CVE-2015-1233Heap-based Buffer Overflow in Google Chrome

CWE-17CWE-122Heap-based Buffer Overflow7 documents6 sources
Severity
7.5HIGHNVD
EPSS
26.3%
top 3.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedApr 1
Latest updateMay 13

Description

Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDgoogle/chrome41.0.2272.102

🔴Vulnerability Details

3
GHSA
GHSA-f88w-w382-896c: Google Chrome before 412022-05-13
OSV
oxide-qt vulnerabilities2015-04-07
OSV
CVE-2015-1233: Google Chrome before 412015-04-01

📋Vendor Advisories

2
Ubuntu
Oxide vulnerabilities2015-04-07
Red Hat
chromium-browser: combination of V8, Gamepad and IPC bugs that can lead to remote code execution2015-04-02

💬Community

1
Bugzilla
CVE-2015-1233 chromium-browser: combination of V8, Gamepad and IPC bugs that can lead to remote code execution2015-04-02