Unrated severityNVD Advisory· Published Apr 19, 2015· Updated May 6, 2026
CVE-2015-1241
CVE-2015-1241
Description
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- code.google.com/p/chromium/issues/detailnvdExploitIssue TrackingVendor Advisory
- lists.opensuse.org/opensuse-updates/2015-04/msg00040.htmlnvdMitigationThird Party Advisory
- lists.opensuse.org/opensuse-updates/2015-11/msg00024.htmlnvdMitigationThird Party Advisory
- rhn.redhat.com/errata/RHSA-2015-0816.htmlnvdThird Party Advisory
- ubuntu.com/usn/usn-2570-1nvdThird Party Advisory
- www.debian.org/security/2015/dsa-3238nvdThird Party Advisory
- www.securitytracker.com/id/1032209nvdBroken LinkThird Party AdvisoryVDB Entry
- codereview.chromium.org/628763003nvdIssue TrackingVendor Advisory
- codereview.chromium.org/660663002nvdIssue TrackingVendor Advisory
- codereview.chromium.org/717573004nvdIssue TrackingVendor Advisory
- codereview.chromium.org/868123002nvdIssue TrackingVendor Advisory
- security.gentoo.org/glsa/201506-04nvdThird Party Advisory
- googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.htmlnvdRelease Notes
News mentions
0No linked articles in our index yet.