Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-3039-1
HistorySep 28, 2014 - 12:00 a.m.

chromium-browser - security update

2014-09-2800:00:00
Google
osv.dev
7

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Several vulnerabilities were discovered in the chromium web browser.

  • CVE-2014-3160
    Christian Schneider discovered a same origin bypass issue in SVG
    file resource fetching.
  • CVE-2014-3162
    The Google Chrome development team addressed multiple issues with
    potential security impact for chromium 36.0.1985.125.
  • CVE-2014-3165
    Colin Payne discovered a use-after-free issue in the Web Sockets
    implementation.
  • CVE-2014-3166
    Antoine Delignat-Lavaud discovered an information leak in the SPDY
    protocol implementation.
  • CVE-2014-3167
    The Google Chrome development team addressed multiple issues with
    potential security impact for chromium 36.0.1985.143.
  • CVE-2014-3168
    cloudfuzzer discovered a use-after-free issue in SVG image file
    handling.
  • CVE-2014-3169
    Andrzej Dyjak discovered a use-after-free issue in the Webkit/Blink
    Document Object Model implementation.
  • CVE-2014-3170
    Rob Wu discovered a way to spoof the url of chromium extensions.
  • CVE-2014-3171
    cloudfuzzer discovered a use-after-free issue in chromium’s v8
    bindings.
  • CVE-2014-3172
    Eli Grey discovered a way to bypass access restrictions using
    chromium’s Debugger extension API.
  • CVE-2014-3173
    jmuizelaar discovered an uninitialized read issue in WebGL.
  • CVE-2014-3174
    Atte Kettunen discovered an uninitialized read issue in Web Audio.
  • CVE-2014-3175
    The Google Chrome development team addressed multiple issues with
    potential security impact for chromium 37.0.2062.94.
  • CVE-2014-3176
    lokihardt@asrt discovered a combination of flaws that can lead to
    remote code execution outside of chromium’s sandbox.
  • CVE-2014-3177
    lokihardt@asrt discovered a combination of flaws that can lead to
    remote code execution outside of chromium’s sandbox.
  • CVE-2014-3178
    miaubiz discovered a use-after-free issue in the Document Object
    Model implementation in Blink/Webkit.
  • CVE-2014-3179
    The Google Chrome development team addressed multiple issues with
    potential security impact for chromium 37.0.2062.120.

For the stable distribution (wheezy), these problems have been fixed in
version 37.0.2062.120-1~deb7u1.

For the testing (jessie) and unstable (sid) distributions, these
problems have been fixed in version 37.0.2062.120-1.

We recommend that you upgrade your chromium-browser packages.

Related

debian 2
securityvulns 4
nessus 24
openvas 22
freebsd 4
suse 2
chrome 5
threatpost 2
ubuntu 4
kaspersky 1
gentoo 2
prion 17
ubuntucve 17
cve 17
debiancve 17
debian
debian
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-09-28 18:48:40
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-09-28 18:48:40
securityvulns
securityvulns
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-10-05 00:00:00
Google Chrome / Chromium multiple security vulnerabilities
2014-10-05 00:00:00
[USN-2320-1] Oxide vulnerabilities
2014-08-26 00:00:00
nessus
nessus
Debian DSA-3039-1 : chromium-browser - security update
2014-09-30 00:00:00
Google Chrome < 37.0.2062.94 Multiple Vulnerabilities (Mac OS X)
2014-08-27 00:00:00
Google Chrome < 37.0.2062.94 Multiple Vulnerabilities
2014-08-27 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3039-1)
2014-10-01 00:00:00
Debian Security Advisory DSA 3039-1 (chromium-browser - security update)
2014-10-01 00:00:00
Google Chrome Multiple Vulnerabilities - 01 (Sep 2014) - Windows
2014-09-11 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2014-08-26 00:00:00
chromium -- multiple vulnerabilities
2014-08-12 00:00:00
chromium -- multiple vulnerabilities
2014-07-16 00:00:00
suse
suse
chromium to 37.0.2062.94 (important)
2014-09-22 15:04:25
chromium: update to 36.0.1985.125 (important)
2014-08-11 10:09:58
chrome
chrome
Stable Channel Update
2014-08-26 00:00:00
Stable Channel Update
2014-08-12 00:00:00
Stable Channel Update for Chrome OS
2014-09-03 00:00:00
threatpost
threatpost
50 Security Flaws Fixed in Google Chrome
2014-08-26 10:40:00
Google Pushes Chrome 36, Fixes 12 Issues
2014-08-15 09:23:45
ubuntu
ubuntu
Oxide vulnerabilities
2014-09-02 00:00:00
Oxide vulnerabilities
2014-08-20 00:00:00
Oxide vulnerabilities
2014-10-14 00:00:00
kaspersky
kaspersky
KLA10176 Multiple vulnerabilities in Google Chrome
2014-08-13 00:00:00
gentoo
gentoo
Chromium: Multiple vulnerabilities
2014-09-19 00:00:00
Chromium: Multiple vulnerabilities
2014-08-30 00:00:00
prion
prion
Code injection
2014-08-27 01:55:00
Code injection
2014-08-27 01:55:00
Design/Logic Flaw
2014-08-27 01:55:00
ubuntucve
ubuntucve
CVE-2014-3177
2014-08-27 00:00:00
CVE-2014-3176
2014-08-27 00:00:00
CVE-2014-3160
2014-07-20 00:00:00
cve
cve
CVE-2014-3177
2014-08-27 01:55:00
CVE-2014-3176
2014-08-27 01:55:00
CVE-2014-3160
2014-07-20 11:12:00
debiancve
debiancve
CVE-2014-3176
2014-08-27 01:55:00
CVE-2014-3177
2014-08-27 01:55:00
CVE-2014-3160
2014-07-20 11:12:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-3039-1
debian2securityvulns4nessus24openvas22freebsd4suse2chrome5threatpost2ubuntu4kaspersky1gentoo2prion17ubuntucve17cve17debiancve17