Lucene search
HistoryMay 14, 2014 - 11:13 a.m.
CVE-2014-1740
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.01
Percentile
83.6%
Multiple use-after-free vulnerabilities in net/websockets/websocket_job.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob deletion.
Affected configurations
Node
googlechromeRange≤34.0.1847.136
ORgooglechromeMatch34.0.1847.0
ORgooglechromeMatch34.0.1847.1
ORgooglechromeMatch34.0.1847.2
ORgooglechromeMatch34.0.1847.3
ORgooglechromeMatch34.0.1847.4
ORgooglechromeMatch34.0.1847.5
ORgooglechromeMatch34.0.1847.6
ORgooglechromeMatch34.0.1847.7
ORgooglechromeMatch34.0.1847.8
ORgooglechromeMatch34.0.1847.9
ORgooglechromeMatch34.0.1847.10
ORgooglechromeMatch34.0.1847.12
ORgooglechromeMatch34.0.1847.14
ORgooglechromeMatch34.0.1847.15
ORgooglechromeMatch34.0.1847.23
ORgooglechromeMatch34.0.1847.24
ORgooglechromeMatch34.0.1847.25
ORgooglechromeMatch34.0.1847.36
ORgooglechromeMatch34.0.1847.37
ORgooglechromeMatch34.0.1847.38
ORgooglechromeMatch34.0.1847.39
ORgooglechromeMatch34.0.1847.41
ORgooglechromeMatch34.0.1847.42
ORgooglechromeMatch34.0.1847.43
ORgooglechromeMatch34.0.1847.44
ORgooglechromeMatch34.0.1847.45
ORgooglechromeMatch34.0.1847.46
ORgooglechromeMatch34.0.1847.47
ORgooglechromeMatch34.0.1847.48
ORgooglechromeMatch34.0.1847.49
ORgooglechromeMatch34.0.1847.50
ORgooglechromeMatch34.0.1847.51
ORgooglechromeMatch34.0.1847.52
ORgooglechromeMatch34.0.1847.53
ORgooglechromeMatch34.0.1847.54
ORgooglechromeMatch34.0.1847.55
ORgooglechromeMatch34.0.1847.56
ORgooglechromeMatch34.0.1847.57
ORgooglechromeMatch34.0.1847.58
ORgooglechromeMatch34.0.1847.59
ORgooglechromeMatch34.0.1847.60
ORgooglechromeMatch34.0.1847.61
ORgooglechromeMatch34.0.1847.62
ORgooglechromeMatch34.0.1847.63
ORgooglechromeMatch34.0.1847.64
ORgooglechromeMatch34.0.1847.65
ORgooglechromeMatch34.0.1847.66
ORgooglechromeMatch34.0.1847.67
ORgooglechromeMatch34.0.1847.68
ORgooglechromeMatch34.0.1847.69
ORgooglechromeMatch34.0.1847.71
ORgooglechromeMatch34.0.1847.72
ORgooglechromeMatch34.0.1847.73
ORgooglechromeMatch34.0.1847.74
ORgooglechromeMatch34.0.1847.75
ORgooglechromeMatch34.0.1847.76
ORgooglechromeMatch34.0.1847.77
ORgooglechromeMatch34.0.1847.78
ORgooglechromeMatch34.0.1847.79
ORgooglechromeMatch34.0.1847.80
ORgooglechromeMatch34.0.1847.81
ORgooglechromeMatch34.0.1847.82
ORgooglechromeMatch34.0.1847.83
ORgooglechromeMatch34.0.1847.85
ORgooglechromeMatch34.0.1847.86
ORgooglechromeMatch34.0.1847.87
ORgooglechromeMatch34.0.1847.91
ORgooglechromeMatch34.0.1847.92
ORgooglechromeMatch34.0.1847.94
ORgooglechromeMatch34.0.1847.97
ORgooglechromeMatch34.0.1847.98
ORgooglechromeMatch34.0.1847.99
ORgooglechromeMatch34.0.1847.100
ORgooglechromeMatch34.0.1847.101
ORgooglechromeMatch34.0.1847.102
ORgooglechromeMatch34.0.1847.103
ORgooglechromeMatch34.0.1847.104
ORgooglechromeMatch34.0.1847.109
ORgooglechromeMatch34.0.1847.111
ORgooglechromeMatch34.0.1847.112
ORgooglechromeMatch34.0.1847.113
ORgooglechromeMatch34.0.1847.114
ORgooglechromeMatch34.0.1847.115
ORgooglechromeMatch34.0.1847.116
ORgooglechromeMatch34.0.1847.118
ORgooglechromeMatch34.0.1847.120
ORgooglechromeMatch34.0.1847.130
ORgooglechromeMatch34.0.1847.131
ORgooglechromeMatch34.0.1847.132
ORgooglechromeMatch34.0.1847.133
ORgooglechromeMatch34.0.1847.134
ORgooglechromeMatch34.0.1847.135
| Vendor | Product | Version | CPE |
|---|---|---|---|
| chrome | * | cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | |
| chrome | 34.0.1847.0 | cpe:2.3:a:google:chrome:34.0.1847.0:*:*:*:*:*:*:* | |
| chrome | 34.0.1847.1 | cpe:2.3:a:google:chrome:34.0.1847.1:*:*:*:*:*:*:* | |
| chrome | 34.0.1847.2 | cpe:2.3:a:google:chrome:34.0.1847.2:*:*:*:*:*:*:* | |
| chrome | 34.0.1847.3 | cpe:2.3:a:google:chrome:34.0.1847.3:*:*:*:*:*:*:* | |
| chrome | 34.0.1847.4 | cpe:2.3:a:google:chrome:34.0.1847.4:*:*:*:*:*:*:* | |
| chrome | 34.0.1847.5 | cpe:2.3:a:google:chrome:34.0.1847.5:*:*:*:*:*:*:* | |
| chrome | 34.0.1847.6 | cpe:2.3:a:google:chrome:34.0.1847.6:*:*:*:*:*:*:* | |
| chrome | 34.0.1847.7 | cpe:2.3:a:google:chrome:34.0.1847.7:*:*:*:*:*:*:* | |
| chrome | 34.0.1847.8 | cpe:2.3:a:google:chrome:34.0.1847.8:*:*:*:*:*:*:* |
References
googlechromereleases.blogspot.com/2014/05/stable-channel-update.html
lists.opensuse.org/opensuse-updates/2014-06/msg00023.html
secunia.com/advisories/59155
secunia.com/advisories/60372
security.gentoo.org/glsa/glsa-201408-16.xml
www.debian.org/security/2014/dsa-2930
www.securityfocus.com/bid/67374
www.securitytracker.com/id/1030240
code.google.com/p/chromium/issues/detail?id=358038
src.chromium.org/viewvc/chrome?revision=261707&view=revision
Related
cve
cve
CVE-2014-1740
2014-05-14 11:13:05
ubuntucve
ubuntucve
CVE-2014-1740
2014-05-14 00:00:00
prion
prion
Arbitrary file deletion
2014-05-14 11:13:00
cvelist
cvelist
CVE-2014-1740
2014-05-14 10:00:00
debiancve
debiancve
CVE-2014-1740
2014-05-14 11:13:00
openvas
openvas
Debian Security Advisory DSA 2930-1 (chromium-browser - security update)
2014-05-17 00:00:00
Google Chrome Multiple Vulnerabilities - 01 (May 2014) - Linux
2014-05-21 00:00:00
Debian: Security Advisory (DSA-2930-1)
2014-05-16 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2014-05-13 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2930-1] chromium-browser security update
2014-05-30 00:00:00
Google Chrome / Chromium multiple security vulnerabilities
2014-06-09 00:00:00
debian
debian
[SECURITY] [DSA 2930-1] chromium-browser security update
2014-05-17 19:40:40
[SECURITY] [DSA 2930-1] chromium-browser security update
2014-05-17 19:40:40
osv
osv
chromium-browser - security update
2014-05-17 00:00:00
chromedriver-55.0.2883.75-3.1 on GA media
2024-06-15 00:00:00
ungoogled-chromium-113.0.5672.92-1.1 on GA media
2024-06-15 00:00:00
nessus
nessus
FreeBSD : chromium -- multiple vulnerabilities (cdf450fc-db52-11e3-a9fc-00262d5ed8ee)
2014-05-15 00:00:00
Debian DSA-2930-1 : chromium-browser - security update
2014-05-19 00:00:00
Google Chrome < 34.0.1847.137 Multiple Vulnerabilities
2014-05-14 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix multiple vulnerabilities
2014-05-22 21:17:07
ubuntu
ubuntu
Oxide vulnerabilities
2014-07-23 00:00:00
gentoo
gentoo
Chromium: Multiple vulnerabilities
2014-08-30 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.01
Percentile
83.6%
Related for NVD:CVE-2014-1740