Lucene search

[email protected]CVE-2014-1722

HistoryApr 09, 2014 - 10:57 a.m.

CVE-2014-1722

2014-04-0910:57:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2014-1722

use-after-free vulnerability

renderblock

blink

google chrome

remote attackers

denial of service

6.9 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.3%

JSON

Use-after-free vulnerability in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving addition of a child node.

CPENameOperatorVersion
google:chromegoogle chromele34.0.1847.115

CPE	Name	Operator	Version
google:chrome	google chrome	le	34.0.1847.115

References

googlechromereleases.blogspot.com/2014/04/stable-channel-update.html

lists.opensuse.org/opensuse-updates/2014-05/msg00012.html

security.gentoo.org/glsa/glsa-201408-16.xml

www.debian.org/security/2014/dsa-2905

code.google.com/p/chromium/issues/detail?id=330626

src.chromium.org/viewvc/blink?revision=164405&view=revision

6.9 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.3%

JSON

Related for CVE-2014-1722

prion1 seebug1 debiancve1 ubuntucve1 threatpost1 osv1 nessus7 securityvulns2 openvas7 freebsd1 debian2 chrome1 mageia1 gentoo1