CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
88.2%
modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in
Blink, as used in Google Chrome before 37.0.2062.94, does not properly
consider concurrent threads during attempts to update biquad filter
coefficients, which allows remote attackers to cause a denial of service
(read of uninitialized memory) via crafted API calls.
googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
crbug.com/389219
launchpad.net/bugs/cve/CVE-2014-3174
nvd.nist.gov/vuln/detail/CVE-2014-3174
security-tracker.debian.org/tracker/CVE-2014-3174
src.chromium.org/viewvc/blink?revision=177250&view=revision
ubuntu.com/security/notices/USN-2326-1
www.cve.org/CVERecord?id=CVE-2014-3174