CVE-2015-6763
published 2015-10-15CVE-2015-6763: Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via…
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
6.97%
93.3th percentile
Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chrome | <= 45.0.2454.101 | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Oxide vulnerabilities
vendor_ubuntu·2015-10-22·CVSS 7.5
CVE-2015-6755 [HIGH] Oxide vulnerabilities
Title: Oxide vulnerabilities
Summary: Several security issues were fixed in Oxide.
USN-2770-1 fixed vulnerabilities in Oxide in Ubuntu 14.04 LTS and Ubuntu
15.04. This update provides the corresponding updates for Ubuntu 15.10.
Original advisory details:
It was discovered that ContainerNode::parserInsertBefore in Blink would
incorrectly proceed with a DOM tree insertion in some circumstances. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to bypass same origin restrictions.
(CVE-2015-6755)
A use-after-free was discovered in the service worker implementation in
Chromium. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application cr
Ubuntu
Oxide vulnerabilities
vendor_ubuntu·2015-10-20·CVSS 7.5
CVE-2015-6755 [HIGH] Oxide vulnerabilities
Title: Oxide vulnerabilities
Summary: Several security issues were fixed in Oxide.
It was discovered that ContainerNode::parserInsertBefore in Blink would
incorrectly proceed with a DOM tree insertion in some circumstances. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to bypass same origin restrictions.
(CVE-2015-6755)
A use-after-free was discovered in the service worker implementation in
Chromium. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking the program. (CVE-2015-6757)
It was discovered that Blink did not ensure that the origin of
LocalStor
Red Hat
chromium-browser: various fixes from internal audits
vendor_redhat·2015-10-13·CVSS 7.5
CVE-2015-6763 [HIGH] chromium-browser: various fixes from internal audits
chromium-browser: various fixes from internal audits
Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
GHSA
GHSA-gjp7-9fg7-2q7c: Multiple unspecified vulnerabilities in Google Chrome before 46
ghsa_unreviewed·2022-05-17
CVE-2015-6763 [HIGH] GHSA-gjp7-9fg7-2q7c: Multiple unspecified vulnerabilities in Google Chrome before 46
Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
OSV
oxide-qt vulnerabilities
osv·2015-10-20·CVSS 7.5
CVE-2015-6755 [HIGH] oxide-qt vulnerabilities
oxide-qt vulnerabilities
It was discovered that ContainerNode::parserInsertBefore in Blink would
incorrectly proceed with a DOM tree insertion in some circumstances. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to bypass same origin restrictions.
(CVE-2015-6755)
A use-after-free was discovered in the service worker implementation in
Chromium. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking the program. (CVE-2015-6757)
It was discovered that Blink did not ensure that the origin of
LocalStorage resources are considered unique. If a user were tricked
OSV
CVE-2015-6763: Multiple unspecified vulnerabilities in Google Chrome before 46
osv·2015-10-15·CVSS 7.5
CVE-2015-6763 [HIGH] CVE-2015-6763: Multiple unspecified vulnerabilities in Google Chrome before 46
Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
No detection rules found.
http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.htmlhttp://packetstormsecurity.com/files/134482/Google-Chrome-Integer-Overflow.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1912.htmlhttp://www.debian.org/security/2015/dsa-3376http://www.securityfocus.com/bid/77071http://www.securitytracker.com/id/1033816http://www.ubuntu.com/usn/USN-2770-1http://www.ubuntu.com/usn/USN-2770-2https://code.google.com/p/chromium/issues/detail?id=512053https://code.google.com/p/chromium/issues/detail?id=516690https://code.google.com/p/chromium/issues/detail?id=522128https://code.google.com/p/chromium/issues/detail?id=522131https://code.google.com/p/chromium/issues/detail?id=525763https://code.google.com/p/chromium/issues/detail?id=527423https://code.google.com/p/chromium/issues/detail?id=528798https://code.google.com/p/chromium/issues/detail?id=528799https://code.google.com/p/chromium/issues/detail?id=529310https://code.google.com/p/chromium/issues/detail?id=529520https://code.google.com/p/chromium/issues/detail?id=529530https://code.google.com/p/chromium/issues/detail?id=542517https://security.gentoo.org/glsa/201603-09https://www.exploit-db.com/exploits/38763/http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.htmlhttp://packetstormsecurity.com/files/134482/Google-Chrome-Integer-Overflow.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1912.htmlhttp://www.debian.org/security/2015/dsa-3376http://www.securityfocus.com/bid/77071http://www.securitytracker.com/id/1033816http://www.ubuntu.com/usn/USN-2770-1http://www.ubuntu.com/usn/USN-2770-2https://code.google.com/p/chromium/issues/detail?id=512053https://code.google.com/p/chromium/issues/detail?id=516690https://code.google.com/p/chromium/issues/detail?id=522128https://code.google.com/p/chromium/issues/detail?id=522131https://code.google.com/p/chromium/issues/detail?id=525763https://code.google.com/p/chromium/issues/detail?id=527423https://code.google.com/p/chromium/issues/detail?id=528798https://code.google.com/p/chromium/issues/detail?id=528799https://code.google.com/p/chromium/issues/detail?id=529310https://code.google.com/p/chromium/issues/detail?id=529520https://code.google.com/p/chromium/issues/detail?id=529530https://code.google.com/p/chromium/issues/detail?id=542517https://security.gentoo.org/glsa/201603-09https://www.exploit-db.com/exploits/38763/
2015-10-15
Published