Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-1748
HistoryMay 21, 2014 - 11:14 a.m.

CVE-2014-1748

2014-05-2111:14:00
NVD-CWE-noinfo
[email protected]
web.nvd.nist.gov
47
cve-2014-1748
scrollview
paint function
platform/scroll/scrollview.cpp
blink
google chrome
remote attackers
ui spoofing
scrollbar painting
parent frame

5.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

79.2%

JSON

The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.

Related

nessus 19
debiancve 1
ubuntucve 1
prion 1
freebsd 2
threatpost 1
debian 2
chrome 1
kaspersky 1
openvas 12
securityvulns 4
osv 1
ubuntu 2
fedora 5
mageia 1
gentoo 1
nessus
nessus
FreeBSD : webkit -- UI spoof (1091d2d1-cb2e-11e5-b14b-bcaec565249c)
2016-02-05 00:00:00
Google Chrome < 35.0.1916.114 Multiple Vulnerabilities
2014-05-22 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (64f3872b-e05d-11e3-9dd4-00262d5ed8ee)
2014-05-21 00:00:00
debiancve
debiancve
CVE-2014-1748
2014-05-21 11:14:00
ubuntucve
ubuntucve
CVE-2014-1748
2014-05-21 00:00:00
prion
prion
Code injection
2014-05-21 11:14:00
freebsd
freebsd
webkit -- UI spoof
2015-12-28 00:00:00
chromium -- multiple vulnerabilities
2014-05-20 00:00:00
threatpost
threatpost
Chrome 35 Fixes 23 Security Flaws
2014-05-20 14:11:21
debian
debian
[SECURITY] [DSA 2939-1] chromium-browser security update
2014-05-31 07:27:02
[SECURITY] [DSA 2939-1] chromium-browser security update
2014-05-31 07:27:02
chrome
chrome
Stable Channel Update
2014-05-20 00:00:00
kaspersky
kaspersky
KLA10007 Multiple vulnerabilities in Google Chrome
2014-05-20 00:00:00
openvas
openvas
Debian Security Advisory DSA 2939-1 (chromium-browser - security update)
2014-05-31 00:00:00
Google Chrome Multiple Vulnerabilities - 01 (Jun 2014) - Mac OS X
2014-06-04 00:00:00
Google Chrome Multiple Vulnerabilities - 01 (Jun 2014) - Linux
2014-06-04 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2939-1] chromium-browser security update
2014-06-09 00:00:00
APPLE-SA-2014-12-2-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1
2014-12-11 00:00:00
Apple Safari / Webkit multiple security vulnerabilities
2014-12-21 00:00:00
osv
osv
chromium-browser - security update
2014-05-31 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2014-07-23 00:00:00
WebKitGTK+ vulnerabilities
2016-03-21 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: webkitgtk-2.4.10-1.fc24
2016-03-27 00:38:11
[SECURITY] Fedora 23 Update: webkitgtk-2.4.10-1.fc23
2016-03-22 19:55:11
[SECURITY] Fedora 24 Update: webkitgtk3-2.4.10-1.fc24
2016-03-27 00:38:22
mageia
mageia
Updated webkit packages fix security vulnerability
2016-03-25 09:38:37
gentoo
gentoo
Chromium: Multiple vulnerabilities
2014-08-30 00:00:00

5.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

79.2%

JSON
Related for CVE-2014-1748
nessus19debiancve1ubuntucve1prion1freebsd2threatpost1debian2chrome1kaspersky1openvas12securityvulns4osv1ubuntu2fedora5mageia1gentoo1