CVE-2015-1329 — Use After Free in Ubuntu Linux

CWE-416 — Use After Free7 documents6 sources

Severity

8.8HIGHNVD

OSV6.8

EPSS

1.6%

top 18.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canonical Ubuntu Linux

Timeline

PublishedSep 20

Latest updateMay 17

Description

Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in oxide-qt in Ubuntu 15.04 and 14.04 LTS might allow remote attackers to execute arbitrary code.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages0 packages

Also affects: Ubuntu Linux 14.04, 15.04

Patches

Patch: people.canonical.com ↗Patch: www.ubuntu.com ↗Patch: people.canonical.com ↗

🔴Vulnerability Details

GHSA

GHSA-8ww4-rq3g-6qfm: Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in oxide-qt in Ubuntu 15↗2022-05-17

▶

OSV

oxide-qt vulnerabilities↗2015-08-04

▶

OSV

CVE-2015-1329: Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in oxide-qt in Ubuntu 15↗2015-08-04

▶

📋Vendor Advisories

Ubuntu

Oxide vulnerabilities↗2015-08-04

▶

Red Hat

webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-26

▶

💬Community

Bugzilla

CVE-2014-1329 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-27

▶