CVE-2014-1748

2014-05-2100:00:00

ubuntu.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

79.2%

JSON

The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink,
as used in Google Chrome before 35.0.1916.114, allows remote attackers to
spoof the UI by extending scrollbar painting into the parent frame.

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchchromium-browser< 36.0.1985.125-0ubuntu1.12.04.0~pkg897UNKNOWN
ubuntu14.04noarchchromium-browser< 36.0.1985.125-0ubuntu1.14.04.0~pkg1029UNKNOWN
ubuntu14.04noarchoxide-qt< 1.0.4-0ubuntu0.14.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	12.04	noarch	chromium-browser	< 36.0.1985.125-0ubuntu1.12.04.0~pkg897	UNKNOWN
ubuntu	14.04	noarch	chromium-browser	< 36.0.1985.125-0ubuntu1.14.04.0~pkg1029	UNKNOWN
ubuntu	14.04	noarch	oxide-qt	< 1.0.4-0ubuntu0.14.04.1	UNKNOWN