[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-5605Date: (C)2015-07-23   (M)2024-02-22


The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code, as demonstrated by an error in garbage collection during allocation of a stack-overflow exception message.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
-1033031
-76007
RHSA-2015:1499
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
https://chromium.googlesource.com/v8/v8.git/+/c67cb287a901ddf03d4ae4dafcf431d09fd3e22c
https://code.google.com/p/chromium/issues/detail?id=469480
https://code.google.com/p/chromium/issues/detail?id=512110
openSUSE-SU-2015:1287

CPE    2
cpe:/o:opensuse:opensuse:13.1
cpe:/a:google:chrome
CWE    1
CWE-17
OVAL    11
oval:org.secpod.oval:def:25509
oval:org.secpod.oval:def:25530
oval:org.secpod.oval:def:25531
oval:org.secpod.oval:def:25488
...

© SecPod Technologies