CVE

Id
78563  
CVE No.
CVE-2015-1286  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8_context_native_handler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML by leveraging the lack of a certain V8 context restriction, aka a Blink "Universal XSS (UXSS)."  
Phase
Assigned (20150121)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
717582 78563 CVE-2015-1286 CONFIRM:http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html  View
717583 78563 CVE-2015-1286 CONFIRM:https://code.google.com/p/chromium/issues/detail?id=504011  View
717584 78563 CVE-2015-1286 CONFIRM:https://codereview.chromium.org/1231803002/  View
717585 78563 CVE-2015-1286 CONFIRM:https://codereview.chromium.org/1235863003/  View
717586 78563 CVE-2015-1286 DEBIAN:DSA-3315  View
717587 78563 CVE-2015-1286 URL:http://www.debian.org/security/2015/dsa-3315  View
717588 78563 CVE-2015-1286 GENTOO:GLSA-201603-09  View
717589 78563 CVE-2015-1286 URL:https://security.gentoo.org/glsa/201603-09  View
717590 78563 CVE-2015-1286 REDHAT:RHSA-2015:1499  View
717591 78563 CVE-2015-1286 URL:http://rhn.redhat.com/errata/RHSA-2015-1499.html  View
717592 78563 CVE-2015-1286 SUSE:openSUSE-SU-2015:1287  View
717593 78563 CVE-2015-1286 URL:http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html  View
717594 78563 CVE-2015-1286 BID:75973  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
9727 JVNDB-2015-005047 Apport の kernel_crashdump におけるサービス運用妨害 (DoS) の脆弱性 Apport の kernel_crashdump には、サービス運用妨害 (ディスクの消費) 状態にされる、または権限を取得される脆弱性が存在します。 CVE-2015-1338 78563 7.2 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-005047.html  View