CVE-2015-1332

Publication date 8 September 2015

Last updated 25 August 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

8.8 · High

Score breakdown

Description

The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted website.

Status

Package Ubuntu Release Status
oxide-qt 15.04 vivid
Fixed 1.9.1-0ubuntu0.15.04.1
14.04 LTS trusty
Fixed 1.9.1-0ubuntu0.14.04.2
12.04 LTS precise Not in release

Severity score breakdown

CVSS version: CVSS v3.0

Base score 8.8 · High

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

Related Ubuntu Security Notices (USN)

    • USN-2735-1
    • Oxide vulnerabilities
    • 8 September 2015

Other references

Access our resources on patching vulnerabilities