CVE-2014-1742

2014-05-1411:13:00

CWE-399

[email protected]

web.nvd.nist.gov

information security

cve-2014-1742

vulnerability

denial of service

google chrome

remote attack

6.9 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.5%

JSON

Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling.

CPENameOperatorVersion
google:chromegoogle chromeeq34.0.1847.68
google:chromegoogle chromeeq34.0.1847.41
google:chromegoogle chromeeq34.0.1847.37
google:chromegoogle chromeeq34.0.1847.85
google:chromegoogle chromeeq34.0.1847.92
google:chromegoogle chromeeq34.0.1847.46
google:chromegoogle chromeeq34.0.1847.3
google:chromegoogle chromeeq34.0.1847.104
google:chromegoogle chromeeq34.0.1847.99
google:chromegoogle chromeeq34.0.1847.67

CPE	Name	Operator	Version
google:chrome	google chrome	eq	34.0.1847.68
google:chrome	google chrome	eq	34.0.1847.41
google:chrome	google chrome	eq	34.0.1847.37
google:chrome	google chrome	eq	34.0.1847.85
google:chrome	google chrome	eq	34.0.1847.92
google:chrome	google chrome	eq	34.0.1847.46
google:chrome	google chrome	eq	34.0.1847.3
google:chrome	google chrome	eq	34.0.1847.104
google:chrome	google chrome	eq	34.0.1847.99
google:chrome	google chrome	eq	34.0.1847.67