[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Security bypass vulnerability in the V8 bindings in Blink in Google Chrome - CVE-2015-1210 (Mac OS X)

ID: oval:org.secpod.oval:def:23560Date: (C)2015-02-23   (M)2023-11-16
Class: VULNERABILITYFamily: macos




The host is installed with Google Chrome before 40.0.2214.111 and is prone to a security bypass vulnerability. A flaw is present in V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome, which does not properly consider frame access restrictions during the throwing of an exception. Successful exploitation allows remote attackers to bypass the Same Origin Policy via a crafted web site.

Platform:
Apple Mac OS 14
Apple Mac OS 13
Apple Mac OS 12
Apple Mac OS 11
Apple Mac OS X 10.15
Apple Mac OS X 10.14
Apple Mac OS X 10.12
Apple Mac OS X 10.13
Apple Mac OS X 10.8
Apple Mac OS X 10.9
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X Server 10.8
Apple Mac OS X Server 10.9
Apple Mac OS X Server 10.10
Apple Mac OS X Server 10.11
Product:
Google Chrome
Reference:
CVE-2015-1210
CVE    1
CVE-2015-1210
CPE    1
cpe:/a:google:chrome

© SecPod Technologies