Lucene search
ChromeCVE-2014-3201HistoryOct 10, 2014 - 1:55 a.m.
CVE-2014-3201
2014-10-1001:55:08
CWE-119
Chrome
web.nvd.nist.gov
26
cve-2014-3201
vulnerability
blink
google chrome
android
nvd
remote attackers
spoofing
web security
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
High
EPSS
0.002
Percentile
58.8%
core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used in Google Chrome before 38.0.2125.102 on Android, does not properly handle a certain IFRAME overflow condition, which allows remote attackers to spoof content via a crafted web site that interferes with the scrollbar.
Affected configurations
Node
googlechromeRange≤38.0.2125.101android
Related
prion
prion
Design/Logic Flaw
2014-10-10 01:55:00
cvelist
cvelist
CVE-2014-3201
2014-10-10 01:00:00
debiancve
debiancve
CVE-2014-3201
2014-10-10 01:55:00
nvd
nvd
CVE-2014-3201
2014-10-10 01:55:08
ubuntucve
ubuntucve
CVE-2014-3201
2014-10-10 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
High
EPSS
0.002
Percentile
58.8%
Related for CVE-2014-3201