CVE Vulnerabilities

CVE-2015-1220

Published: Mar 09, 2015 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
6.8 IMPORTANT
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF image.

Affected Software

Name Vendor Start Version End Version
Enterprise_linux_desktop_supplementary Redhat 6.0 (including) 6.0 (including)
Enterprise_linux_server_supplementary Redhat 6.0 (including) 6.0 (including)
Enterprise_linux_server_supplementary_eus Redhat 6.6.z (including) 6.6.z (including)
Enterprise_linux_workstation_supplementary Redhat 6.0 (including) 6.0 (including)
Supplementary for Red Hat Enterprise Linux 6 RedHat chromium-browser-0:41.0.2272.76-1.el6_6 *
Chromium-browser Ubuntu devel *
Chromium-browser Ubuntu lucid *
Chromium-browser Ubuntu precise *
Chromium-browser Ubuntu trusty *
Chromium-browser Ubuntu upstream *
Chromium-browser Ubuntu utopic *
Chromium-browser Ubuntu vivid *
Chromium-browser Ubuntu wily *
Oxide-qt Ubuntu devel *
Oxide-qt Ubuntu trusty *
Oxide-qt Ubuntu upstream *
Oxide-qt Ubuntu utopic *
Oxide-qt Ubuntu vivid *
Oxide-qt Ubuntu wily *

References