CVE Vulnerabilities

CVE-2015-6769

Published: Dec 06, 2015 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
6.8 IMPORTANT
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing.

Affected Software

Name Vendor Start Version End Version
Chrome Google * 46.0.2490.86 (including)
Red Hat Enterprise Linux 6 Supplementary RedHat chromium-browser-0:47.0.2526.73-1.el6 *
Chromium-browser Ubuntu devel *
Chromium-browser Ubuntu precise *
Chromium-browser Ubuntu trusty *
Chromium-browser Ubuntu upstream *
Chromium-browser Ubuntu vivid *
Chromium-browser Ubuntu wily *
Oxide-qt Ubuntu devel *
Oxide-qt Ubuntu trusty *
Oxide-qt Ubuntu upstream *
Oxide-qt Ubuntu vivid *
Oxide-qt Ubuntu vivid/stable-phone-overlay *
Oxide-qt Ubuntu wily *

References