CVE-2015-1242

CWE-70411 documents7 sources
Severity
7.5HIGH
EPSS
1.7%
top 17.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Google ChromeGoogle V8Canonical Ubuntu Linux+1 more
Timeline
PublishedApr 19
Latest updateMay 17

Description

The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages "type confusion" in the check-elimination optimization.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages4 packages

NVDgoogle/chrome42.0.2311.60
NVDgoogle/v84.2.77.7
Ubuntuoxide-qt< 1.6.5-0ubuntu0.14.04.1
Ubuntuchromium-browser< 43.0.2357.81-0ubuntu0.14.04.1.1089

Also affects: Debian Linux 8.0, Ubuntu Linux 14.04, 14.10, 15.04

🔴Vulnerability Details

3
GHSA
GHSA-cxw8-xrj2-2xqm: The ReduceTransitionElementsKind function in hydrogen-check-elimination2022-05-17
OSV
CVE-2015-1242: The ReduceTransitionElementsKind function in hydrogen-check-elimination2015-04-19
CVEList
CVE-2015-1242: The ReduceTransitionElementsKind function in hydrogen-check-elimination2015-04-19

📋Vendor Advisories

2
Ubuntu
Oxide vulnerabilities2015-04-27
Red Hat
chromium-browser: Type confusion in V82015-04-14

💬Community

5
Bugzilla
CVE-2015-4729 Oracle JDK: unspecified vulnerability fixed in 7u85 and 8u51 (Deployment)2015-07-15
Bugzilla
CVE-2015-2619 Oracle JDK: unspecified vulnerability fixed in 7u85 and 8u51 (2D)2015-07-15
Bugzilla
CVE-2015-2596 Oracle JDK: unspecified vulnerability fixed in 7u85 (Hotspot)2015-07-15
Bugzilla
CVE-2015-4736 Oracle JDK: unspecified vulnerability fixed in 7u85 and 8u51 (Deployment)2015-07-15
Bugzilla
CVE-2015-1242 chromium-browser: Type confusion in V82015-04-15
CVE-2015-1242 (HIGH CVSS 7.5) | The ReduceTransitionElementsKind fu | cvebase.io