Denial of Service Vulnerability in Oxide-Qt by Canonical
CVE-2015-1332
8.8HIGH
Summary
The Oxide-Qt framework, prior to version 1.9.1, contains a vulnerability in the JavaScriptDialogManager function that can be exploited by remote attackers. By crafting a malicious website, attackers may trigger a denial of service, leading to an application crash, or potentially execute arbitrary code on the affected systems. This vulnerability highlights the need for users to update their Oxide-Qt installations to the latest version to mitigate risks.
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved