CVE-2015-1295
Published: 3 September 2015
Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/print_web_view_helper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC messages during preparation for printing, as demonstrated by messages associated with PDF documents in conjunction with messages about printer capabilities.
Notes
Author | Note |
---|---|
chrisccoulson | Oxide does not use the printing component |
Priority
Status
Package | Release | Status |
---|---|---|
chromium-browser Launchpad, Ubuntu, Debian |
xenial |
Released
(45.0.2454.85-0ubuntu1.1198)
|
upstream |
Released
(45.0.2454.85)
|
|
precise |
Ignored
|
|
trusty |
Does not exist
(trusty was released [45.0.2454.85-0ubuntu0.14.04.1.1097])
|
|
vivid |
Released
(45.0.2454.85-0ubuntu0.15.04.1.1181)
|
|
wily |
Released
(45.0.2454.85-0ubuntu1.1198)
|
|
oxide-qt Launchpad, Ubuntu, Debian |
xenial |
Not vulnerable
|
upstream |
Not vulnerable
|
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was not-affected)
|
|
vivid |
Not vulnerable
|
|
wily |
Not vulnerable
|