ALT Linux Team

Package chromium update in sisyphus on 2015-09-24

ALT-PU-2015-1798-1

Package chromium updated to version 45.0.2454.99-alt1 for branch sisyphus in task 149467.

Closed vulnerabilities

Published: 2015-10-12

BDU:2015-11682

Уязвимость браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения доступа

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
Published: 2015-10-12

BDU:2015-11683

Уязвимость браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения доступа

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
Published: 2015-10-12
Modified: 2025-04-12

CVE-2015-1303

bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document containing an IFRAME element.

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
Published: 2015-10-12
Modified: 2025-04-12

CVE-2015-1304

object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a (1) observe or (2) getNotifier call.

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top