Lucene search
CanonicalCVE-2015-1317HistoryApr 08, 2015 - 6:59 p.m.
CVE-2015-1317
2015-04-0818:59:05
canonical
web.nvd.nist.gov
44
cve-2015-1317
use-after-free vulnerability
oxide
denial of service
remote attackers
arbitrary code execution
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.1
Confidence
High
EPSS
0.018
Percentile
88.0%
Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by deleting all WebContents while a RenderProcessHost instance still exists.
Affected configurations
Node
canonicalubuntu_linuxMatch14.04lts
ORcanonicalubuntu_linuxMatch14.10
Node
oxide_projectoxideRange≤1.5.5
ORoxide_projectoxideMatch1.6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | 14.04 | cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* |
| canonical | ubuntu_linux | 14.10 | cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:* |
| oxide_project | oxide | * | cpe:2.3:a:oxide_project:oxide:*:*:*:*:*:*:*:* |
| oxide_project | oxide | 1.6.0 | cpe:2.3:a:oxide_project:oxide:1.6.0:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2015-04-08 18:59:00
ubuntucve
ubuntucve
CVE-2015-1317
2015-04-07 00:00:00
nvd
nvd
CVE-2015-1317
2015-04-08 18:59:05
cvelist
cvelist
CVE-2015-1317
2015-04-08 18:00:00
nessus
nessus
Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2556-1)
2015-04-08 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2556-1)
2015-04-08 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2015-04-07 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.1
Confidence
High
EPSS
0.018
Percentile
88.0%
Related for CVE-2015-1317