Lucene search
ChromeCVE-2014-3165HistoryAug 13, 2014 - 4:57 a.m.
CVE-2014-3165
2014-08-1304:57:12
Chrome
web.nvd.nist.gov
50
cve-2014-3165
vulnerability
web sockets
blink
google chrome
remote attack
denial of service
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
High
EPSS
0.011
Percentile
84.4%
Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an unexpectedly long lifetime of a temporary object during method completion.
Affected configurations
Node
debiandebian_linuxMatch7.0
ORdebiandebian_linuxMatch8.0
Node
googlechromeRange≤36.0.1985.142
ORgooglechromeMatch36.0.1985.1
ORgooglechromeMatch36.0.1985.2
ORgooglechromeMatch36.0.1985.3
ORgooglechromeMatch36.0.1985.4
ORgooglechromeMatch36.0.1985.5
ORgooglechromeMatch36.0.1985.6
ORgooglechromeMatch36.0.1985.8
ORgooglechromeMatch36.0.1985.12
ORgooglechromeMatch36.0.1985.13
ORgooglechromeMatch36.0.1985.14
ORgooglechromeMatch36.0.1985.15
ORgooglechromeMatch36.0.1985.16
ORgooglechromeMatch36.0.1985.17
ORgooglechromeMatch36.0.1985.18
ORgooglechromeMatch36.0.1985.19
ORgooglechromeMatch36.0.1985.20
ORgooglechromeMatch36.0.1985.21
ORgooglechromeMatch36.0.1985.22
ORgooglechromeMatch36.0.1985.23
ORgooglechromeMatch36.0.1985.24
ORgooglechromeMatch36.0.1985.25
ORgooglechromeMatch36.0.1985.26
ORgooglechromeMatch36.0.1985.27
ORgooglechromeMatch36.0.1985.28
ORgooglechromeMatch36.0.1985.29
ORgooglechromeMatch36.0.1985.30
ORgooglechromeMatch36.0.1985.31
ORgooglechromeMatch36.0.1985.32
ORgooglechromeMatch36.0.1985.33
ORgooglechromeMatch36.0.1985.34
ORgooglechromeMatch36.0.1985.35
ORgooglechromeMatch36.0.1985.36
ORgooglechromeMatch36.0.1985.37
ORgooglechromeMatch36.0.1985.38
ORgooglechromeMatch36.0.1985.39
ORgooglechromeMatch36.0.1985.40
ORgooglechromeMatch36.0.1985.41
ORgooglechromeMatch36.0.1985.42
ORgooglechromeMatch36.0.1985.43
ORgooglechromeMatch36.0.1985.44
ORgooglechromeMatch36.0.1985.45
ORgooglechromeMatch36.0.1985.46
ORgooglechromeMatch36.0.1985.47
ORgooglechromeMatch36.0.1985.48
ORgooglechromeMatch36.0.1985.49
ORgooglechromeMatch36.0.1985.50
ORgooglechromeMatch36.0.1985.51
ORgooglechromeMatch36.0.1985.52
ORgooglechromeMatch36.0.1985.53
ORgooglechromeMatch36.0.1985.54
ORgooglechromeMatch36.0.1985.55
ORgooglechromeMatch36.0.1985.56
ORgooglechromeMatch36.0.1985.57
ORgooglechromeMatch36.0.1985.58
ORgooglechromeMatch36.0.1985.59
ORgooglechromeMatch36.0.1985.60
ORgooglechromeMatch36.0.1985.61
ORgooglechromeMatch36.0.1985.62
ORgooglechromeMatch36.0.1985.63
ORgooglechromeMatch36.0.1985.64
ORgooglechromeMatch36.0.1985.65
ORgooglechromeMatch36.0.1985.66
ORgooglechromeMatch36.0.1985.67
ORgooglechromeMatch36.0.1985.68
ORgooglechromeMatch36.0.1985.69
ORgooglechromeMatch36.0.1985.70
ORgooglechromeMatch36.0.1985.72
ORgooglechromeMatch36.0.1985.73
ORgooglechromeMatch36.0.1985.74
ORgooglechromeMatch36.0.1985.75
ORgooglechromeMatch36.0.1985.76
ORgooglechromeMatch36.0.1985.77
ORgooglechromeMatch36.0.1985.78
ORgooglechromeMatch36.0.1985.79
ORgooglechromeMatch36.0.1985.81
ORgooglechromeMatch36.0.1985.82
ORgooglechromeMatch36.0.1985.83
ORgooglechromeMatch36.0.1985.84
ORgooglechromeMatch36.0.1985.85
ORgooglechromeMatch36.0.1985.86
ORgooglechromeMatch36.0.1985.87
ORgooglechromeMatch36.0.1985.88
ORgooglechromeMatch36.0.1985.89
ORgooglechromeMatch36.0.1985.90
ORgooglechromeMatch36.0.1985.91
ORgooglechromeMatch36.0.1985.92
ORgooglechromeMatch36.0.1985.93
ORgooglechromeMatch36.0.1985.94
ORgooglechromeMatch36.0.1985.95
ORgooglechromeMatch36.0.1985.96
ORgooglechromeMatch36.0.1985.97
ORgooglechromeMatch36.0.1985.98
ORgooglechromeMatch36.0.1985.99
ORgooglechromeMatch36.0.1985.100
ORgooglechromeMatch36.0.1985.101
ORgooglechromeMatch36.0.1985.102
ORgooglechromeMatch36.0.1985.103
ORgooglechromeMatch36.0.1985.104
ORgooglechromeMatch36.0.1985.105
ORgooglechromeMatch36.0.1985.106
ORgooglechromeMatch36.0.1985.122
ORgooglechromeMatch36.0.1985.123
ORgooglechromeMatch36.0.1985.124
ORgooglechromeMatch36.0.1985.125
ORgooglechromeMatch36.0.1985.126
ORgooglechromeMatch36.0.1985.128
ORgooglechromeMatch36.0.1985.129
ORgooglechromeMatch36.0.1985.130
ORgooglechromeMatch36.0.1985.131
ORgooglechromeMatch36.0.1985.132
ORgooglechromeMatch36.0.1985.133
ORgooglechromeMatch36.0.1985.134
ORgooglechromeMatch36.0.1985.135
ORgooglechromeMatch36.0.1985.138
ORgooglechromeMatch36.0.1985.139
ORgooglechromeMatch36.0.1985.140
ORgooglechromeMatch36.0.1985.141
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | 7.0 | cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* |
| debian | debian_linux | 8.0 | cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* |
| chrome | * | cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | |
| chrome | 36.0.1985.1 | cpe:2.3:a:google:chrome:36.0.1985.1:*:*:*:*:*:*:* | |
| chrome | 36.0.1985.2 | cpe:2.3:a:google:chrome:36.0.1985.2:*:*:*:*:*:*:* | |
| chrome | 36.0.1985.3 | cpe:2.3:a:google:chrome:36.0.1985.3:*:*:*:*:*:*:* | |
| chrome | 36.0.1985.4 | cpe:2.3:a:google:chrome:36.0.1985.4:*:*:*:*:*:*:* | |
| chrome | 36.0.1985.5 | cpe:2.3:a:google:chrome:36.0.1985.5:*:*:*:*:*:*:* | |
| chrome | 36.0.1985.6 | cpe:2.3:a:google:chrome:36.0.1985.6:*:*:*:*:*:*:* | |
| chrome | 36.0.1985.8 | cpe:2.3:a:google:chrome:36.0.1985.8:*:*:*:*:*:*:* |
References
googlechromereleases.blogspot.com/2014/08/stable-channel-update.html
secunia.com/advisories/59904
secunia.com/advisories/60798
security.gentoo.org/glsa/glsa-201408-16.xml
www.debian.org/security/2014/dsa-3039
www.securityfocus.com/bid/69201
www.securitytracker.com/id/1030732
code.google.com/p/chromium/issues/detail?id=390174
exchange.xforce.ibmcloud.com/vulnerabilities/95247
src.chromium.org/viewvc/blink?revision=177359&view=revision
Related
prion
prion
Design/Logic Flaw
2014-08-13 04:57:00
cvelist
cvelist
CVE-2014-3165
2014-08-13 01:00:00
nvd
nvd
CVE-2014-3165
2014-08-13 04:57:12
ubuntucve
ubuntucve
CVE-2014-3165
2014-08-13 00:00:00
debiancve
debiancve
CVE-2014-3165
2014-08-13 04:57:00
nessus
nessus
Google Chrome < 36.0.1985.143 Multiple Vulnerabilities
2014-08-13 00:00:00
Google Chrome < 36.0.1985.143 Multiple Vulnerabilities (Mac OS X)
2014-08-13 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2320-1)
2014-08-21 00:00:00
Google Chrome Multiple Vulnerabilities - 01 (Aug 2014) - Mac OS X
2014-08-19 00:00:00
Google Chrome Multiple Vulnerabilities - 01 (Aug 2014) - Windows
2014-08-19 00:00:00
securityvulns
securityvulns
[USN-2320-1] Oxide vulnerabilities
2014-08-26 00:00:00
oxide-qt multiple security vulnerabilities
2014-08-26 00:00:00
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-10-05 00:00:00
kaspersky
kaspersky
KLA10176 Multiple vulnerabilities in Google Chrome
2014-08-13 00:00:00
chrome
chrome
Stable Channel Update
2014-08-12 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2014-08-20 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2014-08-12 00:00:00
osv
osv
chromium-browser - security update
2014-09-28 00:00:00
chromedriver-55.0.2883.75-3.1 on GA media
2024-06-15 00:00:00
ungoogled-chromium-113.0.5672.92-1.1 on GA media
2024-06-15 00:00:00
debian
debian
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-09-28 18:48:40
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-09-28 18:48:40
gentoo
gentoo
Chromium: Multiple vulnerabilities
2014-08-30 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
High
EPSS
0.011
Percentile
84.4%
Related for CVE-2014-3165