Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
26 Jan 2024, 18:56
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-1021 | |
CPE | cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* |
|
References | () http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html - Release Notes | |
References | () https://codereview.chromium.org/660663002 - Issue Tracking, Vendor Advisory | |
References | () http://lists.opensuse.org/opensuse-updates/2015-11/msg00024.html - Mitigation, Third Party Advisory | |
References | () https://security.gentoo.org/glsa/201506-04 - Third Party Advisory | |
References | () http://www.securitytracker.com/id/1032209 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.debian.org/security/2015/dsa-3238 - Third Party Advisory | |
References | () https://code.google.com/p/chromium/issues/detail?id=418402 - Exploit, Issue Tracking, Vendor Advisory | |
References | () http://ubuntu.com/usn/usn-2570-1 - Third Party Advisory | |
References | () https://codereview.chromium.org/717573004 - Issue Tracking, Vendor Advisory | |
References | () http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html - Mitigation, Third Party Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2015-0816.html - Third Party Advisory | |
References | () https://codereview.chromium.org/868123002 - Issue Tracking, Vendor Advisory | |
References | () https://codereview.chromium.org/628763003 - Issue Tracking, Vendor Advisory | |
First Time |
Redhat enterprise Linux Server
Suse Opensuse Redhat enterprise Linux Server Aus Redhat enterprise Linux Workstation Redhat enterprise Linux Desktop Redhat enterprise Linux Server Eus Suse linux Enterprise Redhat Opensuse opensuse Redhat enterprise Linux Eus |
07 Nov 2023, 02:24
Type | Values Removed | Values Added |
---|---|---|
References | () http://rhn.redhat.com/errata/RHSA-2015-0816.html - | |
References | () http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html - | |
References | () http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html - | |
References | () http://www.debian.org/security/2015/dsa-3238 - | |
References | () https://code.google.com/p/chromium/issues/detail?id=418402 - | |
References | () http://lists.opensuse.org/opensuse-updates/2015-11/msg00024.html - | |
References | () https://codereview.chromium.org/717573004 - | |
References | () http://ubuntu.com/usn/usn-2570-1 - | |
References | () https://codereview.chromium.org/868123002 - | |
References | () https://security.gentoo.org/glsa/201506-04 - | |
References | () http://www.securitytracker.com/id/1032209 - | |
References | () https://codereview.chromium.org/628763003 - | |
References | () https://codereview.chromium.org/660663002 - |
Information
Published : 2015-04-19 10:59
Updated : 2024-02-28 12:20
NVD link : CVE-2015-1241
Mitre link : CVE-2015-1241
CVE.ORG link : CVE-2015-1241
JSON object : View
Products Affected
debian
- debian_linux
opensuse
- opensuse
redhat
- enterprise_linux_desktop
- enterprise_linux_eus
- enterprise_linux_server
- enterprise_linux_server_aus
- enterprise_linux_workstation
- enterprise_linux_server_eus
- chrome
suse
- linux_enterprise
canonical
- ubuntu_linux
CWE
CWE-1021
Improper Restriction of Rendered UI Layers or Frames