CVE-2015-1321
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
29/04/2015
Last modified:
30/04/2015
Description
Use-after-free vulnerability in the file picker implementation in Oxide before 1.6.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted webpage.
Impact
Base Score 2.0
6.80
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* | ||
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:* | ||
cpe:2.3:o:canonical:ubuntu_linux:15.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:oxide_project:oxide:*:*:*:*:*:*:*:* | 1.6.4 (including) |
To consult the complete list of CPE names with products and versions, see this page