High severity8.8NVD Advisory· Published Jul 25, 2017· Updated May 13, 2026

CVE-2015-1332

Description

The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted website.

Affected products

Oxide Project/Oxide
cpe:2.3:a:oxide_project:oxide:*:*:*:*:*:*:*:*
Range: <=1.9.0
Canonical/Ubuntu Linux2 versions
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1332.htmlnvdThird Party Advisory
www.securityfocus.com/bid/76710nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-2735-1nvdVendor Advisory
launchpad.net/ubuntu/+source/oxide-qt/1.9.1-0ubuntu0.15.04.1nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000