CVE-2015-6783 - Vulnerability Details - OpenCVE

The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP archive.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Android Chrome

Configuration 1 [-]

AND

OR	cpe:2.3:o:google:android:5.0:::::::*
	cpe:2.3:o:google:android:6.0:::::::*

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html
http://www.securityfocus.com/bid/78416
http://www.securitytracker.com/id/1034298
https://chromium.googlesource.com/chromium/src.git/+/d9e316238aee59acf665d80b544cf4e1edfd3349
https://code.google.com/p/chromium/issues/detail?id=537205
https://nvd.nist.gov/vuln/detail/CVE-2015-6783
https://security.gentoo.org/glsa/201603-09
https://www.cve.org/CVERecord?id=CVE-2015-6783

History

No history.

MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2015-12-06T01:00:00

Updated: 2024-08-06T07:29:24.866Z

Reserved: 2015-08-31T00:00:00

Link: CVE-2015-6783

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2015-12-06T01:59:20.527

Modified: 2025-04-12T10:46:40.837

Link: CVE-2015-6783

Redhat

Severity : Moderate

Publid Date: 2015-12-01T00:00:00Z

Links: CVE-2015-6783 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-12-01T00:00:00", "descriptions": [{"lang": "en", "value": "The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP archive."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-13T09:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/chromium/issues/detail?id=537205"}, {"name": "openSUSE-SU-2015:2290", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"}, {"name": "GLSA-201603-09", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201603-09"}, {"name": "78416", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/78416"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://chromium.googlesource.com/chromium/src.git/+/d9e316238aee59acf665d80b544cf4e1edfd3349"}, {"name": "openSUSE-SU-2015:2291", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"}, {"name": "1034298", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034298"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2015-6783", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP archive."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"}, {"name": "https://code.google.com/p/chromium/issues/detail?id=537205", "refsource": "CONFIRM", "url": "https://code.google.com/p/chromium/issues/detail?id=537205"}, {"name": "openSUSE-SU-2015:2290", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"}, {"name": "GLSA-201603-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-09"}, {"name": "78416", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78416"}, {"name": "https://chromium.googlesource.com/chromium/src.git/+/d9e316238aee59acf665d80b544cf4e1edfd3349", "refsource": "CONFIRM", "url": "https://chromium.googlesource.com/chromium/src.git/+/d9e316238aee59acf665d80b544cf4e1edfd3349"}, {"name": "openSUSE-SU-2015:2291", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"}, {"name": "1034298", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034298"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:29:24.866Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/chromium/issues/detail?id=537205"}, {"name": "openSUSE-SU-2015:2290", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"}, {"name": "GLSA-201603-09", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201603-09"}, {"name": "78416", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/78416"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://chromium.googlesource.com/chromium/src.git/+/d9e316238aee59acf665d80b544cf4e1edfd3349"}, {"name": "openSUSE-SU-2015:2291", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"}, {"name": "1034298", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034298"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2015-6783", "datePublished": "2015-12-06T01:00:00", "dateReserved": "2015-08-31T00:00:00", "dateUpdated": "2024-08-06T07:29:24.866Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "7C4E6353-B77A-464F-B7DE-932704003B33", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E70C6D8D-C9C3-4D92-8DFC-71F59E068295", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "C12CC8E6-3341-4505-99CF-384840C20815", "versionEndIncluding": "46.0.2490.86", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP archive."}, {"lang": "es", "value": "La funci\u00f3n FindStartOffsetOfFileInZipFile en crazy_linker_zip.cpp en crazy_linker (tambi\u00e9n conocida como Crazy Linker) en Android 5.x y 6.x, como se utiliza en Google Chrome en versiones anteriores a 47.0.2526.73, realiza b\u00fasquedas de manera incorrecta para un registro EOCD, lo que permite a atacantes eludir un requerimiento de validaci\u00f3n de firma a trav\u00e9s de un archivo ZIP manipulado."}], "id": "CVE-2015-6783", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2015-12-06T01:59:20.527", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.securityfocus.com/bid/78416"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.securitytracker.com/id/1034298"}, {"source": "chrome-cve-admin@google.com", "url": "https://chromium.googlesource.com/chromium/src.git/+/d9e316238aee59acf665d80b544cf4e1edfd3349"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/chromium/issues/detail?id=537205"}, {"source": "chrome-cve-admin@google.com", "url": "https://security.gentoo.org/glsa/201603-09"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/78416"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1034298"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://chromium.googlesource.com/chromium/src.git/+/d9e316238aee59acf665d80b544cf4e1edfd3349"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/chromium/issues/detail?id=537205"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201603-09"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}