Vulnerability Name:

CVE-2015-1211 (CCN-100717)

Assigned:2015-02-04
Published:2015-02-04
Updated:2021-09-08
Summary:The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2015-1211

Source: CONFIRM
Type: Vendor Advisory
http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html

Source: CCN
Type: Google Chrome Releases Web site
Stable Channel Update

Source: CONFIRM
Type: Vendor Advisory
http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2015:0441

Source: CCN
Type: RHSA-2015-0163
Important: chromium-browser security update

Source: REDHAT
Type: Third Party Advisory
RHSA-2015:0163

Source: SECUNIA
Type: Third Party Advisory
62670

Source: SECUNIA
Type: Third Party Advisory
62818

Source: SECUNIA
Type: Third Party Advisory
62917

Source: SECUNIA
Type: Third Party Advisory
62925

Source: GENTOO
Type: Third Party Advisory
GLSA-201502-13

Source: BID
Type: Third Party Advisory, VDB Entry
72497

Source: CCN
Type: BID-72497
Google Chrome Prior to 40.0.2214.109 Multiple Security Vulnerabilities

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1031709

Source: UBUNTU
Type: Third Party Advisory
USN-2495-1

Source: CONFIRM
Type: Issue Tracking, Patch, Vendor Advisory
https://code.google.com/p/chromium/issues/detail?id=453982

Source: CONFIRM
Type: Patch, Vendor Advisory
https://codereview.chromium.org/889323002

Source: XF
Type: Third Party Advisory, VDB Entry
google-chrome-cve20151211-priv-esc(100717)

Source: XF
Type: UNKNOWN
google-chrome-cve20151211-priv-esc(100717)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-1211

Vulnerable Configuration:Configuration 1:
  • cpe:/a:google:chrome:*:*:*:*:*:android:*:* (Version < 40.0.2214.109)

    • Configuration 2:
  • cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version < 40.0.2214.111)
  • AND
  • cpe:/o:apple:macos:-:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/a:redhat:rhel_extras:6:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:redhat:enterprise_linux_server_supplementary:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation_supplementary:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop_supplementary:6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20151211
    V
    		CVE-2015-1211
    2022-06-30
    oval:org.opensuse.security:def:112065
    P
    		chromedriver-55.0.2883.75-3.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:105614
    P
    		chromedriver-55.0.2883.75-3.1 on GA media (Moderate)
    2021-10-01
    oval:com.redhat.rhsa:def:20150163
    P
    		RHSA-2015:0163: chromium-browser security update (Important)
    2015-02-10
    oval:com.ubuntu.precise:def:20151211000
    V
    		CVE-2015-1211 on Ubuntu 12.04 LTS (precise) - medium.
    2015-02-06
    oval:com.ubuntu.trusty:def:20151211000
    V
    		CVE-2015-1211 on Ubuntu 14.04 LTS (trusty) - medium.
    2015-02-06
    BACK
    google chrome *
    google chrome *
    apple macos -
    linux linux kernel -
    microsoft windows -
    canonical ubuntu linux 14.04
    canonical ubuntu linux 14.10
    redhat enterprise linux desktop 6.0
    redhat enterprise linux eus 6.6
    redhat enterprise linux server 6.0
    redhat enterprise linux server aus 6.6
    redhat enterprise linux workstation 6.0
    opensuse opensuse 13.1
    opensuse opensuse 13.2
    redhat enterprise linux server supplementary 6
    redhat enterprise linux workstation supplementary 6
    redhat enterprise linux desktop supplementary 6