Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-1257

platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, does not properly handle an insufficient number of values in an feColorMatrix filter, which allows remote attackers to cause a denial of service (container overflow) or possibly have unspecified other impact via a crafted document.

Related bugs and status

CVE-2015-1257 (Candidate) is related to these bugs:

Bug #1449063: no icon for chromium-browser in xfce task bar

Summary				In	Importance	Status
	1449063	no icon for chromium-browser in xfce task bar		chromium-browser (Ubuntu)	Undecided	Fix Released
	1449063	no icon for chromium-browser in xfce task bar		Chromium Browser	Unknown	Unknown

Bug #1468666: Chromium VERSION on Ubuntu 12.04 LTS

Summary				In	Importance	Status
	1468666	Chromium VERSION on Ubuntu 12.04 LTS		chromium-browser (Ubuntu)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://googlechromerel...
CONFIRM: https://code.google.co...
DEBIAN: DSA-3267
SUSE: openSUSE-SU-2015:1877
GENTOO: GLSA-201506-04
SUSE: openSUSE-SU-2015:0969
BID: 74723
SECTRACK: 1032375
CONFIRM: https://src.chromium.o...
CONFIRM: https://src.chromium.o...