CVE-2015-2239

Publication date 9 March 2015

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Google Chrome before 41.0.2272.76, when Instant Extended mode is used, does not properly consider the interaction between the "1993 search" features and restore-from-disk RELOAD transitions, which makes it easier for remote attackers to spoof the address bar for a search-results page by leveraging (1) a compromised search engine or (2) an XSS vulnerability in a search engine, a different vulnerability than CVE-2015-1231.

Read the notes from the security team

Status

Package Ubuntu Release Status
chromium-browser 15.10 wily
Fixed 41.0.2272.76-0ubuntu1.1134
15.04 vivid
Fixed 41.0.2272.76-0ubuntu1.1134
14.10 utopic
Fixed 41.0.2272.76-0ubuntu0.14.10.1.1118
14.04 LTS trusty
Fixed 41.0.2272.76-0ubuntu0.14.04.1.1076
12.04 LTS precise Ignored
10.04 LTS lucid Ignored end of life
oxide-qt 15.10 wily
Not affected
15.04 vivid
Not affected
14.10 utopic
Not affected
14.04 LTS trusty Not in release
12.04 LTS precise Not in release
10.04 LTS lucid Not in release

Notes

chrisccouson

Looks like this is a browser bug