Code Affecting chromium-browser package, versions <43.0.2357.81-0ubuntu0.14.04.1.1089


Severity

Recommended
0.0
medium
0
10

Based on Ubuntu security rating.

Threat Intelligence

EPSS
0.13% (50th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-UBUNTU1404-CHROMIUMBROWSER-411335
  • published19 Apr 2015
  • disclosed19 Apr 2015

Introduced: 19 Apr 2015

CVE-2015-3334  (opens in a new tab)
CWE-17  (opens in a new tab)

How to fix?

Upgrade Ubuntu:14.04 chromium-browser to version 43.0.2357.81-0ubuntu0.14.04.1.1089 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream chromium-browser package and not the chromium-browser package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

browser/ui/website_settings/website_settings.cc in Google Chrome before 42.0.2311.90 does not always display "Media: Allowed by you" in a Permissions table after the user has granted camera permission to a web site, which might make it easier for user-assisted remote attackers to obtain sensitive video data from a device's physical environment via a crafted web site that turns on the camera at a time when the user believes that camera access is prohibited.

CVSS Scores

version 3.1