CVE-2011-5319

Publication date 9 March 2015

Last updated 24 July 2024


Ubuntu priority

content/renderer/device_sensors/device_motion_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate accelerometer data, which makes it easier for remote attackers to capture keystrokes via a crafted web site that listens for ondevicemotion events, a different vulnerability than CVE-2015-1231.

Status

Package Ubuntu Release Status
chromium-browser 15.10 wily
Fixed 41.0.2272.76-0ubuntu1.1134
15.04 vivid
Fixed 41.0.2272.76-0ubuntu1.1134
14.10 utopic
Fixed 41.0.2272.76-0ubuntu0.14.10.1.1118
14.04 LTS trusty
Fixed 41.0.2272.76-0ubuntu0.14.04.1.1076
12.04 LTS precise Ignored
10.04 LTS lucid Ignored end of life