CVE-2014-1742

Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://code.google.com/p/chromium/issues/detail?id=356690
https://src.chromium.org/viewvc/blink?revision=171440&view=revision
http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html	Vendor Advisory
http://www.debian.org/security/2014/dsa-2930
http://secunia.com/advisories/59155
http://www.securitytracker.com/id/1030240
http://www.securityfocus.com/bid/67375
http://security.gentoo.org/glsa/glsa-201408-16.xml
http://secunia.com/advisories/60372
http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:google:chrome:34.0.1847.135:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.1:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.109:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.111:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.12:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.120:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.2:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.23:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.39:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.4:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.47:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.37:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.104:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.71:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.116:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.56:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.79:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.87:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.7:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.38:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.8:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.62:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.15:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.103:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.14:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.55:::::::*
	cpe:2.3:a:google:chrome::::::::
	cpe:2.3:a:google:chrome:34.0.1847.63:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.118:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.48:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.9:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.0:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.72:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.68:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.41:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.85:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.92:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.46:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.99:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.134:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.5:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.113:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.42:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.69:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.45:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.54:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.130:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.100:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.80:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.132:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.91:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.60:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.114:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.102:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.74:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.10:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.25:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.112:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.81:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.101:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.73:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.133:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.53:::::::*
	cpe:2.3:a:google:chrome:34.0.1847.86:::::::*
cpe:2.3:a:google:chrome:34.0.1847.98:::::::*
cpe:2.3:a:google:chrome:34.0.1847.57:::::::*
cpe:2.3:a:google:chrome:34.0.1847.50:::::::*
cpe:2.3:a:google:chrome:34.0.1847.77:::::::*
cpe:2.3:a:google:chrome:34.0.1847.65:::::::*
cpe:2.3:a:google:chrome:34.0.1847.58:::::::*
cpe:2.3:a:google:chrome:34.0.1847.131:::::::*
cpe:2.3:a:google:chrome:34.0.1847.78:::::::*
cpe:2.3:a:google:chrome:34.0.1847.24:::::::*
cpe:2.3:a:google:chrome:34.0.1847.61:::::::*
cpe:2.3:a:google:chrome:34.0.1847.49:::::::*
cpe:2.3:a:google:chrome:34.0.1847.115:::::::*
cpe:2.3:a:google:chrome:34.0.1847.64:::::::*
cpe:2.3:a:google:chrome:34.0.1847.3:::::::*
cpe:2.3:a:google:chrome:34.0.1847.67:::::::*
cpe:2.3:a:google:chrome:34.0.1847.52:::::::*
cpe:2.3:a:google:chrome:34.0.1847.97:::::::*
cpe:2.3:a:google:chrome:34.0.1847.44:::::::*
cpe:2.3:a:google:chrome:34.0.1847.94:::::::*
cpe:2.3:a:google:chrome:34.0.1847.43:::::::*
cpe:2.3:a:google:chrome:34.0.1847.76:::::::*
cpe:2.3:a:google:chrome:34.0.1847.59:::::::*
cpe:2.3:a:google:chrome:34.0.1847.36:::::::*
cpe:2.3:a:google:chrome:34.0.1847.51:::::::*
cpe:2.3:a:google:chrome:34.0.1847.66:::::::*
cpe:2.3:a:google:chrome:34.0.1847.6:::::::*
cpe:2.3:a:google:chrome:34.0.1847.75:::::::*
cpe:2.3:a:google:chrome:34.0.1847.83:::::::*
cpe:2.3:a:google:chrome:34.0.1847.82:::::::*

Information

Published : 2014-05-14 04:13

Updated : 2017-12-27 18:29

NVD link : CVE-2014-1742

Mitre link : CVE-2014-1742

JSON object : View

CWE

CWE-399

Resource Management Errors

Products Affected

google

chrome

7.5 /10