CVE-2015-1246 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Chrome

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125 — Out-of-bounds Read8 documents6 sources

Severity

5.0MEDIUMNVD

OSV9.8

EPSS

2.8%

top 13.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome Debian Linux

Timeline

PublishedApr 19

Latest updateMay 17

Description

Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDgoogle/chrome42.0.2311.60

Also affects: Debian Linux 7.0

🔴Vulnerability Details

GHSA

GHSA-cj69-qv22-52jw: Blink, as used in Google Chrome before 42↗2022-05-17

▶

OSV

libdbd-mysql-perl vulnerabilities↗2016-10-13

▶

OSV

oxide-qt vulnerabilities↗2015-04-27

▶

OSV

CVE-2015-1246: Blink, as used in Google Chrome before 42↗2015-04-19

▶

📋Vendor Advisories

Ubuntu

Oxide vulnerabilities↗2015-04-27

▶

Red Hat

chromium-browser: Out-of-bounds read in Blink↗2015-04-14

▶

💬Community

Bugzilla

CVE-2015-1246 chromium-browser: Out-of-bounds read in Blink↗2015-04-15

▶