118 matches found
CVE-2014-3803
CVE-2014-3803 affects Blink’s SpeechInput feature in Chrome/Chromium, enabling activation of microphone and eavesdropping on speech-input text without user consent via an INPUT element with -x-webkit-speech. Ubuntu USN-2298-1 confirms the issue in Blink and notes a security advisory; the risk is ...
CVE-2014-3803
The SpeechInput feature in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to enable microphone access and obtain speech-recognition text without indication via an INPUT element with a -x-webkit-speech attribute...
Updated chromium-browser-stable packages fix multiple vulnerabilities
Updated chromium-browser-stable packages fix security vulnerabilities: A type confusion issue was discovered in the v8 javascript library CVE-2014-1730. John Butler discovered a type confusion issue in the WebKit/Blink document object model implementation CVE-2014-1731. Khalil Zhani discovered a...
Debian Security Advisory DSA 2920-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2014-1730 A type confusion issue was discovered in the v8 javascript library. CVE-2014-1731 John Butler discovered a type confusion issue in the WebKit/Blink document object model implementation. CVE-2014-1732 Khalil...
FreeBSD : chromium -- multiple vulnerabilities (7cf25a0c-d031-11e3-947b-00262d5ed8ee)
Google Chrome Releases reports belatedly : 9 security fixes in this release, including : - 354967 High CVE-2014-1730: Type confusion in V8. Credit to Anonymous. - 349903 High CVE-2014-1731: Type confusion in DOM. Credit to John Butler. - 359802 High CVE-2014-1736: Integer overflow in V8. Credit t...
Google Chrome < 34.0.1847.132 (Linux) Multiple Vulnerabilities
Binary data 8241.pasl...
Google Chrome < 34.0.1847.131 (Windows) Multiple Vulnerabilities
Binary data 8242.pasl...
Google Chrome Multiple Vulnerabilities - 02 (Apr 2014) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Chrome Multiple Vulnerabilities - 02 (Apr 2014) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2014-1732
Use-after-free vulnerability in browser/ui/views/speechrecognitionbubbleviews.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that...
Design/Logic Flaw
Use-after-free vulnerability in browser/ui/views/speechrecognitionbubbleviews.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that...
CVE-2014-1732
Use-after-free vulnerability in browser/ui/views/speechrecognitionbubbleviews.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that...
UBUNTU-CVE-2014-1732
Use-after-free vulnerability in browser/ui/views/speechrecognitionbubbleviews.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that...
CVE-2014-1732
Removed by vendor...
CVE-2014-1732
Use-after-free vulnerability in browser/ui/views/speechrecognitionbubbleviews.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that...
Google Chrome < 34.0.1847.131 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is a version prior to 34.0.1847.131. It is, therefore, affected by the following vulnerabilities : - A buffer overflow error exists related to the included version of Flash Player. CVE-2014-0515 - Type confusion errors exist related to the...
Stable Channel Update
The Stable Channel has been updated to 34.0.1847.131 for Windows, Mac, and 34.0.1847.132 for Linux. This release also contains a Flash Player update, to version 13.0.0.206. Security Fixes and Rewards This update includes 9 security fixes. Below, we highlight fixes that were either contributed by...
Google Chrome vulnerability allows Websites to Eavesdrop on You
Just imagine, you are sitting in front of your laptop and your laptop is listening to your nearby conversations. What if the recorded audio from the system’s microphone is being instantly uploaded to a malicious website? Google has created a speech-recognition Application Programming Interface AP...
Updated chromium-browser-stable package fixes security vulnerabilities
Use-after-free in svg images CVE-2013-6663. Use-after-free in speech recognition CVE-2013-6664. Heap buffer overflow in software rendering CVE-2013-6665. Chrome allows requests in flash header request CVE-2013-6666. Various fixes from internal audits, fuzzing and other initiatives CVE-2013-6667...
FreeBSD : chromium -- multiple vulnerabilities (b4023753-a4ba-11e3-bec2-00262d5ed8ee)
Google Chrome Releases reports : 19 vulnerabilities fixed in this release, including : - 344492 High CVE-2013-6663: Use-after-free in svg images. Credit to Atte Kettunen of OUSPG. - 326854 High CVE-2013-6664: Use-after-free in speech recognition. Credit to Khalil Zhani. - 337882 High CVE-2013-666...