4.3
CVE-2015-1241
- EPSS 2.22%
- Veröffentlicht 19.04.2015 10:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle chrome-cve-admin@google.com
- CVE-Watchlists
- Unerledigt
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version8.0
Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version14.10
Canonical ≫ Ubuntu Linux Version15.04
Suse ≫ Linux Enterprise Version12.0
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Eus Version6.6
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Server Aus Version6.6
Redhat ≫ Enterprise Linux Server Eus Version6.6
Redhat ≫ Enterprise Linux Workstation Version6.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.22% | 0.804 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
CWE-1021 Improper Restriction of Rendered UI Layers or Frames
The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.
http://lists.opensuse.org/opensuse-updates/2015-11/msg00024.html
https://security.gentoo.org/glsa/201506-04
http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html
http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html
http://rhn.redhat.com/errata/RHSA-2015-0816.html
http://www.debian.org/security/2015/dsa-3238
http://www.securitytracker.com/id/1032209
http://ubuntu.com/usn/usn-2570-1
https://code.google.com/p/chromium/issues/detail?id=418402
https://codereview.chromium.org/628763003
https://codereview.chromium.org/660663002
https://codereview.chromium.org/717573004
https://codereview.chromium.org/868123002