Google Chrome ScopedClipboardWriter::WritePickledData任意代码执行漏洞

Bugtraq ID:66252 CVE ID:CVE-2014-1714 Google Chrome是一款流行的WEB浏览器。 Google Chrome中ScopedClipboardWriter::WritePickledData函数ui/base/clipboard/scopedclipboardwriter.cc没有正确校验部分格式值漏洞，允许远程攻击者利用漏洞构建恶意WEB页，诱使用户解析，可使应用程序崩溃或执行任意代码。 0 Google Chrome Chrome 33.0.1750.152和33.0.1750.154已经修复该漏洞，建议用户下载更新：...

Code injection

The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scopedclipboardwriter.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does not verify a certain format value, which allows remote attackers to cause a denial of service or...

CVE-2014-1714

The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scopedclipboardwriter.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does not verify a certain format value, which allows remote attackers to cause a denial of service or...

CVE-2014-1714

Chromium/Google Chrome CVE-2014-1714 affects Windows, macOS, and Linux. The flaw is in ScopedClipboardWriter::WritePickledData where a clipboard format value is not verified, enabling a remote attacker to cause denial of service or other impact via clipboard-related vectors. Affected versions are...