CVE-2015-1235 in Google Chromeinfo

Summary

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element.

Reservation

01/21/2015

Disclosure

04/19/2015

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
74996Google Chrome HTML access control264UnprovenOfficial fixCVE-2015-1235

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!