CVE-2015-1210

NONECVSS 0.0

0.0

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

🔗 References (30)

chrome-cve-admin@googlehttp://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html
chrome-cve-admin@googlehttp://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html
chrome-cve-admin@googlehttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html
chrome-cve-admin@googlehttp://rhn.redhat.com/errata/RHSA-2015-0163.html
chrome-cve-admin@googlehttp://secunia.com/advisories/62670
chrome-cve-admin@googlehttp://secunia.com/advisories/62818
chrome-cve-admin@googlehttp://secunia.com/advisories/62917
chrome-cve-admin@googlehttp://secunia.com/advisories/62925
chrome-cve-admin@googlehttp://security.gentoo.org/glsa/glsa-201502-13.xml
chrome-cve-admin@googlehttp://www.securityfocus.com/bid/72497
chrome-cve-admin@googlehttp://www.securitytracker.com/id/1031709
chrome-cve-admin@googlehttp://www.ubuntu.com/usn/USN-2495-1
chrome-cve-admin@googlehttps://code.google.com/p/chromium/issues/detail?id=453979
chrome-cve-admin@googlehttps://exchange.xforce.ibmcloud.com/vulnerabilities/100716
chrome-cve-admin@googlehttps://src.chromium.org/viewvc/blink?revision=189365&view=revision

Is Your Infrastructure Affected by CVE-2015-1210?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2015-1210

📅 Published

🔄 Last Modified

🔗 References (30)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2015-1210?