[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-1241Date: (C)2015-04-21   (M)2024-02-02


Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
-1032209
DSA-3238
GLSA-201506-04
RHSA-2015:0816
USN-2570-1
http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html
https://code.google.com/p/chromium/issues/detail?id=418402
https://codereview.chromium.org/628763003
https://codereview.chromium.org/660663002
https://codereview.chromium.org/717573004
https://codereview.chromium.org/868123002
openSUSE-SU-2015:0748
openSUSE-SU-2015:1887

OVAL    13
oval:org.secpod.oval:def:505391
oval:org.secpod.oval:def:24218
oval:org.secpod.oval:def:24219
oval:org.secpod.oval:def:24165
...

© SecPod Technologies