CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
EPSS
Percentile
75.9%
Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS
X and before 34.0.1847.132 on Linux, does not properly store
internationalization metadata, which allows remote attackers to bypass
intended access restrictions by leveraging “type confusion” and reading
property values, related to i18n.js and runtime.cc.
Author | Note |
---|---|
mikesalvatore | The Ubuntu Security Team does not support libv8 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 17.10 | noarch | chromium-browser | < 35.0.1916.153-0ubuntu1~pkg1029 | UNKNOWN |
ubuntu | 18.04 | noarch | chromium-browser | < 35.0.1916.153-0ubuntu1~pkg1029 | UNKNOWN |
ubuntu | 18.10 | noarch | chromium-browser | < 35.0.1916.153-0ubuntu1~pkg1029 | UNKNOWN |
ubuntu | 12.04 | noarch | chromium-browser | < 36.0.1985.125-0ubuntu1.12.04.0~pkg897 | UNKNOWN |
ubuntu | 14.04 | noarch | chromium-browser | < 36.0.1985.125-0ubuntu1.14.04.0~pkg1029 | UNKNOWN |
ubuntu | 14.10 | noarch | chromium-browser | < 35.0.1916.153-0ubuntu1~pkg1029 | UNKNOWN |
ubuntu | 15.04 | noarch | chromium-browser | < 35.0.1916.153-0ubuntu1~pkg1029 | UNKNOWN |
ubuntu | 15.10 | noarch | chromium-browser | < 35.0.1916.153-0ubuntu1~pkg1029 | UNKNOWN |
ubuntu | 16.04 | noarch | chromium-browser | < 35.0.1916.153-0ubuntu1~pkg1029 | UNKNOWN |
ubuntu | 16.10 | noarch | chromium-browser | < 35.0.1916.153-0ubuntu1~pkg1029 | UNKNOWN |
googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
code.google.com/p/chromium/issues/detail?id=354967
code.google.com/p/v8/source/detail?r=20375
code.google.com/p/v8/source/detail?r=20377
code.google.com/p/v8/source/detail?r=20388
code.google.com/p/v8/source/detail?r=20593
code.google.com/p/v8/source/detail?r=20595
launchpad.net/bugs/cve/CVE-2014-1730
nvd.nist.gov/vuln/detail/CVE-2014-1730
security-tracker.debian.org/tracker/CVE-2014-1730
ubuntu.com/security/notices/USN-2298-1
www.cve.org/CVERecord?id=CVE-2014-1730