CVE-2015-1285 - OpenCVE

The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-time attack.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Google	Chrome
Redhat	Enterprise Linux Workstation Supplementary Enterprise Linux Server Supplementary Eus Enterprise Linux Server Supplementary Enterprise Linux Desktop Supplementary
Debian	Debian Linux
Opensuse	Opensuse

Configuration 1 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:::::::*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.2:::::::*

Configuration 4 [-]

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

References

Link	Resource
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html
http://rhn.redhat.com/errata/RHSA-2015-1499.html
http://www.debian.org/security/2015/dsa-3315
http://www.securityfocus.com/bid/75973
http://www.securitytracker.com/id/1033031
https://code.google.com/p/chromium/issues/detail?id=498982
https://security.gentoo.org/glsa/201603-09
https://src.chromium.org/viewvc/blink?revision=196971&view=revision

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Chrome

Published: 2015-07-23T00:00:00

Updated: 2017-09-20T09:57:01

Reserved: 2015-01-21T00:00:00

Link: CVE-2015-1285

JSON object: View

NVD Information

Status : Modified

Published: 2015-07-23T00:59:14.507

Modified: 2023-11-07T02:24:39.523

Link: CVE-2015-1285

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-07-21T00:00:00", "descriptions": [{"lang": "en", "value": "The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-time attack."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-20T09:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/chromium/issues/detail?id=498982"}, {"name": "RHSA-2015:1499", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"}, {"name": "openSUSE-SU-2015:1287", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"}, {"name": "1033031", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1033031"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://src.chromium.org/viewvc/blink?revision=196971&view=revision"}, {"name": "GLSA-201603-09", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201603-09"}, {"name": "75973", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/75973"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"}, {"name": "DSA-3315", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3315"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2015-1285", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-time attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://code.google.com/p/chromium/issues/detail?id=498982", "refsource": "CONFIRM", "url": "https://code.google.com/p/chromium/issues/detail?id=498982"}, {"name": "RHSA-2015:1499", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"}, {"name": "openSUSE-SU-2015:1287", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"}, {"name": "1033031", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033031"}, {"name": "https://src.chromium.org/viewvc/blink?revision=196971&view=revision", "refsource": "CONFIRM", "url": "https://src.chromium.org/viewvc/blink?revision=196971&view=revision"}, {"name": "GLSA-201603-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-09"}, {"name": "75973", "refsource": "BID", "url": "http://www.securityfocus.com/bid/75973"}, {"name": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"}, {"name": "DSA-3315", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3315"}]}}}}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2015-1285", "datePublished": "2015-07-23T00:00:00", "dateReserved": "2015-01-21T00:00:00", "dateUpdated": "2017-09-20T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*", "matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CD601FD-6060-4CC5-81DA-BDDE41485613", "versionEndIncluding": "43.0.2357.134", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-time attack."}, {"lang": "es", "value": "Vulnerabilidad en la funci\u00f3n XSSAuditor::canonicalize en core/html/parser/XSSAuditor.cpp en el auditor XSS en Blink, usado en Google Chrome en versiones anteriores a la 44.0.2403.89, no elige correctamente un punto de truncado, lo cual hace m\u00e1s f\u00e1cil que atacantes remotos obtengan informaci\u00f3n sensible a trav\u00e9s de un ataque de tiempo lineal no especificado."}], "id": "CVE-2015-1285", "lastModified": "2023-11-07T02:24:39.523", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-07-23T00:59:14.507", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.debian.org/security/2015/dsa-3315"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.securityfocus.com/bid/75973"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.securitytracker.com/id/1033031"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/chromium/issues/detail?id=498982"}, {"source": "chrome-cve-admin@google.com", "url": "https://security.gentoo.org/glsa/201603-09"}, {"source": "chrome-cve-admin@google.com", "url": "https://src.chromium.org/viewvc/blink?revision=196971&view=revision"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}