Vulnerability CVE-2015-1257

Vulnerability Name:

CVE-2015-1257 (CCN-103269)

Assigned:

2015-05-19

Published:

2015-05-19

Updated:

2017-01-03

Summary:

platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, does not properly handle an insufficient number of values in an feColorMatrix filter, which allows remote attackers to cause a denial of service (container overflow) or possibly have unspecified other impact via a crafted document.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.4 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)
4.7 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2015-1257

Source: CCN
Type: Google Chrome Releases Web site
Stable Channel Update

Source: CONFIRM
Type: Patch, Vendor Advisory
http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2015:0969

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2015:1877

Source: DEBIAN
Type: UNKNOWN
DSA-3267

Source: BID
Type: UNKNOWN
74723

Source: CCN
Type: BID-74723
Google Chrome Prior to 43.0.2357.65 Multiple Security Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1032375

Source: CONFIRM
Type: UNKNOWN
https://code.google.com/p/chromium/issues/detail?id=468519

Source: XF
Type: UNKNOWN
google-chrome-cve20151257-code-exec(103269)

Source: GENTOO
Type: UNKNOWN
GLSA-201506-04

Source: CONFIRM
Type: UNKNOWN
https://src.chromium.org/viewvc/blink?view=rev&revision=193571

Source: CONFIRM
Type: UNKNOWN
https://src.chromium.org/viewvc/blink?view=rev&revision=193911

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-1257

Vulnerable Configuration:

Configuration 1:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version <= 42.0.2311.152)

Configuration RedHat 1:

cpe:/a:redhat:rhel_extras:6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20151257	V	CVE-2015-1257	2022-06-30
oval:org.opensuse.security:def:112065	P	chromedriver-55.0.2883.75-3.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105614	P	chromedriver-55.0.2883.75-3.1 on GA media (Moderate)	2021-10-01
oval:org.cisecurity:def:156	P	DSA-3267-1 -- chromium-browser -- security update	2016-02-08
oval:com.redhat.rhsa:def:20151023	P	RHSA-2015:1023: chromium-browser security update (Important)	2015-05-25
oval:com.ubuntu.precise:def:20151257000	V	CVE-2015-1257 on Ubuntu 12.04 LTS (precise) - medium.	2015-05-20
oval:com.ubuntu.trusty:def:20151257000	V	CVE-2015-1257 on Ubuntu 14.04 LTS (trusty) - medium.	2015-05-20

BACK