CVE-2015-1221
Description
Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blinks main thread, related to the shutdown function in web/WebKit.cpp.
Risk Information
Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.867
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update for Google Chrome (45.0.2454.101) | Windows |
| Update for Google Chrome x64 (45.0.2454.101) | Windows |
| Update for Google Chrome (48.0.2564.103) | Windows |
| Update for Google Chrome x64 (48.0.2564.103) | Windows |
| Update for Google Chrome (48.0.2564.109) | Windows |
| Update for Google Chrome x64 (48.0.2564.109) | Windows |
| Update for Google Chrome (48.0.2564.116) | Windows |
| Update for Google Chrome x64 (48.0.2564.116) | Windows |
| Update for Google Chrome (51.0.2704.103) | Windows |
| Update for Google Chrome x64 (51.0.2704.103) | Windows |
| Update for Google Chrome (51.0.2704.106) | Windows |
| Update for Google Chrome x64 (51.0.2704.106) | Windows |
| Updates for Google Chrome (66.0.3359.170) | Windows |
| Updates for Google Chrome (x64) (66.0.3359.170) | Windows |
| Updates for Google Chrome (66.0.3359.181) | Windows |
| Updates for Google Chrome (x64) (66.0.3359.181) | Windows |
| Updates for Google Chrome (67.0.3396.62) | Windows |
| Updates for Google Chrome (x64) (67.0.3396.62) | Windows |
| Updates for Google Chrome (67.0.3396.79) | Windows |
| Updates for Google Chrome (x64) (67.0.3396.79) | Windows |
| Updates for Google Chrome (67.0.3396.87) | Windows |
| Updates for Google Chrome (x64) (67.0.3396.87) | Windows |
| Google Chrome (67.0.3396.99) | Windows |
| Google Chrome (x64) (67.0.3396.99) | Windows |
| Multiple vulnerabilities fixed in Chrome 41.0.2272.76 | Windows |
| Multiple vulnerabilities fixed in Chrome (x64) 41.0.2272.76 | Windows |
| Multiple vulnerabilities are fixed in Google Chrome for Mac 41.0.2272.76 | Mac |
| Update for Google Chrome (45.0.2454.101) (For Ubuntu) | Linux |
| Update for Google Chrome (48.0.2564.103) (For Ubuntu) | Linux |
| Update for Google Chrome (48.0.2564.109) (For Ubuntu) | Linux |
| Update for Google Chrome (48.0.2564.116) (For Ubuntu) | Linux |
| Update for Google Chrome (51.0.2704.103) (For Ubuntu) | Linux |
| Update for Google Chrome (51.0.2704.106) (For Ubuntu) | Linux |
| Updates for Google Chrome (66.0.3359.170) (For Ubuntu) | Linux |
| Update for Google Chrome (45.0.2454.101) (For Debian) | Linux |
| Update for Google Chrome (48.0.2564.103) (For Debian) | Linux |
| Update for Google Chrome (48.0.2564.109) (For Debian) | Linux |
| Update for Google Chrome (48.0.2564.116) (For Debian) | Linux |
| Update for Google Chrome (51.0.2704.103) (For Debian) | Linux |
| Update for Google Chrome (51.0.2704.106) (For Debian) | Linux |
| Updates for Google Chrome (66.0.3359.170) (For Debian) | Linux |
| Updates for Google Chrome (66.0.3359.181) (For Debian) | Linux |
| Updates for Google Chrome (67.0.3396.62) (For Debian) | Linux |
| Updates for Google Chrome (67.0.3396.79) (For Debian) | Linux |
| Updates for Google Chrome (67.0.3396.87) (For Debian) | Linux |
| Google Chrome (67.0.3396.99) (For Debian) | Linux |
| Multiple vulnerabilities fixed in Chrome 41.0.2272.76 (For Debian) | Linux |
| Update for Google Chrome (45.0.2454.101) (For Centos) | Linux |
| Update for Google Chrome (48.0.2564.103) (For Centos) | Linux |
| Update for Google Chrome (48.0.2564.109) (For Centos) | Linux |
| Update for Google Chrome (48.0.2564.116) (For Centos) | Linux |
| Update for Google Chrome (51.0.2704.103) (For Centos) | Linux |
| Update for Google Chrome (51.0.2704.106) (For Centos) | Linux |
| Updates for Google Chrome (66.0.3359.170) (For Centos) | Linux |
| Updates for Google Chrome (66.0.3359.181) (For Centos) | Linux |
| Updates for Google Chrome (67.0.3396.62) (For Centos) | Linux |
| Updates for Google Chrome (67.0.3396.79) (For Centos) | Linux |
| Updates for Google Chrome (67.0.3396.87) (For Centos) | Linux |
| Google Chrome (67.0.3396.99) (For Centos) | Linux |
| Multiple vulnerabilities fixed in Chrome 41.0.2272.76 (For Centos) | Linux |
| Update for Google Chrome (45.0.2454.101) (For RedHat) | Linux |
| Update for Google Chrome (48.0.2564.103) (For RedHat) | Linux |
| Update for Google Chrome (48.0.2564.109) (For RedHat) | Linux |
| Update for Google Chrome (48.0.2564.116) (For RedHat) | Linux |
| Update for Google Chrome (51.0.2704.103) (For RedHat) | Linux |
| Update for Google Chrome (51.0.2704.106) (For RedHat) | Linux |
| Updates for Google Chrome (66.0.3359.170) (For RedHat) | Linux |
| Updates for Google Chrome (66.0.3359.181) (For RedHat) | Linux |
| Updates for Google Chrome (67.0.3396.62) (For RedHat) | Linux |
| Updates for Google Chrome (67.0.3396.79) (For RedHat) | Linux |
| Updates for Google Chrome (67.0.3396.87) (For RedHat) | Linux |
| Google Chrome (67.0.3396.99) (For RedHat) | Linux |
| Multiple vulnerabilities fixed in Chrome 41.0.2272.76 (For RedHat) | Linux |
| Update for Google Chrome (45.0.2454.101) (For Suse) | Linux |
| Update for Google Chrome (48.0.2564.103) (For Suse) | Linux |
| Update for Google Chrome (48.0.2564.109) (For Suse) | Linux |
| Update for Google Chrome (48.0.2564.116) (For Suse) | Linux |
| Update for Google Chrome (51.0.2704.103) (For Suse) | Linux |
| Update for Google Chrome (51.0.2704.106) (For Suse) | Linux |
| Updates for Google Chrome (66.0.3359.170) (For Suse) | Linux |
| Updates for Google Chrome (66.0.3359.181) (For Suse) | Linux |
| Updates for Google Chrome (67.0.3396.62) (For Suse) | Linux |
| Updates for Google Chrome (67.0.3396.79) (For Suse) | Linux |
| Updates for Google Chrome (67.0.3396.87) (For Suse) | Linux |
| Google Chrome (67.0.3396.99) (For Suse) | Linux |
| Multiple vulnerabilities fixed in Chrome 41.0.2272.76 (For Suse) | Linux |
| Updates for Google Chrome (66.0.3359.181) (For Ubuntu) | Linux |
| Updates for Google Chrome (67.0.3396.62) (For Ubuntu) | Linux |
| Updates for Google Chrome (67.0.3396.79) (For Ubuntu) | Linux |
| Updates for Google Chrome (67.0.3396.87) (For Ubuntu) | Linux |
| Google Chrome (67.0.3396.99) (For Ubuntu) | Linux |
| Multiple vulnerabilities fixed in Chrome 41.0.2272.76 (For Ubuntu) | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-302563 | Update for Google Chrome (45.0.2454.101) |
| PATCH-302570 | Update for Google Chrome x64 (45.0.2454.101) |
| PATCH-303147 | Update for Google Chrome (48.0.2564.103) |
| PATCH-303167 | Update for Google Chrome x64 (48.0.2564.103) |
| PATCH-303194 | Update for Google Chrome (48.0.2564.109) |
| PATCH-303195 | Update for Google Chrome x64 (48.0.2564.109) |
| PATCH-303196 | Update for Google Chrome (48.0.2564.116) |
| PATCH-303222 | Update for Google Chrome x64 (48.0.2564.116) |
| PATCH-303502 | Update for Google Chrome (51.0.2704.103) |
| PATCH-303503 | Update for Google Chrome x64 (51.0.2704.103) |
| PATCH-303504 | Update for Google Chrome (51.0.2704.106) |
| PATCH-303505 | Update for Google Chrome x64 (51.0.2704.106) |
| PATCH-307513 | Updates for Google Chrome (66.0.3359.170) |
| PATCH-307515 | Updates for Google Chrome (x64) (66.0.3359.170) |
| PATCH-307534 | Updates for Google Chrome (66.0.3359.181) |
| PATCH-307535 | Updates for Google Chrome (x64) (66.0.3359.181) |
| PATCH-307607 | Updates for Google Chrome (67.0.3396.62) |
| PATCH-307608 | Updates for Google Chrome (x64) (67.0.3396.62) |
| PATCH-307641 | Updates for Google Chrome (67.0.3396.79) |
| PATCH-307644 | Updates for Google Chrome (x64) (67.0.3396.79) |
| PATCH-307660 | Updates for Google Chrome (67.0.3396.87) |
| PATCH-307662 | Updates for Google Chrome (x64) (67.0.3396.87) |
| PATCH-307715 | Google Chrome (67.0.3396.99) |
| PATCH-307716 | Google Chrome (x64) (67.0.3396.99) |
| PATCH-313038 | Google Chrome (80.0.3987.122) |
| PATCH-313039 | Google Chrome (x64) (80.0.3987.122) |
| PATCH-611995 | Google Chrome for Mac (140.0.7339.132 , 140.0.7339.133) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234