Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-1244
Description:The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic.
Test IDs: 1.3.6.1.4.1.25623.1.0.703238  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-1244
Debian Security Information: DSA-3238 (Google Search)
http://www.debian.org/security/2015/dsa-3238
https://security.gentoo.org/glsa/201506-04
RedHat Security Advisories: RHSA-2015:0816
http://rhn.redhat.com/errata/RHSA-2015-0816.html
http://www.securitytracker.com/id/1032209
SuSE Security Announcement: openSUSE-SU-2015:0748 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html
SuSE Security Announcement: openSUSE-SU-2015:1887 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00024.html
http://ubuntu.com/usn/usn-2570-1




© 1998-2024 E-Soft Inc. All rights reserved.