Google Chrome Security Restriction Bypass Vulnerability (CVE-2015-2239)

Google Chrome Security Restriction Bypass Vulnerability (CVE-2015-2239)
Google Chrome Security Restriction Bypass Vulnerability (CVE-2015-2239)

Release date:
Updated on:

Affected Systems:

Google Chrome < 41.0.2272.76

Description:

Bugtraq id: 74855
CVE (CAN) ID: CVE-2015-2239

Google Chrome is a Web browser tool developed by Google.

In versions earlier than Google Chrome 41.0.2272.76, when using the Instant Extended mode, the interaction between the "1993 search" function and the restore-from-disk RELOAD transformation is improperly handled, this allows remote attackers to cheat the address bar on the search result page by cracking the search engine or XSS vulnerability.

<* Source: rohitrao
*>

Suggestion:

Vendor patch:

Google
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://code.google.com/p/chromium/issues/detail? Id = 256724

Http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html

Https://code.google.com/p/chromium/issues/detail? Id = 463349

Install Google Chrome in Ubuntu 14.04 LTS

Solution to Chrome dependency installation in Ubuntu 13.04

Install Chrome in openSUSE

Install Google Chrome 35 Beta for Linux Users

Install Google Chrome in CentOS 6.x

Chrome details: click here
Chrome: click here

This article permanently updates the link address: