CVE-2015-1212
high
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
7.5
Description
Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
Red Hat Affected 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 6.6 | Affected | โ |
| 6.0 | Affected | โ |
SUSE Affected 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 13.2 | Affected | โ |
| 13.1 | Affected | โ |
Ubuntu Affected 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 14.10 | Affected | โ |
| 14.04 | Affected | โ |
Linux kernel Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| - | Not affected | โ |
macOS Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| - | Not affected | โ |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| chrome | {"endExcluding":"40.0.2214.109"} | 40.0.2214.109 |
References
- http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html
- http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html
- http://rhn.redhat.com/errata/RHSA-2015-0163.html
- http://secunia.com/advisories/62670
- http://secunia.com/advisories/62818
- http://secunia.com/advisories/62917
- http://secunia.com/advisories/62925
- http://security.gentoo.org/glsa/glsa-201502-13.xml
- http://www.securityfocus.com/bid/72497
- http://www.securitytracker.com/id/1031709
- http://www.ubuntu.com/usn/USN-2495-1
- https://code.google.com/p/chromium/issues/detail?id=427303
- https://code.google.com/p/chromium/issues/detail?id=438365
- https://code.google.com/p/chromium/issues/detail?id=445679
- https://code.google.com/p/chromium/issues/detail?id=446459
- https://code.google.com/p/chromium/issues/detail?id=451684
- https://code.google.com/p/chromium/issues/detail?id=451918
- https://code.google.com/p/chromium/issues/detail?id=455225
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100718
- http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html
- http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html
- http://rhn.redhat.com/errata/RHSA-2015-0163.html
- http://secunia.com/advisories/62670
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.