First published: Thu Jul 23 2015(Updated: )
Last updated 24 July 2024
Credit: chrome-cve-admin@google.com cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
debian/chromium-browser | ||
Google Chrome | <=43.0.2357.134 | |
Debian Debian Linux | =8.0 | |
Redhat Enterprise Linux Desktop Supplementary | =6.0 | |
Redhat Enterprise Linux Server Supplementary | =6.0 | |
Redhat Enterprise Linux Server Supplementary Eus | =6.7z | |
Redhat Enterprise Linux Workstation Supplementary | =6.0 | |
openSUSE openSUSE | =13.1 | |
openSUSE openSUSE | =13.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-1277 is a use-after-free vulnerability in the accessibility implementation in Google Chrome before version 44.0.2403.89.
CVE-2015-1277 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for accessibility-tree data structures.
Google Chrome versions before 44.0.2403.89, Debian Linux 8.0, Redhat Enterprise Linux versions 6.0 and 6.7z, OpenSUSE versions 13.1 and 13.2, Chromium browser on Ubuntu Trusty, Vivid, and Wily, and Oxide-qt on Ubuntu Trusty, Vivid, and Wily.
CVE-2015-1277 has a severity rating of 7.5 (high).
Remedies are available in the form of updated versions for Google Chrome, Chromium browser, and Oxide-qt on affected platforms.