-
Notifications
You must be signed in to change notification settings - Fork 254
CVE 2015 6792
Max Mendelson edited this page Dec 19, 2016
·
10 revisions
||| |:----|:------|:------| |CVE_ID| CVE-2015-6792 | |version_broken|| |version_found|46.0.2490.86| |version_fixed|47.0.2526.73| |file/s|content/browser/appcache/appcache_update_job.cc| |code review ID|1463463003|
"The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manager_alsa.cc, and midi_manager_mac.cc, a different vulnerability than CVE-2015-8664."
There was a race condition that was not checked for.
| type/s | Denial Of Service, Execute Code |
| coding mistakes | lack of checks |
| CWE-ID | None |
| Exploits | No Known |
| CVSS | |
|---|---|
| Overall | 10.0 |
| Confidentiality | Complete |
| Integrity | Complete |
| Availability | Complete |
| Access Complexity | Low |
| Authentication | None |
| Gained Access | None |
| issue_id | 564501 |
| date | 2015-12-02 |
| user_user | Oliver Chang [email protected] |
| user_role | Google Employee |
| metasploit | None |
| bounty | None |
| commit_id | 7a3785cab4bc23accf2a7d7e0394c7d388903eb1 54d256d1fc9c6a9e7438f6f51206d1f99b1ed6b4 a3d22f60a719a6dae77a0586ef32dd12ac463952 |
| commit_date | 2015-12-08 |
| user_username | [email protected] |
| user_name | Oliver Chang |
| user_role | Google employee |
| method | add checks |