CVE-2015-1300 : The FrameFetchContext::updateTimingInfoForIFrameNavigation function in core/loader/FrameFetchContext.cpp in Blink, as us

The FrameFetchContext::updateTimingInfoForIFrameNavigation function in core/loader/FrameFetchContext.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to obtain sensitive information via crafted JavaScript code that leverages a history.back call.

Published 2015-09-03 22:59:11

Updated 2016-12-22 02:59:34

Source Google Inc.

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2015-1300

Probability of exploitation activity in the next 30 days: 0.52%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 74 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2015-1300

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2015-1300

CWE-254

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-1300

https://code.google.com/p/chromium/issues/detail?id=511616

511616 - Security: Performance APIs reveal cross-origin URLs. - chromium - Monorail
http://www.securitytracker.com/id/1033472

Google Chrome Multiple Bugs Let Remote Users Execute Arbitrary Code, Bypass Security Restrictions, Obtain Potentially Sensitive Information, and Spoof Content - SecurityTracker

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html

openSUSE-SU-2015:1873-1: moderate: Security update for Chromium

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2015-1712.html

RHSA-2015:1712 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html

Chrome Releases: Stable Channel Update
Patch;Vendor Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html

openSUSE-SU-2015:1586-1: moderate: Security update for Chromium

CVEs referencing this url
https://security.gentoo.org/glsa/201603-09

Chromium: Multiple vulnerabilities (GLSA 201603-09) — Gentoo security

CVEs referencing this url
https://github.com/w3c/resource-timing/issues/29

Cached redirects + History traversal reveal cross-origin URLs · Issue #29 · w3c/resource-timing · GitHub

CVEs referencing this url
https://src.chromium.org/viewvc/blink?revision=199553&view=revision

[blink] Revision 199553
http://www.debian.org/security/2015/dsa-3351

Debian -- Security Information -- DSA-3351-1 chromium-browser

CVEs referencing this url

Products affected by CVE-2015-1300

Google » Chrome
Versions up to, including, (<=) 44.0.2403
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2015-1300

Exploit prediction scoring system (EPSS) score for CVE-2015-1300

CVSS scores for CVE-2015-1300

CWE ids for CVE-2015-1300

References for CVE-2015-1300

Products affected by CVE-2015-1300