CVE-2014-3177

2014-08-2701:55:00

CWE-94

[email protected]

web.nvd.nist.gov

google chrome

cve-2014-3177

remote code execution

nvd

security vulnerability

7.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.063 Low

EPSS

Percentile

93.5%

JSON

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176.

CPENameOperatorVersion
google:chromegoogle chromeeq37.0.2062.49
google:chromegoogle chromeeq37.0.2062.60
google:chromegoogle chromeeq37.0.2062.44
google:chromegoogle chromeeq37.0.2062.31
google:chromegoogle chromeeq37.0.2062.11
google:chromegoogle chromeeq37.0.2062.51
google:chromegoogle chromeeq37.0.2062.76
google:chromegoogle chromeeq37.0.2062.28
google:chromegoogle chromeeq37.0.2062.48
google:chromegoogle chromeeq37.0.2062.78

CPE	Name	Operator	Version
google:chrome	google chrome	eq	37.0.2062.49
google:chrome	google chrome	eq	37.0.2062.60
google:chrome	google chrome	eq	37.0.2062.44
google:chrome	google chrome	eq	37.0.2062.31
google:chrome	google chrome	eq	37.0.2062.11
google:chrome	google chrome	eq	37.0.2062.51
google:chrome	google chrome	eq	37.0.2062.76
google:chrome	google chrome	eq	37.0.2062.28
google:chrome	google chrome	eq	37.0.2062.48
google:chrome	google chrome	eq	37.0.2062.78