ChromeCVELIST:CVE-2014-1730CVE-2014-1730
Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging “type confusion” and reading property values, related to i18n.js and runtime.cc.
References
googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
lists.opensuse.org/opensuse-updates/2014-05/msg00049.html
lists.opensuse.org/opensuse-updates/2014-05/msg00050.html
secunia.com/advisories/58301
secunia.com/advisories/60372
security.gentoo.org/glsa/glsa-201408-16.xml
www.debian.org/security/2014/dsa-2920
code.google.com/p/chromium/issues/detail?id=354967
code.google.com/p/v8/source/detail?r=20375
code.google.com/p/v8/source/detail?r=20377
code.google.com/p/v8/source/detail?r=20388
code.google.com/p/v8/source/detail?r=20593
code.google.com/p/v8/source/detail?r=20595
Related
