Unrated severityNVD Advisory· Published Apr 19, 2015· Updated Jun 17, 2026
CVE-2015-1241
CVE-2015-1241
Description
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
13- code.google.com/p/chromium/issues/detailnvdExploitIssue TrackingVendor Advisory
- lists.opensuse.org/opensuse-updates/2015-04/msg00040.htmlnvdMitigationThird Party Advisory
- lists.opensuse.org/opensuse-updates/2015-11/msg00024.htmlnvdMitigationThird Party Advisory
- rhn.redhat.com/errata/RHSA-2015-0816.htmlnvdThird Party Advisory
- ubuntu.com/usn/usn-2570-1nvdThird Party Advisory
- www.debian.org/security/2015/dsa-3238nvdThird Party Advisory
- www.securitytracker.com/id/1032209nvdBroken LinkThird Party AdvisoryVDB Entry
- codereview.chromium.org/628763003nvdIssue TrackingVendor Advisory
- codereview.chromium.org/660663002nvdIssue TrackingVendor Advisory
- codereview.chromium.org/717573004nvdIssue TrackingVendor Advisory
- codereview.chromium.org/868123002nvdIssue TrackingVendor Advisory
- security.gentoo.org/glsa/201506-04nvdThird Party Advisory
- googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.htmlnvdRelease Notes
News mentions
0No linked articles in our index yet.