CVE-2015-1229

net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 (aka Proxy Authentication Required) HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Configuration 2 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.6.z:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*

Information

Published : 2015-03-08 17:59

Updated : 2016-12-21 18:59


NVD link : CVE-2015-1229

Mitre link : CVE-2015-1229


JSON object : View

CWE
CWE-19

Data Processing Errors

Advertisement

dedicated server usa

Products Affected

redhat

  • enterprise_linux_server_supplementary_eus
  • enterprise_linux_desktop_supplementary
  • enterprise_linux_workstation_supplementary
  • enterprise_linux_server

google

  • chrome

canonical

  • ubuntu_linux