Lucene search

[email protected]CVE-2014-7908

HistoryNov 19, 2014 - 11:59 a.m.

CVE-2014-7908

2014-11-1911:59:09

CWE-189

[email protected]

web.nvd.nist.gov

cve-2014-7908

integer overflows

google chrome

denial of service

nvd

security vulnerability

media container

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.1%

JSON

Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a large atom in (1) MPEG-4 or (2) QuickTime .mov data.

Affected configurations

NVD

Node

googlechromeRange≤39.0.2171.45

CPENameOperatorVersion
google:chromegoogle chromele39.0.2171.45

CPE	Name	Operator	Version
google:chrome	google chrome	le	39.0.2171.45

References

googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html

rhn.redhat.com/errata/RHSA-2014-1894.html

secunia.com/advisories/60194

secunia.com/advisories/62608

www.securityfocus.com/bid/71168

www.securitytracker.com/id/1031241

chromium.googlesource.com/chromium/src/+/b2006ac87cec58363090e7d5e10d5d9e3bbda9f9

code.google.com/p/chromium/issues/detail?id=425980

exchange.xforce.ibmcloud.com/vulnerabilities/98796

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.1%

JSON

Related for CVE-2014-7908

cvelist1 prion1 nvd1 ubuntucve1 debiancve1 nessus10 ubuntu1 securityvulns2 openvas7 mageia1 redhat1 archlinux1 threatpost1 suse1 chrome1 freebsd1 gentoo1