Bug 916843 (CVE-2015-1210) - VUL-0: CVE-2015-1210: chromium-browser: cross-origin-bypass in V8 bindings
Summary: VUL-0: CVE-2015-1210: chromium-browser: cross-origin-bypass in V8 bindings
Status: RESOLVED FIXED
Alias: CVE-2015-1210
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other openSUSE 13.2
: P3 - Medium : Major
Target Milestone: ---
Assignee: Forgotten User sM9JzehKpy
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/113589/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-02-09 09:45 UTC by Johannes Segitz
Modified: 2015-03-06 14:31 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2015-02-09 09:45:46 UTC 
rh#1190124

The V8ThrowException::createDOMException function in
bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in
Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before
40.0.2214.109 on Android, does not properly consider frame access restrictions
during the throwing of an exception, which allows remote attackers to bypass the
Same Origin Policy via a crafted web site.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1190124
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1210
http://www.cvedetails.com/cve/CVE-2015-1210/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1210
https://code.google.com/p/chromium/issues/detail?id=453979
https://src.chromium.org/viewvc/blink?revision=189365&view=revision
Comment 1 Bernhard Wiedemann 2015-02-09 12:00:17 UTC 
This is an autogenerated message for OBS integration:
This bug (916843) was mentioned in
https://build.opensuse.org/request/show/284840 13.1 / chromium
https://build.opensuse.org/request/show/284841 13.2 / chromium
Comment 2 Swamp Workflow Management 2015-02-09 23:00:52 UTC 
bugbot adjusting priority
Comment 3 Swamp Workflow Management 2015-03-06 12:05:41 UTC 
openSUSE-SU-2015:0441-1: An update that fixes 31 vulnerabilities is now available.

Category: security (important)
Bug References: 914468,916838,916840,916841,916843
CVE References: CVE-2014-7923,CVE-2014-7924,CVE-2014-7925,CVE-2014-7926,CVE-2014-7927,CVE-2014-7928,CVE-2014-7929,CVE-2014-7930,CVE-2014-7931,CVE-2014-7932,CVE-2014-7933,CVE-2014-7934,CVE-2014-7935,CVE-2014-7936,CVE-2014-7937,CVE-2014-7938,CVE-2014-7939,CVE-2014-7940,CVE-2014-7941,CVE-2014-7942,CVE-2014-7943,CVE-2014-7944,CVE-2014-7945,CVE-2014-7946,CVE-2014-7947,CVE-2014-7948,CVE-2015-1205,CVE-2015-1209,CVE-2015-1210,CVE-2015-1211,CVE-2015-1212
Sources used:
openSUSE 13.2 (src):    chromium-40.0.2214.111-13.4
openSUSE 13.1 (src):    chromium-40.0.2214.111-68.2
Comment 4 Marcus Meissner 2015-03-06 14:31:13 UTC 
released