CVE-2015-1499
published 2015-02-16CVE-2015-1499: The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of…
PriorityP341high8.5CVSS 2.0
AVNACLAuNCNIPAC
EPSS
1.39%
68.9th percentile
The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of service, via a DELETE request.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | samsung_security_manager | <= 1.30 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-5605 chromium-browser: v8 denial of service
bugzilla·2015-07-23·CVSS 5.0
CVE-2015-5605 [MEDIUM] CVE-2015-5605 chromium-browser: v8 denial of service
CVE-2015-5605 chromium-browser: v8 denial of service
A vulnerability was found in Google Chrome up to 43.0.2357.134. It has been classified as problematic. Affected is an unknown function of the component v8. The manipulation with an unknown input leads to a denial of service vulnerability.
Additional information:
http://www.scip.ch/en/?vuldb.76794
Discussion:
This issue was is tracked in chromium tracker via the following bug:
https://code.google.com/p/chromium/issues/detail?id=512110
https://code.google.com/p/chromium/issues/detail?id=469480
This is fixed in google-chrome 44.0.2403.89 but was not listed in the chrome advisory web page.
---
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat
Bugzilla
CVE-2015-1283 chromium-browser: Heap-buffer-overflow in expat.
bugzilla·2015-07-22·CVSS 6.8
CVE-2015-1283 [MEDIUM] CVE-2015-1283 chromium-browser: Heap-buffer-overflow in expat.
CVE-2015-1283 chromium-browser: Heap-buffer-overflow in expat.
An unspecified heap-buffer-overflow flaw was found in the expat component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=492052
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
---
This is the same flaw was CVE-2015-2716 as documented in the Mozilla advisory at:
https://www.mozilla.org/en-US/security/advisories/mfsa2015-54/
However in chromium, libxml2 is used to parse XML web content, expat is used a dependency of libjingle and other associate
Bugzilla
CVE-2015-1280 chromium-browser: Memory corruption in skia
bugzilla·2015-07-22·CVSS 7.5
CVE-2015-1280 [HIGH] CVE-2015-1280 chromium-browser: Memory corruption in skia
CVE-2015-1280 chromium-browser: Memory corruption in skia
An unspecified memory corruption flaw was found in the skia component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=486947
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1270 ICU: Uninitialized memory read fixed in Chrome 44.0.2403.89
bugzilla·2015-07-22·CVSS 6.8
CVE-2015-1270 [MEDIUM] CVE-2015-1270 ICU: Uninitialized memory read fixed in Chrome 44.0.2403.89
CVE-2015-1270 ICU: Uninitialized memory read fixed in Chrome 44.0.2403.89
An unspecified uninitialized memory read flaw was found in the ICU component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=444573
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
---
Upstream ICU bug at:
http://bugs.icu-project.org/trac/ticket/11696
Commit:
http://bugs.icu-project.org/trac/changeset/37486/
---
Statement:
This issue did not affect the versions of icu as shipped with Red Hat Enterprise Linux 5 and 6. This issue aff
Bugzilla
CVE-2015-1284 chromium-browser: Use-after-free in blink.
bugzilla·2015-07-22·CVSS 7.5
CVE-2015-1284 [HIGH] CVE-2015-1284 chromium-browser: Use-after-free in blink.
CVE-2015-1284 chromium-browser: Use-after-free in blink.
An unspecified use-after-free flaw was found in the blink component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=493243
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1288 chromium-browser: Spell checking dictionaries fetched over HTTP in unspecified
bugzilla·2015-07-22·CVSS 6.8
CVE-2015-1288 [MEDIUM] CVE-2015-1288 chromium-browser: Spell checking dictionaries fetched over HTTP in unspecified
CVE-2015-1288 chromium-browser: Spell checking dictionaries fetched over HTTP in unspecified
It was reported that spell checking dictionaries were fetched over http before
Chrome 44.0.2403.89.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=479162
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1273 chromium-browser: Heap-buffer-overflow in pdfium.
bugzilla·2015-07-22·CVSS 6.8
CVE-2015-1273 [MEDIUM] CVE-2015-1273 chromium-browser: Heap-buffer-overflow in pdfium.
CVE-2015-1273 chromium-browser: Heap-buffer-overflow in pdfium.
An unspecified heap-buffer-overflow flaw was found in the pdfium component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=459215
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1281 chromium-browser: CSP bypass in unspecified component
bugzilla·2015-07-22·CVSS 4.3
CVE-2015-1281 [MEDIUM] CVE-2015-1281 chromium-browser: CSP bypass in unspecified component
CVE-2015-1281 chromium-browser: CSP bypass in unspecified component
An unspecified csp bypass flaw was found in the unspecified component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=487155
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1276 chromium-browser: Use-after-free in IndexedDB.
bugzilla·2015-07-22·CVSS 9.8
CVE-2015-1276 [CRITICAL] CVE-2015-1276 chromium-browser: Use-after-free in IndexedDB.
CVE-2015-1276 chromium-browser: Use-after-free in IndexedDB.
An unspecified use-after-free flaw was found in the IndexedDB component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=472614
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1282 chromium-browser: Use-after-free in pdfium.
bugzilla·2015-07-22·CVSS 6.8
CVE-2015-1282 [MEDIUM] CVE-2015-1282 chromium-browser: Use-after-free in pdfium.
CVE-2015-1282 chromium-browser: Use-after-free in pdfium.
An unspecified use-after-free flaw was found in the pdfium component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=487928
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1277 chromium-browser: Use-after-free in accessibility.
bugzilla·2015-07-22·CVSS 7.5
CVE-2015-1277 [HIGH] CVE-2015-1277 chromium-browser: Use-after-free in accessibility.
CVE-2015-1277 chromium-browser: Use-after-free in accessibility.
An unspecified use-after-free flaw was found in the accessibility component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=479743
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1271 chromium-browser: Heap-buffer-overflow in pdfium
bugzilla·2015-07-22·CVSS 6.8
CVE-2015-1271 [MEDIUM] CVE-2015-1271 chromium-browser: Heap-buffer-overflow in pdfium
CVE-2015-1271 chromium-browser: Heap-buffer-overflow in pdfium
A Heap-buffer-overflow was found in pdfium component of chromium browser:
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=446032
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1278 chromium-browser: URL spoofing using pdf files in unspecified
bugzilla·2015-07-22·CVSS 4.3
CVE-2015-1278 [MEDIUM] CVE-2015-1278 chromium-browser: URL spoofing using pdf files in unspecified
CVE-2015-1278 chromium-browser: URL spoofing using pdf files in unspecified
An unspecified url spoofing using pdf files flaw was found in the unspecified component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=482380
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1287 chromium-browser: SOP bypass with CSS in unspecified
bugzilla·2015-07-22·CVSS 4.3
CVE-2015-1287 [MEDIUM] CVE-2015-1287 chromium-browser: SOP bypass with CSS in unspecified
CVE-2015-1287 chromium-browser: SOP bypass with CSS in unspecified
An unspecified sop bypass with css flaw was found in the unspecified component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=419383
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1274 chromium-browser: Settings allowed executable files to run immediately after download in unsepcified
bugzilla·2015-07-22·CVSS 6.8
CVE-2015-1274 [MEDIUM] CVE-2015-1274 chromium-browser: Settings allowed executable files to run immediately after download in unsepcified
CVE-2015-1274 chromium-browser: Settings allowed executable files to run immediately after download in unsepcified
It was reported that before Chrome 44.0.2403.89 settings allowed executable
files to run immediately after download.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=461858
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1279 chromium-browser: Heap-buffer-overflow in pdfium.
bugzilla·2015-07-22·CVSS 7.5
CVE-2015-1279 [HIGH] CVE-2015-1279 chromium-browser: Heap-buffer-overflow in pdfium.
CVE-2015-1279 chromium-browser: Heap-buffer-overflow in pdfium.
An unspecified heap-buffer-overflow flaw was found in the pdfium component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=483981
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1289 chromium-browser: Various fixes from internal audits, fuzzing and other initiatives
bugzilla·2015-07-22·CVSS 7.5
CVE-2015-1289 [HIGH] CVE-2015-1289 chromium-browser: Various fixes from internal audits, fuzzing and other initiatives
CVE-2015-1289 chromium-browser: Various fixes from internal audits, fuzzing and other initiatives
An unspecified various fixes from internal audits, fuzzing and other initiatives
flawis were found in the unpsecified component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=512110
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1285 chromium-browser: Information leak in XSS auditor.
bugzilla·2015-07-22·CVSS 5.0
CVE-2015-1285 [MEDIUM] CVE-2015-1285 chromium-browser: Information leak in XSS auditor.
CVE-2015-1285 chromium-browser: Information leak in XSS auditor.
An unspecified information leak flaw was found in the XSS auditor component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=498982
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1272 chromium-browser: Use-after-free related to unexpected GPU process termination in unspecified
bugzilla·2015-07-22·CVSS 7.5
CVE-2015-1272 [HIGH] CVE-2015-1272 chromium-browser: Use-after-free related to unexpected GPU process termination in unspecified
CVE-2015-1272 chromium-browser: Use-after-free related to unexpected GPU process termination in unspecified
An unspecified use-after-free related to unexpected gpu process termination flaw was found in the unspecified component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=451456
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
Bugzilla
CVE-2015-1286 chromium-browser: UXSS in blink.
bugzilla·2015-07-22·CVSS 4.3
CVE-2015-1286 [MEDIUM] CVE-2015-1286 chromium-browser: UXSS in blink.
CVE-2015-1286 chromium-browser: UXSS in blink.
An unspecified uxss flaw was found in the blink component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=504011
External References:
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html
2015-02-16
Published