Lucene search
HistoryMar 16, 2014 - 2:06 p.m.
CVE-2014-1702
cve-2014-1702
vulnerability
databasethread
blink
google chrome
remote attack
denial of service
nvd
7 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.4%
Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of scheduled tasks during shutdown of a thread.
Affected configurations
Node
googlechromeRange≤33.0.1750.146
ORgooglechromeMatch33.0.1750.0
ORgooglechromeMatch33.0.1750.1
ORgooglechromeMatch33.0.1750.2
ORgooglechromeMatch33.0.1750.3
ORgooglechromeMatch33.0.1750.4
ORgooglechromeMatch33.0.1750.5
ORgooglechromeMatch33.0.1750.6
ORgooglechromeMatch33.0.1750.7
ORgooglechromeMatch33.0.1750.8
ORgooglechromeMatch33.0.1750.9
ORgooglechromeMatch33.0.1750.10
ORgooglechromeMatch33.0.1750.11
ORgooglechromeMatch33.0.1750.12
ORgooglechromeMatch33.0.1750.13
ORgooglechromeMatch33.0.1750.14
ORgooglechromeMatch33.0.1750.15
ORgooglechromeMatch33.0.1750.16
ORgooglechromeMatch33.0.1750.18
ORgooglechromeMatch33.0.1750.19
ORgooglechromeMatch33.0.1750.20
ORgooglechromeMatch33.0.1750.21
ORgooglechromeMatch33.0.1750.22
ORgooglechromeMatch33.0.1750.23
ORgooglechromeMatch33.0.1750.24
ORgooglechromeMatch33.0.1750.25
ORgooglechromeMatch33.0.1750.26
ORgooglechromeMatch33.0.1750.27
ORgooglechromeMatch33.0.1750.28
ORgooglechromeMatch33.0.1750.29
ORgooglechromeMatch33.0.1750.30
ORgooglechromeMatch33.0.1750.31
ORgooglechromeMatch33.0.1750.34
ORgooglechromeMatch33.0.1750.35
ORgooglechromeMatch33.0.1750.36
ORgooglechromeMatch33.0.1750.37
ORgooglechromeMatch33.0.1750.38
ORgooglechromeMatch33.0.1750.39
ORgooglechromeMatch33.0.1750.40
ORgooglechromeMatch33.0.1750.41
ORgooglechromeMatch33.0.1750.42
ORgooglechromeMatch33.0.1750.43
ORgooglechromeMatch33.0.1750.44
ORgooglechromeMatch33.0.1750.45
ORgooglechromeMatch33.0.1750.46
ORgooglechromeMatch33.0.1750.47
ORgooglechromeMatch33.0.1750.48
ORgooglechromeMatch33.0.1750.49
ORgooglechromeMatch33.0.1750.50
ORgooglechromeMatch33.0.1750.51
ORgooglechromeMatch33.0.1750.52
ORgooglechromeMatch33.0.1750.53
ORgooglechromeMatch33.0.1750.54
ORgooglechromeMatch33.0.1750.55
ORgooglechromeMatch33.0.1750.56
ORgooglechromeMatch33.0.1750.57
ORgooglechromeMatch33.0.1750.58
ORgooglechromeMatch33.0.1750.59
ORgooglechromeMatch33.0.1750.60
ORgooglechromeMatch33.0.1750.61
ORgooglechromeMatch33.0.1750.62
ORgooglechromeMatch33.0.1750.63
ORgooglechromeMatch33.0.1750.64
ORgooglechromeMatch33.0.1750.65
ORgooglechromeMatch33.0.1750.66
ORgooglechromeMatch33.0.1750.67
ORgooglechromeMatch33.0.1750.68
ORgooglechromeMatch33.0.1750.69
ORgooglechromeMatch33.0.1750.70
ORgooglechromeMatch33.0.1750.71
ORgooglechromeMatch33.0.1750.73
ORgooglechromeMatch33.0.1750.74
ORgooglechromeMatch33.0.1750.75
ORgooglechromeMatch33.0.1750.76
ORgooglechromeMatch33.0.1750.77
ORgooglechromeMatch33.0.1750.79
ORgooglechromeMatch33.0.1750.80
ORgooglechromeMatch33.0.1750.81
ORgooglechromeMatch33.0.1750.82
ORgooglechromeMatch33.0.1750.83
ORgooglechromeMatch33.0.1750.85
ORgooglechromeMatch33.0.1750.88
ORgooglechromeMatch33.0.1750.89
ORgooglechromeMatch33.0.1750.90
ORgooglechromeMatch33.0.1750.91
ORgooglechromeMatch33.0.1750.92
ORgooglechromeMatch33.0.1750.93
ORgooglechromeMatch33.0.1750.104
ORgooglechromeMatch33.0.1750.106
ORgooglechromeMatch33.0.1750.107
ORgooglechromeMatch33.0.1750.108
ORgooglechromeMatch33.0.1750.109
ORgooglechromeMatch33.0.1750.110
ORgooglechromeMatch33.0.1750.111
ORgooglechromeMatch33.0.1750.112
ORgooglechromeMatch33.0.1750.113
ORgooglechromeMatch33.0.1750.115
ORgooglechromeMatch33.0.1750.116
ORgooglechromeMatch33.0.1750.117
ORgooglechromeMatch33.0.1750.124
ORgooglechromeMatch33.0.1750.125
ORgooglechromeMatch33.0.1750.126
ORgooglechromeMatch33.0.1750.132
ORgooglechromeMatch33.0.1750.133
ORgooglechromeMatch33.0.1750.135
ORgooglechromeMatch33.0.1750.136
ORgooglechromeMatch33.0.1750.144
References
googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html
lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html
security.gentoo.org/glsa/glsa-201408-16.xml
www.debian.org/security/2014/dsa-2883
www.securitytracker.com/id/1029914
code.google.com/p/chromium/issues/detail?id=333058
src.chromium.org/viewvc/blink?revision=168059&view=revision
Related
prion
prion
Design/Logic Flaw
2014-03-16 14:06:00
debiancve
debiancve
CVE-2014-1702
2014-03-16 14:06:00
cvelist
cvelist
CVE-2014-1702
2014-03-16 10:00:00
ubuntucve
ubuntucve
CVE-2014-1702
2014-03-16 00:00:00
nvd
nvd
CVE-2014-1702
2014-03-16 14:06:45
threatpost
threatpost
Google Fixes Four High-Risk Flaws in Chrome Before Pwn2Own
2014-03-12 15:09:51
openvas
openvas
Google Chrome Multiple Vulnerabilities-02 (Mar 2014) - Windows
2014-03-19 00:00:00
Google Chrome Multiple Vulnerabilities-02 (Mar 2014) - Mac OS X
2014-03-19 00:00:00
Google Chrome Multiple Vulnerabilities-02 (Mar 2014) - Linux
2014-03-19 00:00:00
freebsd
freebsd
www/chromium --multiple vulnerabilities
2014-03-11 00:00:00
nessus
nessus
Google Chrome < 33.0.1750.149 Multiple Vulnerabilities (Mac OS X)
2014-03-11 00:00:00
Google Chrome < 33.0.1750.149 Multiple Vulnerabilities
2014-03-11 00:00:00
chrome
chrome
Stable Channel Update
2014-03-11 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerabilities
2014-03-19 21:33:30
suse
suse
chromium to 33.0.1750.152 stable release (important)
2014-04-09 19:04:26
securityvulns
securityvulns
Chromium / Google Chrome multiple security vulnerabilities
2014-03-27 00:00:00
[SECURITY] [DSA 2883-1] chromium-browser security update
2014-03-25 00:00:00
debian
debian
[SECURITY] [DSA 2883-1] chromium-browser security update
2014-03-24 01:02:13
[SECURITY] [DSA 2883-1] chromium-browser security update
2014-03-24 01:02:13
osv
osv
chromium-browser - security update
2014-03-23 00:00:00
gentoo
gentoo
Chromium: Multiple vulnerabilities
2014-08-30 00:00:00
7 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.4%
Related for CVE-2014-1702