Lucene search

K
cve[email protected]CVE-2014-1730
HistoryApr 26, 2014 - 10:55 a.m.

CVE-2014-1730

2014-04-2610:55:05
CWE-843
web.nvd.nist.gov
46
cve-2014-1730
google v8
google chrome
type confusion
access restrictions
internationalization metadata
remote attackers

6.1 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.005 Low

EPSS

Percentile

75.9%

Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging “type confusion” and reading property values, related to i18n.js and runtime.cc.

Affected configurations

NVD
Node
googlechromeRange<34.0.1847.131
AND
applemac_os_xMatch-
OR
microsoftwindowsMatch-
Node
googlechromeRange<34.0.1847.132
AND
linuxlinux_kernelMatch-

6.1 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.005 Low

EPSS

Percentile

75.9%