated: 2017-01-03

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to 40.0.2214.85 (inclusive)

Configuration 3

OR

cpe:2.3:a:chromium:chromium:*:*:*:*:*:*:*:* versions up to 40.0.2214.94 (inclusive)

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
86601Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)NessusPeer-To-Peer File Sharing
high
86001Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)NessusWindows
high
85987Apple iOS < 9.0 Multiple VulnerabilitiesNessusMobile Devices
critical
81692openSUSE Security Update : chromium (openSUSE-2015-204)NessusSuSE Local Security Checks
high
81396GLSA-201502-13 : Chromium: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
8889Google Chrome < 40.0.2214.91 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
81016Ubuntu 14.04 LTS / 14.10 : oxide-qt vulnerabilities (USN-2476-1)NessusUbuntu Local Security Checks
high
80951Google Chrome < 40.0.2214.91 Multiple VulnerabilitiesNessusWindows
high
80950Google Chrome < 40.0.2214.91 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
high
80898FreeBSD : chromium -- multiple vulnerabilities (e30e0c99-a1b7-11e4-b85c-00262d5ed8ee)NessusFreeBSD Local Security Checks
high