Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1234

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2015-1234
Last Modified 13 Apr 2015 10:00:40
Published 01 Apr 2015 05:59:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2015-1234

Summary

Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact by manipulating OpenGL ES commands.

Vulnerable Systems

Application

  • Google Chrome 41.0.2272.102


References

CONFIRM - https://codereview.chromium.org/1016193003

CONFIRM - https://code.google.com/p/chromium/issues/detail?id=468936

CONFIRM - http://googlechromereleases.blogspot.com/2015/04/stable-channel-update.html

SECTRACK - 1032012

UBUNTU - USN-2556-1

REDHAT - RHSA-2015:0778

SUSE - openSUSE-SU-2015:0682

Related Patches

Google Chrome 41.0.2272.118 for Mac OS X (See Notes)


Last Updated: 27 May 2016 11:08:20