Home

CVE-2015-1210

Description

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.608

Associated Vulnerability

VulnerabilityOS Platform
Updates for Google Chrome (66.0.3359.170)Windows
Updates for Google Chrome (x64) (66.0.3359.170)Windows
Updates for Google Chrome (66.0.3359.181)Windows
Updates for Google Chrome (x64) (66.0.3359.181)Windows
Updates for Google Chrome (67.0.3396.62)Windows
Updates for Google Chrome (x64) (67.0.3396.62)Windows
Updates for Google Chrome (67.0.3396.79)Windows
Updates for Google Chrome (x64) (67.0.3396.79)Windows
Updates for Google Chrome (67.0.3396.87)Windows
Updates for Google Chrome (x64) (67.0.3396.87)Windows
Google Chrome (67.0.3396.99)Windows
Google Chrome (x64) (67.0.3396.99)Windows
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211,CVE-2015-1212 are fixed in Chrome 40.0.2214.111Windows
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211 are fixed in Chrome 40.0.2214.114Windows
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211,CVE-2015-1212 are fixed in Chrome (x64) 40.0.2214.111Windows
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211 are fixed in Chrome (x64) 40.0.2214.114Windows
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211,CVE-2015-1212 are fixed in Google Chrome for Mac 40.0.2214.111Mac
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211 are fixed in Google Chrome for Mac 40.0.2214.114Mac
Updates for Google Chrome (66.0.3359.170) (For Ubuntu)Linux
Updates for Google Chrome (66.0.3359.170) (For Debian)Linux
Updates for Google Chrome (66.0.3359.181) (For Debian)Linux
Updates for Google Chrome (67.0.3396.62) (For Debian)Linux
Updates for Google Chrome (67.0.3396.79) (For Debian)Linux
Updates for Google Chrome (67.0.3396.87) (For Debian)Linux
Google Chrome (67.0.3396.99) (For Debian)Linux
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211,CVE-2015-1212 are fixed in Chrome 40.0.2214.111 (For Debian)Linux
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211 are fixed in Chrome 40.0.2214.114 (For Debian)Linux
Updates for Google Chrome (66.0.3359.170) (For Centos)Linux
Updates for Google Chrome (66.0.3359.181) (For Centos)Linux
Updates for Google Chrome (67.0.3396.62) (For Centos)Linux
Updates for Google Chrome (67.0.3396.79) (For Centos)Linux
Updates for Google Chrome (67.0.3396.87) (For Centos)Linux
Google Chrome (67.0.3396.99) (For Centos)Linux
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211,CVE-2015-1212 are fixed in Chrome 40.0.2214.111 (For Centos)Linux
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211 are fixed in Chrome 40.0.2214.114 (For Centos)Linux
Updates for Google Chrome (66.0.3359.170) (For RedHat)Linux
Updates for Google Chrome (66.0.3359.181) (For RedHat)Linux
Updates for Google Chrome (67.0.3396.62) (For RedHat)Linux
Updates for Google Chrome (67.0.3396.79) (For RedHat)Linux
Updates for Google Chrome (67.0.3396.87) (For RedHat)Linux
Google Chrome (67.0.3396.99) (For RedHat)Linux
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211,CVE-2015-1212 are fixed in Chrome 40.0.2214.111 (For RedHat)Linux
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211 are fixed in Chrome 40.0.2214.114 (For RedHat)Linux
Updates for Google Chrome (66.0.3359.170) (For Suse)Linux
Updates for Google Chrome (66.0.3359.181) (For Suse)Linux
Updates for Google Chrome (67.0.3396.62) (For Suse)Linux
Updates for Google Chrome (67.0.3396.79) (For Suse)Linux
Updates for Google Chrome (67.0.3396.87) (For Suse)Linux
Google Chrome (67.0.3396.99) (For Suse)Linux
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211,CVE-2015-1212 are fixed in Chrome 40.0.2214.111 (For Suse)Linux
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211 are fixed in Chrome 40.0.2214.114 (For Suse)Linux
Updates for Google Chrome (66.0.3359.181) (For Ubuntu)Linux
Updates for Google Chrome (67.0.3396.62) (For Ubuntu)Linux
Updates for Google Chrome (67.0.3396.79) (For Ubuntu)Linux
Updates for Google Chrome (67.0.3396.87) (For Ubuntu)Linux
Google Chrome (67.0.3396.99) (For Ubuntu)Linux
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211,CVE-2015-1212 are fixed in Chrome 40.0.2214.111 (For Ubuntu)Linux
Vulnerabilities CVE-2015-1209,CVE-2015-1210,CVE-2015-1211 are fixed in Chrome 40.0.2214.114 (For Ubuntu)Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-307513Updates for Google Chrome (66.0.3359.170)
PATCH-307515Updates for Google Chrome (x64) (66.0.3359.170)
PATCH-307534Updates for Google Chrome (66.0.3359.181)
PATCH-307535Updates for Google Chrome (x64) (66.0.3359.181)
PATCH-307607Updates for Google Chrome (67.0.3396.62)
PATCH-307608Updates for Google Chrome (x64) (67.0.3396.62)
PATCH-307641Updates for Google Chrome (67.0.3396.79)
PATCH-307644Updates for Google Chrome (x64) (67.0.3396.79)
PATCH-307660Updates for Google Chrome (67.0.3396.87)
PATCH-307662Updates for Google Chrome (x64) (67.0.3396.87)
PATCH-307715Google Chrome (67.0.3396.99)
PATCH-307716Google Chrome (x64) (67.0.3396.99)
PATCH-313038Google Chrome (80.0.3987.122)
PATCH-313038Google Chrome (80.0.3987.122)
PATCH-313039Google Chrome (x64) (80.0.3987.122)
PATCH-313039Google Chrome (x64) (80.0.3987.122)
PATCH-611995Google Chrome for Mac (140.0.7339.132 , 140.0.7339.133)
PATCH-611995Google Chrome for Mac (140.0.7339.132 , 140.0.7339.133)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234