Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
26 Jan 2024, 18:56
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-1021 | |
CPE | cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* |
|
References | () http://rhn.redhat.com/errata/RHSA-2015-0816.html - Third Party Advisory | |
References | () http://www.debian.org/security/2015/dsa-3238 - Third Party Advisory | |
References | () http://www.securitytracker.com/id/1032209 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html - Release Notes | |
References | () https://codereview.chromium.org/868123002 - Issue Tracking, Vendor Advisory | |
References | () https://code.google.com/p/chromium/issues/detail?id=418402 - Exploit, Issue Tracking, Vendor Advisory | |
References | () https://codereview.chromium.org/628763003 - Issue Tracking, Vendor Advisory | |
References | () https://codereview.chromium.org/660663002 - Issue Tracking, Vendor Advisory | |
References | () https://codereview.chromium.org/717573004 - Issue Tracking, Vendor Advisory | |
References | () https://security.gentoo.org/glsa/201506-04 - Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html - Mitigation, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-updates/2015-11/msg00024.html - Mitigation, Third Party Advisory | |
References | () http://ubuntu.com/usn/usn-2570-1 - Third Party Advisory |
Information
Published : 2015-04-19 10:59
Updated : 2024-02-04 18:35
NVD link : CVE-2015-1241
Mitre link : CVE-2015-1241
CVE.ORG link : CVE-2015-1241
JSON object : View
Products Affected
redhat
- enterprise_linux_server
- enterprise_linux_desktop
- enterprise_linux_workstation
- enterprise_linux_server_eus
- enterprise_linux_eus
- enterprise_linux_server_aus
opensuse
- opensuse
canonical
- ubuntu_linux
- chrome
suse
- linux_enterprise
debian
- debian_linux
CWE
CWE-1021
Improper Restriction of Rendered UI Layers or Frames