Lucene search

[email protected]CVE-2014-1724

HistoryApr 09, 2014 - 10:57 a.m.

CVE-2014-1724

2014-04-0910:57:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2014-1724

free(b)soft laboratory

speech dispatcher

vulnerability

google chrome

denial of service

nvd

6.9 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.4%

JSON

Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request.

CPENameOperatorVersion
google:chromegoogle chromele34.0.1847.115

CPE	Name	Operator	Version
google:chrome	google chrome	le	34.0.1847.115

References

googlechromereleases.blogspot.com/2014/04/stable-channel-update.html

lists.opensuse.org/opensuse-updates/2014-05/msg00012.html

security.gentoo.org/glsa/glsa-201408-16.xml

www.debian.org/security/2014/dsa-2905

code.google.com/p/chromium/issues/detail?id=327295

src.chromium.org/viewvc/chrome?revision=259109&view=revision

6.9 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.4%

JSON

Related for CVE-2014-1724

veracode1 seebug1 prion1 ubuntucve1 debiancve1 threatpost1 openvas7 nessus7 securityvulns2 debian2 mageia1 freebsd1 osv1 chrome1 gentoo1