Vulnerability Details : CVE-2015-1244
The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic.
Publish Date : 2015-04-19 Last Update Date : 2015-04-20
- CVSS Scores & Vulnerability Types
- Related OVAL Definitions
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.
- Products Affected By CVE-2015-1244
- Number Of Affected Versions By Product
- References For CVE-2015-1244
- Metasploit Modules Related To CVE-2015-1244
There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information)