Denial of Service Vulnerability in Oxide-Qt by Canonical
CVE-2015-1332

8.8HIGH

Key Information:

Vendor
Canonical
Vendor
CVE Published:
25 July 2017

Summary

The Oxide-Qt framework, prior to version 1.9.1, contains a vulnerability in the JavaScriptDialogManager function that can be exploited by remote attackers. By crafting a malicious website, attackers may trigger a denial of service, leading to an application crash, or potentially execute arbitrary code on the affected systems. This vulnerability highlights the need for users to update their Oxide-Qt installations to the latest version to mitigate risks.

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.