cnvd - cnvd-2015-00945

cnvd-2015-00945

Vulnerability from cnvd

Title: Google Chrome for Android跨域绕过漏洞

Description:

Google Chrome for Android是一款基于安卓的浏览器。

Google Chrome for Android V8绑定存在跨域绕过，允许攻击者构建恶意WEB页，诱使用户解析执行任意代码等。

Severity: 高

Patch Name: Google Chrome for Android跨域绕过漏洞的补丁

Patch Description:

Google Chrome for Android是一款基于安卓的浏览器。

Google Chrome for Android V8绑定存在跨域绕过，允许攻击者构建恶意WEB页，诱使用户解析执行任意代码等。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

Google Chrome for Android 40.0.2214.109已经修复该漏洞，建议用户下载更新： http://www.google.com/chrome

Reference: http://googlechromereleases.blogspot.jp/2015/02/chrome-for-android-update.html http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1210

Impacted products

Name
google Chrome for Android <40.0.2214.109

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-1210"
    }
  },
  "description": "Google Chrome for Android\u662f\u4e00\u6b3e\u57fa\u4e8e\u5b89\u5353\u7684\u6d4f\u89c8\u5668\u3002\r\n\r\nGoogle Chrome for Android V8\u7ed1\u5b9a\u5b58\u5728\u8de8\u57df\u7ed5\u8fc7\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u6784\u5efa\u6076\u610fWEB\u9875\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\u6267\u884c\u4efb\u610f\u4ee3\u7801\u7b49\u3002",
  "discovererName": "anonymous",
  "formalWay": "Google Chrome for Android 40.0.2214.109\u5df2\u7ecf\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://www.google.com/chrome",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-00945",
  "openTime": "2015-02-09",
  "patchDescription": "Google Chrome for Android\u662f\u4e00\u6b3e\u57fa\u4e8e\u5b89\u5353\u7684\u6d4f\u89c8\u5668\u3002\r\n\r\nGoogle Chrome for Android V8\u7ed1\u5b9a\u5b58\u5728\u8de8\u57df\u7ed5\u8fc7\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u6784\u5efa\u6076\u610fWEB\u9875\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\u6267\u884c\u4efb\u610f\u4ee3\u7801\u7b49\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google Chrome for Android\u8de8\u57df\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "google Chrome for Android \u003c40.0.2214.109"
  },
  "referenceLink": "http://googlechromereleases.blogspot.jp/2015/02/chrome-for-android-update.html\r\nhttp://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1210",
  "serverity": "\u9ad8",
  "submitTime": "2015-02-06",
  "title": "Google Chrome for Android\u8de8\u57df\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2015-1210 (GCVE-0-2015-1210)

Vulnerability from cvelistv5

Published

2015-02-06 11:00

Modified

2024-08-06 04:33

Severity ?

CWE

Summary

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/72497	vdb-entry, x_refsource_BID
	http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html	x_refsource_CONFIRM
	http://secunia.com/advisories/62818	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/62925	third-party-advisory, x_refsource_SECUNIA
	http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-201502-13.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/62917	third-party-advisory, x_refsource_SECUNIA
	https://code.google.com/p/chromium/issues/detail?id=453979	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2015-0163.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/62670	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id/1031709	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html	vendor-advisory, x_refsource_SUSE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/100716	vdb-entry, x_refsource_XF
	http://www.ubuntu.com/usn/USN-2495-1	vendor-advisory, x_refsource_UBUNTU
	https://src.chromium.org/viewvc/blink?revision=189365&view=revision	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:33:20.633Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "72497",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72497"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html"
          },
          {
            "name": "62818",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62818"
          },
          {
            "name": "62925",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62925"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html"
          },
          {
            "name": "GLSA-201502-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
          },
          {
            "name": "62917",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62917"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://code.google.com/p/chromium/issues/detail?id=453979"
          },
          {
            "name": "RHSA-2015:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0163.html"
          },
          {
            "name": "62670",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62670"
          },
          {
            "name": "1031709",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031709"
          },
          {
            "name": "openSUSE-SU-2015:0441",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
          },
          {
            "name": "google-chrome-cve20151210-sec-bypass(100716)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100716"
          },
          {
            "name": "USN-2495-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2495-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://src.chromium.org/viewvc/blink?revision=189365\u0026view=revision"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T15:57:01",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "name": "72497",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72497"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html"
        },
        {
          "name": "62818",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62818"
        },
        {
          "name": "62925",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62925"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html"
        },
        {
          "name": "GLSA-201502-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
        },
        {
          "name": "62917",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62917"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://code.google.com/p/chromium/issues/detail?id=453979"
        },
        {
          "name": "RHSA-2015:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0163.html"
        },
        {
          "name": "62670",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62670"
        },
        {
          "name": "1031709",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031709"
        },
        {
          "name": "openSUSE-SU-2015:0441",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
        },
        {
          "name": "google-chrome-cve20151210-sec-bypass(100716)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100716"
        },
        {
          "name": "USN-2495-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2495-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://src.chromium.org/viewvc/blink?revision=189365\u0026view=revision"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2015-1210",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "72497",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72497"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html"
            },
            {
              "name": "62818",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62818"
            },
            {
              "name": "62925",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62925"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2015/02/chrome-for-android-update.html"
            },
            {
              "name": "GLSA-201502-13",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
            },
            {
              "name": "62917",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62917"
            },
            {
              "name": "https://code.google.com/p/chromium/issues/detail?id=453979",
              "refsource": "CONFIRM",
              "url": "https://code.google.com/p/chromium/issues/detail?id=453979"
            },
            {
              "name": "RHSA-2015:0163",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0163.html"
            },
            {
              "name": "62670",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62670"
            },
            {
              "name": "1031709",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031709"
            },
            {
              "name": "openSUSE-SU-2015:0441",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
            },
            {
              "name": "google-chrome-cve20151210-sec-bypass(100716)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100716"
            },
            {
              "name": "USN-2495-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2495-1"
            },
            {
              "name": "https://src.chromium.org/viewvc/blink?revision=189365\u0026view=revision",
              "refsource": "CONFIRM",
              "url": "https://src.chromium.org/viewvc/blink?revision=189365\u0026view=revision"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2015-1210",
    "datePublished": "2015-02-06T11:00:00",
    "dateReserved": "2015-01-21T00:00:00",
    "dateUpdated": "2024-08-06T04:33:20.633Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted