CVE-2015-1283 — Integer Overflow or Wraparound in Google Chrome

CWE-190 — Integer Overflow or Wraparound CWE-122 — Heap-based Buffer Overflow23 documents11 sources

Severity

6.8MEDIUMNVD

OSV6.4OSV5.0

EPSS

0.5%

top 33.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Python Google Chrome Libexpat Project Libexpat +10 more

Timeline

PublishedJul 23

Latest updateJan 13

Description

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages11 packages

▶NVDgoogle/chrome43.0.2357.134

▶NVDlibexpat_project/libexpat2.1.0

▶NVDpython/python2.7.0 — 2.7.12+3

▶NVDopensuse/leap42.1

▶NVDoracle/solaris10, 11.3+1

Also affects: Debian Linux 7.0, 8.0, 9.0, Ubuntu Linux 12.04, 14.04, 15.04

🔴Vulnerability Details

OSV

libxmltok vulnerabilities↗2025-01-13

▶

OSV

libxmltok vulnerabilities↗2022-07-19

▶

GHSA

GHSA-6w45-gwrj-v625: Multiple integer overflows in the XML_GetBuffer function in Expat through 2↗2022-05-13

▶

OSV

vnc4 vulnerabilities↗2021-03-15

▶

CVEList

CVE-2015-1283: Multiple integer overflows in the XML_GetBuffer function in Expat through 2↗2015-07-23

▶

📋Vendor Advisories

Ubuntu

xmltok library vulnerabilities↗2025-01-13

▶

Ubuntu

xmltok library vulnerabilities↗2022-07-19

▶

Ubuntu

VNC4 vulnerabilities↗2021-03-15

▶

Apple

CVE-2015-1283: iTunes 12.6 for Windows↗2017-03-21

▶

Apple

CVE-2015-1283: iTunes 12.6↗2017-03-21

▶

💬Community

Bugzilla

CVE-2016-4472 expat: Undefined behavior and pointer overflows↗2016-06-09

▶

Bugzilla

CVE-2015-1283 chromium-browser: Heap-buffer-overflow in expat.↗2015-07-22

▶