Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveChromeCVE-2015-1224
HistoryMar 09, 2015 - 12:59 a.m.

CVE-2015-1224

2015-03-0900:59:17
CWE-17
Chrome
web.nvd.nist.gov
49
cve-2015-1224
vpxvideodecoder
vpxdecode
google chrome
denial of service
out-of-bounds read
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6

Confidence

High

EPSS

0.021

Percentile

89.3%

JSON

The VpxVideoDecoder::VpxDecode function in media/filters/vpx_video_decoder.cc in the vpxdecoder implementation in Google Chrome before 41.0.2272.76 does not ensure that alpha-plane dimensions are identical to image dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted VPx video data.

Affected configurations

Nvd
Node
googlechromeRange40.0.2214.115
VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Related

ubuntucve 1
cvelist 1
prion 1
nvd 1
debiancve 1
openvas 7
securityvulns 2
nessus 8
ubuntu 1
redhat 1
mageia 1
threatpost 1
kaspersky 1
freebsd 1
gentoo 1
suse 1
archlinux 1
chrome 1
kitploit 1
osv 2
ubuntucve
ubuntucve
CVE-2015-1224
2015-03-08 00:00:00
cvelist
cvelist
CVE-2015-1224
2015-03-09 00:00:00
prion
prion
Out-of-bounds
2015-03-09 00:59:00
nvd
nvd
CVE-2015-1224
2015-03-09 00:59:17
debiancve
debiancve
CVE-2015-1224
2015-03-09 00:59:00
openvas
openvas
Ubuntu: Security Advisory (USN-2521-1)
2015-03-11 00:00:00
Mageia: Security Advisory (MGASA-2015-0123)
2022-01-28 00:00:00
openSUSE: Security Advisory for Security (openSUSE-SU-2015:0505-1)
2015-03-17 00:00:00
securityvulns
securityvulns
[USN-2521-1] Oxide vulnerabilities
2015-03-23 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2015-03-23 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2521-1)
2015-03-11 00:00:00
RHEL 6 : chromium-browser (RHSA-2015:0627)
2015-03-06 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (8505e013-c2b3-11e4-875d-000c6e25e3e9)
2015-03-05 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2015-03-10 00:00:00
redhat
redhat
(RHSA-2015:0627) Important: chromium-browser security update
2015-03-05 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerabilities
2015-04-01 15:13:37
threatpost
threatpost
Google Fixes 51 Bugs in Chrome 41
2015-03-04 13:58:40
kaspersky
kaspersky
KLA10463 Multiple vulnerabilities in Google Chrome
2015-03-03 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2015-03-03 00:00:00
gentoo
gentoo
Chromium: Multiple vulnerabilities
2015-03-22 00:00:00
suse
suse
Security update to Chromium 41.0.2272.76 (important)
2015-03-16 16:05:28
archlinux
archlinux
chromium: multiple issues
2015-03-05 00:00:00
chrome
chrome
Stable Channel Update
2015-03-03 00:00:00
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00
osv
osv
chromedriver-55.0.2883.75-3.1 on GA media
2024-06-15 00:00:00
ungoogled-chromium-113.0.5672.92-1.1 on GA media
2024-06-15 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6

Confidence

High

EPSS

0.021

Percentile

89.3%

JSON
Related for CVE-2015-1224
ubuntucve1cvelist1prion1nvd1debiancve1openvas7securityvulns2nessus8ubuntu1redhat1mageia1threatpost1kaspersky1freebsd1gentoo1suse1archlinux1chrome1kitploit1osv2