Vulnerability CVE-2015-1210

Vulnerability Name:

CVE-2015-1210 (CCN-100716)

Assigned:

2015-02-04

Published:

2015-02-04

Updated:

2021-09-08

Summary:

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-noinfo

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2015-1210

Source: CONFIRM
Type: Vendor Advisory
http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html

Source: CCN
Type: Google Chrome Releases Web site
Stable Channel Update

Source: CONFIRM
Type: Vendor Advisory
http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2015:0441

Source: CCN
Type: RHSA-2015-0163
Important: chromium-browser security update

Source: REDHAT
Type: Third Party Advisory
RHSA-2015:0163

Source: SECUNIA
Type: Third Party Advisory
62670

Source: SECUNIA
Type: Third Party Advisory
62818

Source: SECUNIA
Type: Third Party Advisory
62917

Source: SECUNIA
Type: Third Party Advisory
62925

Source: GENTOO
Type: Third Party Advisory
GLSA-201502-13

Source: BID
Type: Third Party Advisory, VDB Entry
72497

Source: CCN
Type: BID-72497
Google Chrome Prior to 40.0.2214.109 Multiple Security Vulnerabilities

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1031709

Source: UBUNTU
Type: Third Party Advisory
USN-2495-1

Source: CONFIRM
Type: Exploit, Issue Tracking, Patch, Vendor Advisory
https://code.google.com/p/chromium/issues/detail?id=453979

Source: XF
Type: UNKNOWN
google-chrome-cve20151210-sec-bypass(100716)

Source: XF
Type: VDB Entry
google-chrome-cve20151210-sec-bypass(100716)

Source: CONFIRM
Type: Patch, Vendor Advisory
https://src.chromium.org/viewvc/blink?revision=189365&view=revision

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-1210

Vulnerable Configuration:

Configuration 1:

cpe:/a:google:chrome:*:*:*:*:*:android:*:* (Version < 40.0.2214.109)

Configuration 2:

cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version < 40.0.2214.111)

AND

cpe:/o:apple:macos:-:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:-:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:rhel_extras:6:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:redhat:enterprise_linux_server_supplementary:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation_supplementary:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop_supplementary:6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20151210	V	CVE-2015-1210	2022-06-30
oval:org.opensuse.security:def:112065	P	chromedriver-55.0.2883.75-3.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105614	P	chromedriver-55.0.2883.75-3.1 on GA media (Moderate)	2021-10-01
oval:com.redhat.rhsa:def:20150163	P	RHSA-2015:0163: chromium-browser security update (Important)	2015-02-10
oval:com.ubuntu.precise:def:20151210000	V	CVE-2015-1210 on Ubuntu 12.04 LTS (precise) - medium.	2015-02-06
oval:com.ubuntu.trusty:def:20151210000	V	CVE-2015-1210 on Ubuntu 14.04 LTS (trusty) - medium.	2015-02-06

BACK