mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 09:41:31 +00:00
98 lines
3.2 KiB
JSON
98 lines
3.2 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2015-1232",
|
||
|
|
"sourceIdentifier": "cve-coordination@google.com",
|
||
|
|
"published": "2015-03-09T00:59:27.280",
|
||
|
|
"lastModified": "2016-12-22T02:59:30.753",
|
||
|
|
"vulnStatus": "Modified",
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "Array index error in the MidiManagerUsb::DispatchSendMidiData function in media/midi/midi_manager_usb.cc in Google Chrome before 41.0.2272.76 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging renderer access to provide an invalid port index that triggers an out-of-bounds write operation, a different vulnerability than CVE-2015-1212."
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"lang": "es",
|
||
|
|
"value": "Error en el indice del array en la funci\u00f3n MidiManagerUsb::DispatchSendMidiData en media/midi/midi_manager_usb.cc en Google Chrome anterior a 41.0.2272.76 permite a atacantes remotos causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado mediante el aprovechamiento de acceso al renderizador para proporcionar un indice de puertos inv\u00e1lido que provoca una operaci\u00f3n de escritura fuera de rango, una vulnerabilidad diferente a CVE-2015-1212."
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {
|
||
|
|
"cvssMetricV2": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"cvssData": {
|
||
|
|
"version": "2.0",
|
||
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
|
|
"accessVector": "NETWORK",
|
||
|
|
"accessComplexity": "LOW",
|
||
|
|
"authentication": "NONE",
|
||
|
|
"confidentialityImpact": "PARTIAL",
|
||
|
|
"integrityImpact": "PARTIAL",
|
||
|
|
"availabilityImpact": "PARTIAL",
|
||
|
|
"baseScore": 7.5
|
||
|
|
},
|
||
|
|
"baseSeverity": "HIGH",
|
||
|
|
"exploitabilityScore": 10.0,
|
||
|
|
"impactScore": 6.4,
|
||
|
|
"acInsufInfo": false,
|
||
|
|
"obtainAllPrivilege": false,
|
||
|
|
"obtainUserPrivilege": false,
|
||
|
|
"obtainOtherPrivilege": false,
|
||
|
|
"userInteractionRequired": false
|
||
|
|
}
|
||
|
|
]
|
||
|
|
},
|
||
|
|
"weaknesses": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"description": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-119"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"configurations": [
|
||
|
|
{
|
||
|
|
"nodes": [
|
||
|
|
{
|
||
|
|
"operator": "OR",
|
||
|
|
"negate": false,
|
||
|
|
"cpeMatch": [
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
|
||
|
|
"versionEndIncluding": "40.0.2214.115",
|
||
|
|
"matchCriteriaId": "8E4473BA-37DE-4AF1-A828-99AA9D83AAE7"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html",
|
||
|
|
"source": "cve-coordination@google.com",
|
||
|
|
"tags": [
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://code.google.com/p/chromium/issues/detail?id=456516",
|
||
|
|
"source": "cve-coordination@google.com"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://codereview.chromium.org/907793002",
|
||
|
|
"source": "cve-coordination@google.com",
|
||
|
|
"tags": [
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://security.gentoo.org/glsa/201503-12",
|
||
|
|
"source": "cve-coordination@google.com"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|