Lucene search

ChromeCVE-2014-3174

HistoryAug 27, 2014 - 1:55 a.m.

CVE-2014-3174

2014-08-2701:55:05

CWE-119

Chrome

web.nvd.nist.gov

cve-2014-3174

denial of service

web audio api

google chrome

vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.018

Percentile

88.2%

JSON

modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service (read of uninitialized memory) via crafted API calls.

Affected configurations

Nvd

Node

googlechromeRange≤37.0.2062.93

googlechromeMatch37.0.2062.0

googlechromeMatch37.0.2062.1

googlechromeMatch37.0.2062.2

googlechromeMatch37.0.2062.3

googlechromeMatch37.0.2062.4

googlechromeMatch37.0.2062.5

googlechromeMatch37.0.2062.6

googlechromeMatch37.0.2062.7

googlechromeMatch37.0.2062.8

googlechromeMatch37.0.2062.9

googlechromeMatch37.0.2062.10

googlechromeMatch37.0.2062.11

googlechromeMatch37.0.2062.12

googlechromeMatch37.0.2062.13

googlechromeMatch37.0.2062.14

googlechromeMatch37.0.2062.15

googlechromeMatch37.0.2062.16

googlechromeMatch37.0.2062.17

googlechromeMatch37.0.2062.18

googlechromeMatch37.0.2062.19

googlechromeMatch37.0.2062.20

googlechromeMatch37.0.2062.21

googlechromeMatch37.0.2062.22

googlechromeMatch37.0.2062.23

googlechromeMatch37.0.2062.24

googlechromeMatch37.0.2062.25

googlechromeMatch37.0.2062.26

googlechromeMatch37.0.2062.27

googlechromeMatch37.0.2062.28

googlechromeMatch37.0.2062.29

googlechromeMatch37.0.2062.30

googlechromeMatch37.0.2062.31

googlechromeMatch37.0.2062.32

googlechromeMatch37.0.2062.33

googlechromeMatch37.0.2062.34

googlechromeMatch37.0.2062.35

googlechromeMatch37.0.2062.36

googlechromeMatch37.0.2062.37

googlechromeMatch37.0.2062.39

googlechromeMatch37.0.2062.43

googlechromeMatch37.0.2062.44

googlechromeMatch37.0.2062.45

googlechromeMatch37.0.2062.46

googlechromeMatch37.0.2062.47

googlechromeMatch37.0.2062.48

googlechromeMatch37.0.2062.49

googlechromeMatch37.0.2062.50

googlechromeMatch37.0.2062.51

googlechromeMatch37.0.2062.52

googlechromeMatch37.0.2062.53

googlechromeMatch37.0.2062.54

googlechromeMatch37.0.2062.55

googlechromeMatch37.0.2062.56

googlechromeMatch37.0.2062.57

googlechromeMatch37.0.2062.58

googlechromeMatch37.0.2062.59

googlechromeMatch37.0.2062.60

googlechromeMatch37.0.2062.61

googlechromeMatch37.0.2062.62

googlechromeMatch37.0.2062.63

googlechromeMatch37.0.2062.64

googlechromeMatch37.0.2062.65

googlechromeMatch37.0.2062.66

googlechromeMatch37.0.2062.67

googlechromeMatch37.0.2062.68

googlechromeMatch37.0.2062.69

googlechromeMatch37.0.2062.70

googlechromeMatch37.0.2062.71

googlechromeMatch37.0.2062.72

googlechromeMatch37.0.2062.73

googlechromeMatch37.0.2062.74

googlechromeMatch37.0.2062.75

googlechromeMatch37.0.2062.76

googlechromeMatch37.0.2062.77

googlechromeMatch37.0.2062.78

googlechromeMatch37.0.2062.80

googlechromeMatch37.0.2062.81

googlechromeMatch37.0.2062.89

googlechromeMatch37.0.2062.90

googlechromeMatch37.0.2062.91

googlechromeMatch37.0.2062.92

VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
googlechrome37.0.2062.0cpe:2.3:a:google:chrome:37.0.2062.0:*:*:*:*:*:*:*
googlechrome37.0.2062.1cpe:2.3:a:google:chrome:37.0.2062.1:*:*:*:*:*:*:*
googlechrome37.0.2062.2cpe:2.3:a:google:chrome:37.0.2062.2:*:*:*:*:*:*:*
googlechrome37.0.2062.3cpe:2.3:a:google:chrome:37.0.2062.3:*:*:*:*:*:*:*
googlechrome37.0.2062.4cpe:2.3:a:google:chrome:37.0.2062.4:*:*:*:*:*:*:*
googlechrome37.0.2062.5cpe:2.3:a:google:chrome:37.0.2062.5:*:*:*:*:*:*:*
googlechrome37.0.2062.6cpe:2.3:a:google:chrome:37.0.2062.6:*:*:*:*:*:*:*
googlechrome37.0.2062.7cpe:2.3:a:google:chrome:37.0.2062.7:*:*:*:*:*:*:*
googlechrome37.0.2062.8cpe:2.3:a:google:chrome:37.0.2062.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	chrome	*	cpe:2.3:a:google:chrome::::::::
google	chrome	37.0.2062.0	cpe:2.3:a:google:chrome:37.0.2062.0:::::::*
google	chrome	37.0.2062.1	cpe:2.3:a:google:chrome:37.0.2062.1:::::::*
google	chrome	37.0.2062.2	cpe:2.3:a:google:chrome:37.0.2062.2:::::::*
google	chrome	37.0.2062.3	cpe:2.3:a:google:chrome:37.0.2062.3:::::::*
google	chrome	37.0.2062.4	cpe:2.3:a:google:chrome:37.0.2062.4:::::::*
google	chrome	37.0.2062.5	cpe:2.3:a:google:chrome:37.0.2062.5:::::::*
google	chrome	37.0.2062.6	cpe:2.3:a:google:chrome:37.0.2062.6:::::::*
google	chrome	37.0.2062.7	cpe:2.3:a:google:chrome:37.0.2062.7:::::::*
google	chrome	37.0.2062.8	cpe:2.3:a:google:chrome:37.0.2062.8:::::::*