Home

CVE-2015-1222

Description

Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCacheMap implementation in content/browser/service_worker/service_worker_script_cache_map.cc in Google Chrome before 41.0.2272.76 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a ServiceWorkerContextWrapper::DeleteAndStartOver call, related to the NotifyStartedCaching and NotifyFinishedCaching functions.

Risk Information

Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.989

Associated Vulnerability

VulnerabilityOS Platform
Update for Google Chrome (45.0.2454.101)Windows
Update for Google Chrome x64 (45.0.2454.101)Windows
Update for Google Chrome (48.0.2564.103)Windows
Update for Google Chrome x64 (48.0.2564.103)Windows
Update for Google Chrome (48.0.2564.109)Windows
Update for Google Chrome x64 (48.0.2564.109)Windows
Update for Google Chrome (48.0.2564.116)Windows
Update for Google Chrome x64 (48.0.2564.116)Windows
Update for Google Chrome (51.0.2704.103)Windows
Update for Google Chrome x64 (51.0.2704.103)Windows
Update for Google Chrome (51.0.2704.106)Windows
Update for Google Chrome x64 (51.0.2704.106)Windows
Updates for Google Chrome (66.0.3359.170)Windows
Updates for Google Chrome (x64) (66.0.3359.170)Windows
Updates for Google Chrome (66.0.3359.181)Windows
Updates for Google Chrome (x64) (66.0.3359.181)Windows
Updates for Google Chrome (67.0.3396.62)Windows
Updates for Google Chrome (x64) (67.0.3396.62)Windows
Updates for Google Chrome (67.0.3396.79)Windows
Updates for Google Chrome (x64) (67.0.3396.79)Windows
Updates for Google Chrome (67.0.3396.87)Windows
Updates for Google Chrome (x64) (67.0.3396.87)Windows
Google Chrome (67.0.3396.99)Windows
Google Chrome (x64) (67.0.3396.99)Windows
Multiple vulnerabilities fixed in Chrome 41.0.2272.76Windows
Multiple vulnerabilities fixed in Chrome (x64) 41.0.2272.76Windows
Multiple vulnerabilities are fixed in Google Chrome for Mac 41.0.2272.76Mac
Update for Google Chrome (45.0.2454.101) (For Ubuntu)Linux
Update for Google Chrome (48.0.2564.103) (For Ubuntu)Linux
Update for Google Chrome (48.0.2564.109) (For Ubuntu)Linux
Update for Google Chrome (48.0.2564.116) (For Ubuntu)Linux
Update for Google Chrome (51.0.2704.103) (For Ubuntu)Linux
Update for Google Chrome (51.0.2704.106) (For Ubuntu)Linux
Updates for Google Chrome (66.0.3359.170) (For Ubuntu)Linux
Update for Google Chrome (45.0.2454.101) (For Debian)Linux
Update for Google Chrome (48.0.2564.103) (For Debian)Linux
Update for Google Chrome (48.0.2564.109) (For Debian)Linux
Update for Google Chrome (48.0.2564.116) (For Debian)Linux
Update for Google Chrome (51.0.2704.103) (For Debian)Linux
Update for Google Chrome (51.0.2704.106) (For Debian)Linux
Updates for Google Chrome (66.0.3359.170) (For Debian)Linux
Updates for Google Chrome (66.0.3359.181) (For Debian)Linux
Updates for Google Chrome (67.0.3396.62) (For Debian)Linux
Updates for Google Chrome (67.0.3396.79) (For Debian)Linux
Updates for Google Chrome (67.0.3396.87) (For Debian)Linux
Google Chrome (67.0.3396.99) (For Debian)Linux
Multiple vulnerabilities fixed in Chrome 41.0.2272.76 (For Debian)Linux
Update for Google Chrome (45.0.2454.101) (For Centos)Linux
Update for Google Chrome (48.0.2564.103) (For Centos)Linux
Update for Google Chrome (48.0.2564.109) (For Centos)Linux
Update for Google Chrome (48.0.2564.116) (For Centos)Linux
Update for Google Chrome (51.0.2704.103) (For Centos)Linux
Update for Google Chrome (51.0.2704.106) (For Centos)Linux
Updates for Google Chrome (66.0.3359.170) (For Centos)Linux
Updates for Google Chrome (66.0.3359.181) (For Centos)Linux
Updates for Google Chrome (67.0.3396.62) (For Centos)Linux
Updates for Google Chrome (67.0.3396.79) (For Centos)Linux
Updates for Google Chrome (67.0.3396.87) (For Centos)Linux
Google Chrome (67.0.3396.99) (For Centos)Linux
Multiple vulnerabilities fixed in Chrome 41.0.2272.76 (For Centos)Linux
Update for Google Chrome (45.0.2454.101) (For RedHat)Linux
Update for Google Chrome (48.0.2564.103) (For RedHat)Linux
Update for Google Chrome (48.0.2564.109) (For RedHat)Linux
Update for Google Chrome (48.0.2564.116) (For RedHat)Linux
Update for Google Chrome (51.0.2704.103) (For RedHat)Linux
Update for Google Chrome (51.0.2704.106) (For RedHat)Linux
Updates for Google Chrome (66.0.3359.170) (For RedHat)Linux
Updates for Google Chrome (66.0.3359.181) (For RedHat)Linux
Updates for Google Chrome (67.0.3396.62) (For RedHat)Linux
Updates for Google Chrome (67.0.3396.79) (For RedHat)Linux
Updates for Google Chrome (67.0.3396.87) (For RedHat)Linux
Google Chrome (67.0.3396.99) (For RedHat)Linux
Multiple vulnerabilities fixed in Chrome 41.0.2272.76 (For RedHat)Linux
Update for Google Chrome (45.0.2454.101) (For Suse)Linux
Update for Google Chrome (48.0.2564.103) (For Suse)Linux
Update for Google Chrome (48.0.2564.109) (For Suse)Linux
Update for Google Chrome (48.0.2564.116) (For Suse)Linux
Update for Google Chrome (51.0.2704.103) (For Suse)Linux
Update for Google Chrome (51.0.2704.106) (For Suse)Linux
Updates for Google Chrome (66.0.3359.170) (For Suse)Linux
Updates for Google Chrome (66.0.3359.181) (For Suse)Linux
Updates for Google Chrome (67.0.3396.62) (For Suse)Linux
Updates for Google Chrome (67.0.3396.79) (For Suse)Linux
Updates for Google Chrome (67.0.3396.87) (For Suse)Linux
Google Chrome (67.0.3396.99) (For Suse)Linux
Multiple vulnerabilities fixed in Chrome 41.0.2272.76 (For Suse)Linux
Updates for Google Chrome (66.0.3359.181) (For Ubuntu)Linux
Updates for Google Chrome (67.0.3396.62) (For Ubuntu)Linux
Updates for Google Chrome (67.0.3396.79) (For Ubuntu)Linux
Updates for Google Chrome (67.0.3396.87) (For Ubuntu)Linux
Google Chrome (67.0.3396.99) (For Ubuntu)Linux
Multiple vulnerabilities fixed in Chrome 41.0.2272.76 (For Ubuntu)Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-302563Update for Google Chrome (45.0.2454.101)
PATCH-302570Update for Google Chrome x64 (45.0.2454.101)
PATCH-303147Update for Google Chrome (48.0.2564.103)
PATCH-303167Update for Google Chrome x64 (48.0.2564.103)
PATCH-303194Update for Google Chrome (48.0.2564.109)
PATCH-303195Update for Google Chrome x64 (48.0.2564.109)
PATCH-303196Update for Google Chrome (48.0.2564.116)
PATCH-303222Update for Google Chrome x64 (48.0.2564.116)
PATCH-303502Update for Google Chrome (51.0.2704.103)
PATCH-303503Update for Google Chrome x64 (51.0.2704.103)
PATCH-303504Update for Google Chrome (51.0.2704.106)
PATCH-303505Update for Google Chrome x64 (51.0.2704.106)
PATCH-307513Updates for Google Chrome (66.0.3359.170)
PATCH-307515Updates for Google Chrome (x64) (66.0.3359.170)
PATCH-307534Updates for Google Chrome (66.0.3359.181)
PATCH-307535Updates for Google Chrome (x64) (66.0.3359.181)
PATCH-307607Updates for Google Chrome (67.0.3396.62)
PATCH-307608Updates for Google Chrome (x64) (67.0.3396.62)
PATCH-307641Updates for Google Chrome (67.0.3396.79)
PATCH-307644Updates for Google Chrome (x64) (67.0.3396.79)
PATCH-307660Updates for Google Chrome (67.0.3396.87)
PATCH-307662Updates for Google Chrome (x64) (67.0.3396.87)
PATCH-307715Google Chrome (67.0.3396.99)
PATCH-307716Google Chrome (x64) (67.0.3396.99)
PATCH-313038Google Chrome (80.0.3987.122)
PATCH-313039Google Chrome (x64) (80.0.3987.122)
PATCH-611995Google Chrome for Mac (140.0.7339.132 , 140.0.7339.133)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234