Bug ID 931659
Summary VUL-0: CVE-2015-1251: chromium-browser: Use-after-free in Speech.
Classification openSUSE
Product openSUSE Distribution
Version 13.2
Hardware Other
OS Other
Status NEW
Severity Major
Priority P5 - None
Component Security
Assignee tittiatcoke@gmail.com
Reporter abergmann@suse.com
QA Contact qa-bugs@suse.de
Found By Security Response Team
Blocker ---

ZDI-15-236:

This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Google Chrome. User interaction is required to
exploit this vulnerability in that the target must visit a malicious page or
open a malicious file.

The specific flaw exists within SpeechRecognitionClient.   By manipulating a
document's elements, an attacker can force a dangling pointer to be reused
after
it has been freed. An attacker can leverage this vulnerability to execute code
under the context of the current process.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1223258
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1251
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1251
http://www.zerodayinitiative.com/advisories/ZDI-15-236/


You are receiving this mail because: