Lucene search
HistoryAug 27, 2014 - 1:55 a.m.
CVE-2014-3176
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.063
Percentile
93.7%
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177.
Affected configurations
Node
googlechromeRange≤37.0.2062.93
ORgooglechromeMatch37.0.2062.0
ORgooglechromeMatch37.0.2062.1
ORgooglechromeMatch37.0.2062.2
ORgooglechromeMatch37.0.2062.3
ORgooglechromeMatch37.0.2062.4
ORgooglechromeMatch37.0.2062.5
ORgooglechromeMatch37.0.2062.6
ORgooglechromeMatch37.0.2062.7
ORgooglechromeMatch37.0.2062.8
ORgooglechromeMatch37.0.2062.9
ORgooglechromeMatch37.0.2062.10
ORgooglechromeMatch37.0.2062.11
ORgooglechromeMatch37.0.2062.12
ORgooglechromeMatch37.0.2062.13
ORgooglechromeMatch37.0.2062.14
ORgooglechromeMatch37.0.2062.15
ORgooglechromeMatch37.0.2062.16
ORgooglechromeMatch37.0.2062.17
ORgooglechromeMatch37.0.2062.18
ORgooglechromeMatch37.0.2062.19
ORgooglechromeMatch37.0.2062.20
ORgooglechromeMatch37.0.2062.21
ORgooglechromeMatch37.0.2062.22
ORgooglechromeMatch37.0.2062.23
ORgooglechromeMatch37.0.2062.24
ORgooglechromeMatch37.0.2062.25
ORgooglechromeMatch37.0.2062.26
ORgooglechromeMatch37.0.2062.27
ORgooglechromeMatch37.0.2062.28
ORgooglechromeMatch37.0.2062.29
ORgooglechromeMatch37.0.2062.30
ORgooglechromeMatch37.0.2062.31
ORgooglechromeMatch37.0.2062.32
ORgooglechromeMatch37.0.2062.33
ORgooglechromeMatch37.0.2062.34
ORgooglechromeMatch37.0.2062.35
ORgooglechromeMatch37.0.2062.36
ORgooglechromeMatch37.0.2062.37
ORgooglechromeMatch37.0.2062.39
ORgooglechromeMatch37.0.2062.43
ORgooglechromeMatch37.0.2062.44
ORgooglechromeMatch37.0.2062.45
ORgooglechromeMatch37.0.2062.46
ORgooglechromeMatch37.0.2062.47
ORgooglechromeMatch37.0.2062.48
ORgooglechromeMatch37.0.2062.49
ORgooglechromeMatch37.0.2062.50
ORgooglechromeMatch37.0.2062.51
ORgooglechromeMatch37.0.2062.52
ORgooglechromeMatch37.0.2062.53
ORgooglechromeMatch37.0.2062.54
ORgooglechromeMatch37.0.2062.55
ORgooglechromeMatch37.0.2062.56
ORgooglechromeMatch37.0.2062.57
ORgooglechromeMatch37.0.2062.58
ORgooglechromeMatch37.0.2062.59
ORgooglechromeMatch37.0.2062.60
ORgooglechromeMatch37.0.2062.61
ORgooglechromeMatch37.0.2062.62
ORgooglechromeMatch37.0.2062.63
ORgooglechromeMatch37.0.2062.64
ORgooglechromeMatch37.0.2062.65
ORgooglechromeMatch37.0.2062.66
ORgooglechromeMatch37.0.2062.67
ORgooglechromeMatch37.0.2062.68
ORgooglechromeMatch37.0.2062.69
ORgooglechromeMatch37.0.2062.70
ORgooglechromeMatch37.0.2062.71
ORgooglechromeMatch37.0.2062.72
ORgooglechromeMatch37.0.2062.73
ORgooglechromeMatch37.0.2062.74
ORgooglechromeMatch37.0.2062.75
ORgooglechromeMatch37.0.2062.76
ORgooglechromeMatch37.0.2062.77
ORgooglechromeMatch37.0.2062.78
ORgooglechromeMatch37.0.2062.80
ORgooglechromeMatch37.0.2062.81
ORgooglechromeMatch37.0.2062.89
ORgooglechromeMatch37.0.2062.90
ORgooglechromeMatch37.0.2062.91
ORgooglechromeMatch37.0.2062.92
References
googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html
secunia.com/advisories/60268
secunia.com/advisories/61482
security.gentoo.org/glsa/glsa-201408-16.xml
www.debian.org/security/2014/dsa-3039
www.securityfocus.com/bid/69404
www.securitytracker.com/id/1030767
crbug.com/386988
exchange.xforce.ibmcloud.com/vulnerabilities/95476
Related
prion
prion
Code injection
2014-08-27 01:55:00
Code injection
2014-08-27 01:55:00
cve
cve
CVE-2014-3176
2014-08-27 01:55:06
CVE-2014-3177
2014-08-27 01:55:06
cvelist
cvelist
CVE-2014-3177
2014-08-27 01:00:00
CVE-2014-3176
2014-08-27 01:00:00
nvd
nvd
CVE-2014-3177
2014-08-27 01:55:06
debiancve
debiancve
CVE-2014-3176
2014-08-27 01:55:00
CVE-2014-3177
2014-08-27 01:55:00
ubuntucve
ubuntucve
CVE-2014-3177
2014-08-27 00:00:00
CVE-2014-3176
2014-08-27 00:00:00
chrome
chrome
Stable Channel Update for Chrome OS
2014-09-03 00:00:00
Stable Channel Update
2014-08-26 00:00:00
nessus
nessus
Google Chrome < 37.0.2062.94 Multiple Vulnerabilities
2014-08-26 00:00:00
openSUSE Security Update : chromium (openSUSE-SU-2014:1151-1)
2014-09-23 00:00:00
threatpost
threatpost
50 Security Flaws Fixed in Google Chrome
2014-08-26 10:40:00
suse
suse
chromium to 37.0.2062.94 (important)
2014-09-22 15:04:25
openvas
openvas
Google Chrome Multiple Vulnerabilities - 01 (Sep 2014) - Windows
2014-09-11 00:00:00
Google Chrome Multiple Vulnerabilities - 01 (Sep 2014) - Linux
2014-09-11 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2014:1151-1)
2014-09-23 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2014-08-26 00:00:00
securityvulns
securityvulns
Google Chrome / Chromium multiple security vulnerabilities
2014-10-05 00:00:00
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-10-05 00:00:00
osv
osv
chromium-browser - security update
2014-09-28 00:00:00
debian
debian
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-09-28 18:48:40
[SECURITY] [DSA 3039-1] chromium-browser security update
2014-09-28 18:48:40
gentoo
gentoo
Chromium: Multiple vulnerabilities
2014-08-30 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.063
Percentile
93.7%
Related for NVD:CVE-2014-3176