Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
26 Jan 2024, 18:56
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-1021 | |
First Time |
Opensuse opensuse
Redhat enterprise Linux Eus Redhat Redhat enterprise Linux Server Redhat enterprise Linux Desktop Redhat enterprise Linux Server Eus Suse linux Enterprise Opensuse Suse Redhat enterprise Linux Server Aus Redhat enterprise Linux Workstation |
|
References | () http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html - Release Notes | |
References | () http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html - Mitigation, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-updates/2015-11/msg00024.html - Mitigation, Third Party Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2015-0816.html - Third Party Advisory | |
References | () http://ubuntu.com/usn/usn-2570-1 - Third Party Advisory | |
References | () http://www.debian.org/security/2015/dsa-3238 - Third Party Advisory | |
References | () http://www.securitytracker.com/id/1032209 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://code.google.com/p/chromium/issues/detail?id=418402 - Exploit, Issue Tracking, Vendor Advisory | |
References | () https://codereview.chromium.org/628763003 - Issue Tracking, Vendor Advisory | |
References | () https://codereview.chromium.org/660663002 - Issue Tracking, Vendor Advisory | |
References | () https://codereview.chromium.org/717573004 - Issue Tracking, Vendor Advisory | |
References | () https://codereview.chromium.org/868123002 - Issue Tracking, Vendor Advisory | |
References | () https://security.gentoo.org/glsa/201506-04 - Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* |
07 Nov 2023, 02:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://codereview.chromium.org/868123002 - | |
References | () https://codereview.chromium.org/660663002 - | |
References | () http://www.securitytracker.com/id/1032209 - | |
References | () http://www.debian.org/security/2015/dsa-3238 - | |
References | () http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html - | |
References | () https://security.gentoo.org/glsa/201506-04 - | |
References | () https://codereview.chromium.org/628763003 - | |
References | () http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html - | |
References | () http://lists.opensuse.org/opensuse-updates/2015-11/msg00024.html - | |
References | () https://codereview.chromium.org/717573004 - | |
References | () http://rhn.redhat.com/errata/RHSA-2015-0816.html - | |
References | () http://ubuntu.com/usn/usn-2570-1 - | |
References | () https://code.google.com/p/chromium/issues/detail?id=418402 - |
Information
Published : 2015-04-19 10:59
Updated : 2024-01-26 18:56
NVD link : CVE-2015-1241
Mitre link : CVE-2015-1241
CVE.ORG link : CVE-2015-1241
JSON object : View
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_server_eus
- enterprise_linux_server_aus
- enterprise_linux_server
- enterprise_linux_workstation
- enterprise_linux_eus
opensuse
- opensuse
debian
- debian_linux
- chrome
canonical
- ubuntu_linux
suse
- linux_enterprise
CWE
CWE-1021
Improper Restriction of Rendered UI Layers or Frames