Launchpad CVE tracker

CVE 2015-6755

The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.

Related bugs and status

CVE-2015-6755 (Candidate) is related to these bugs:

Bug #1522411: Chromium in Ubuntu still to version 45.0.2454.101 not update to version 46.0.2490.71 as Debian Chromium present version.

Summary				In	Importance	Status
	1522411	Chromium in Ubuntu still to version 45.0.2454.101 not update to version 46.0.2490.71 as Debian Chromium present version.		chromium-browser (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://googlechromerel...
CONFIRM: https://code.google.co...
BID: 77071
GENTOO: GLSA-201603-09
REDHAT: RHSA-2015:1912
SECTRACK: 1033816
DEBIAN: DSA-3376
UBUNTU: USN-2770-1
UBUNTU: USN-2770-2
CONFIRM: https://src.chromium.o...

Launchpad.net

CVE 2015-6755

Related bugs and status

Related bugs

References