CVE-2015-1283

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html
http://rhn.redhat.com/errata/RHSA-2015-1499.html
http://www.debian.org/security/2015/dsa-3315
http://www.debian.org/security/2015/dsa-3318
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
http://www.securityfocus.com/bid/75973
http://www.securitytracker.com/id/1033031
http://www.ubuntu.com/usn/USN-2726-1
https://code.google.com/p/chromium/issues/detail?id=492052
https://codereview.chromium.org/1224303003
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
https://security.gentoo.org/glsa/201603-09
https://security.gentoo.org/glsa/201701-21
https://source.android.com/security/bulletin/2016-11-01.html
https://www.tenable.com/security/tns-2016-20

Configurations

Configuration 1 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:a:python:python::::::::
	cpe:2.3:a:python:python::::::::
	cpe:2.3:a:python:python::::::::
	cpe:2.3:a:python:python::::::::

Configuration 4 (hide)

OR	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration 5 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

Configuration 6 (hide)

OR	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4::::::
	cpe:2.3:a:suse:studio_onsite:1.3:::::::*
	cpe:2.3:o:opensuse:leap:42.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
	cpe:2.3:o:suse:linux_enterprise_desktop:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_server:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_server:12:sp1::::::
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1::::::

Configuration 7 (hide)

OR	cpe:2.3:o:oracle:solaris:10:::::::*
	cpe:2.3:o:oracle:solaris:11.3:::::::*

History

07 Nov 2023, 02:24

05 Jul 2022, 18:57

25 Jan 2021, 15:44

Type	Values Removed	Values Added
CPE	cpe:2.3:a:libexpat:expat::::::::	cpe:2.3:a:libexpat_project:libexpat::::::::

Information

Published : 2015-07-23 00:59

Updated : 2023-12-10 11:46

NVD link : CVE-2015-1283

Mitre link : CVE-2015-1283

CVE.ORG link : CVE-2015-1283

JSON object : View

Products Affected

libexpat_project

libexpat

suse

linux_enterprise_debuginfo
linux_enterprise_software_development_kit
studio_onsite
linux_enterprise_server
linux_enterprise_desktop

python

python

google

chrome

opensuse

opensuse
leap

oracle

solaris

debian

debian_linux

canonical

ubuntu_linux

CWE

CWE-190

Integer Overflow or Wraparound

Type	Values Removed	Values Added
References	~~(GENTOO) https://security.gentoo.org/glsa/201701-21 - Third Party Advisory~~	() https://security.gentoo.org/glsa/201701-21 -
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html - Mailing List, Third Party Advisory~~	() http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html -
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html - Mailing List, Third Party Advisory~~	() http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html -
References	~~(SECTRACK) http://www.securitytracker.com/id/1033031 - Broken Link, Third Party Advisory, VDB Entry~~	() http://www.securitytracker.com/id/1033031 -
References	~~(CONFIRM) https://codereview.chromium.org/1224303003 - Patch, Third Party Advisory~~	() https://codereview.chromium.org/1224303003 -
References	~~(UBUNTU) http://www.ubuntu.com/usn/USN-2726-1 - Third Party Advisory~~	() http://www.ubuntu.com/usn/USN-2726-1 -
References	~~(CONFIRM) https://www.tenable.com/security/tns-2016-20 - Third Party Advisory~~	() https://www.tenable.com/security/tns-2016-20 -
References	~~(CONFIRM) http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html - Third Party Advisory~~	() http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html -
References	~~(CONFIRM) http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html - Patch, Vendor Advisory~~	() http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html -
References	~~(CONFIRM) https://source.android.com/security/bulletin/2016-11-01.html - Third Party Advisory~~	() https://source.android.com/security/bulletin/2016-11-01.html -
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2015-1499.html - Third Party Advisory~~	() http://rhn.redhat.com/errata/RHSA-2015-1499.html -
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html - Mailing List, Third Party Advisory~~	() http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html -
References	~~(DEBIAN) http://www.debian.org/security/2015/dsa-3318 - Third Party Advisory~~	() http://www.debian.org/security/2015/dsa-3318 -
References	~~(DEBIAN) http://www.debian.org/security/2015/dsa-3315 - Third Party Advisory~~	() http://www.debian.org/security/2015/dsa-3315 -
References	~~(GENTOO) https://security.gentoo.org/glsa/201603-09 - Third Party Advisory~~	() https://security.gentoo.org/glsa/201603-09 -
References	~~(CONFIRM) https://code.google.com/p/chromium/issues/detail?id=492052 - Issue Tracking, Patch, Vendor Advisory~~	() https://code.google.com/p/chromium/issues/detail?id=492052 -
References	~~(BID) http://www.securityfocus.com/bid/75973 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/75973 -
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html - Mailing List, Third Party Advisory~~	() http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html -
References	~~(CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10365 - Third Party Advisory~~	() https://kc.mcafee.com/corporate/index?page=content&id=SB10365 -
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html - Mailing List, Third Party Advisory~~	() http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html -

Type	Values Removed	Values Added
CPE		cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm::: cpe:2.3:o:canonical:ubuntu_linux:12.04::::-::: cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:::::: cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::* cpe:2.3:o:debian:debian_linux:8.0:::::::* cpe:2.3:o:suse:linux_enterprise_desktop:12:-:::::: cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:::::: cpe:2.3:o:opensuse:leap:42.1:::::::* cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:::::: cpe:2.3:o:suse:linux_enterprise_server:12:sp1:::::: cpe:2.3:o:oracle:solaris:11.3:::::::* cpe:2.3:o:suse:linux_enterprise_server:11:sp4:::::: cpe:2.3:o:debian:debian_linux:9.0:::::::* cpe:2.3:o:debian:debian_linux:7.0:::::::* cpe:2.3:o:opensuse:opensuse:13.2:::::::* cpe:2.3:a:python:python:::::::: cpe:2.3:a:suse:studio_onsite:1.3:::::::* cpe:2.3:o:suse:linux_enterprise_server:12:-:::::: cpe:2.3:o:opensuse:opensuse:13.1:::::::* cpe:2.3:o:oracle:solaris:10:::::::* cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:::::: cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4::::::
References		(CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10365 - Third Party Advisory
References	~~(CONFIRM) https://www.tenable.com/security/tns-2016-20 -~~	(CONFIRM) https://www.tenable.com/security/tns-2016-20 - Third Party Advisory
References	~~(DEBIAN) http://www.debian.org/security/2015/dsa-3315 -~~	(DEBIAN) http://www.debian.org/security/2015/dsa-3315 - Third Party Advisory
References	~~(GENTOO) https://security.gentoo.org/glsa/201701-21 -~~	(GENTOO) https://security.gentoo.org/glsa/201701-21 - Third Party Advisory
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2015-1499.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2015-1499.html - Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html - Mailing List, Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html - Mailing List, Third Party Advisory
References	~~(SECTRACK) http://www.securitytracker.com/id/1033031 -~~	(SECTRACK) http://www.securitytracker.com/id/1033031 - Broken Link, Third Party Advisory, VDB Entry
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html - Mailing List, Third Party Advisory
References	~~(BID) http://www.securityfocus.com/bid/75973 -~~	(BID) http://www.securityfocus.com/bid/75973 - Third Party Advisory, VDB Entry
References	~~(GENTOO) https://security.gentoo.org/glsa/201603-09 -~~	(GENTOO) https://security.gentoo.org/glsa/201603-09 - Third Party Advisory
References	~~(CONFIRM) http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html -~~	(CONFIRM) http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html - Third Party Advisory
References	~~(CONFIRM) https://codereview.chromium.org/1224303003 -~~	(CONFIRM) https://codereview.chromium.org/1224303003 - Patch, Third Party Advisory
References	~~(DEBIAN) http://www.debian.org/security/2015/dsa-3318 -~~	(DEBIAN) http://www.debian.org/security/2015/dsa-3318 - Third Party Advisory
References	~~(UBUNTU) http://www.ubuntu.com/usn/USN-2726-1 -~~	(UBUNTU) http://www.ubuntu.com/usn/USN-2726-1 - Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html - Mailing List, Third Party Advisory
References	~~(CONFIRM) https://source.android.com/security/bulletin/2016-11-01.html -~~	(CONFIRM) https://source.android.com/security/bulletin/2016-11-01.html - Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html - Mailing List, Third Party Advisory
References	~~(CONFIRM) https://code.google.com/p/chromium/issues/detail?id=492052 -~~	(CONFIRM) https://code.google.com/p/chromium/issues/detail?id=492052 - Issue Tracking, Patch, Vendor Advisory
First Time		Suse linux Enterprise Debuginfo Opensuse opensuse Suse linux Enterprise Server Opensuse leap Python python Canonical Suse linux Enterprise Software Development Kit Debian debian Linux Suse linux Enterprise Desktop Suse studio Onsite Oracle solaris Debian Opensuse Canonical ubuntu Linux Python Suse Oracle
CWE	~~CWE-189~~	CWE-190

6.8 /10