CVE-2014-3154

2014-06-1110:57:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2014-3154

vulnerability

google chrome

filesystem api

remote attack

denial of service

6.9 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.4%

JSON

Use-after-free vulnerability in the ChildThread::Shutdown function in content/child/child_thread.cc in the filesystem API in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a Blink shutdown.

CPENameOperatorVersion
google:chromegoogle chromeeq35.0.1916.114
google:chromegoogle chromeeq35.0.1916.99
google:chromegoogle chromeeq35.0.1916.57
google:chromegoogle chromeeq35.0.1916.122
google:chromegoogle chromeeq35.0.1916.3
google:chromegoogle chromeeq35.0.1916.38
google:chromegoogle chromeeq35.0.1916.105
google:chromegoogle chromeeq35.0.1916.128
google:chromegoogle chromeeq35.0.1916.95
google:chromegoogle chromeeq35.0.1916.52

CPE	Name	Operator	Version
google:chrome	google chrome	eq	35.0.1916.114
google:chrome	google chrome	eq	35.0.1916.99
google:chrome	google chrome	eq	35.0.1916.57
google:chrome	google chrome	eq	35.0.1916.122
google:chrome	google chrome	eq	35.0.1916.3
google:chrome	google chrome	eq	35.0.1916.38
google:chrome	google chrome	eq	35.0.1916.105
google:chrome	google chrome	eq	35.0.1916.128
google:chrome	google chrome	eq	35.0.1916.95
google:chrome	google chrome	eq	35.0.1916.52