CVE

Id
69008  
CVE No.
CVE-2014-1713  
Status
Candidate  
Description
Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value.  
Phase
Assigned (20140129)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
663541 69008 CVE-2014-1713 BUGTRAQ:20140326 VUPEN Security Research - Google Chrome Blink "locationAttributeSetter" Use-after-free (Pwn2Own)  View
663542 69008 CVE-2014-1713 URL:http://archives.neohapsis.com/archives/bugtraq/2014-03/0144.html  View
663543 69008 CVE-2014-1713 CONFIRM:http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html  View
663544 69008 CVE-2014-1713 CONFIRM:http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html  View
663545 69008 CVE-2014-1713 CONFIRM:https://code.google.com/p/chromium/issues/detail?id=352374  View
663546 69008 CVE-2014-1713 CONFIRM:https://src.chromium.org/viewvc/blink?revision=169176&view=revision  View
663547 69008 CVE-2014-1713 CONFIRM:https://support.apple.com/kb/HT6537  View
663548 69008 CVE-2014-1713 APPLE:APPLE-SA-2014-04-01-1  View
663549 69008 CVE-2014-1713 URL:http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html  View
663550 69008 CVE-2014-1713 APPLE:APPLE-SA-2014-04-22-2  View
663551 69008 CVE-2014-1713 URL:http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html  View
663552 69008 CVE-2014-1713 APPLE:APPLE-SA-2014-04-22-3  View
663553 69008 CVE-2014-1713 URL:http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html  View
663554 69008 CVE-2014-1713 DEBIAN:DSA-2883  View
663555 69008 CVE-2014-1713 URL:http://www.debian.org/security/2014/dsa-2883  View
663556 69008 CVE-2014-1713 GENTOO:GLSA-201408-16  View
663557 69008 CVE-2014-1713 URL:http://security.gentoo.org/glsa/glsa-201408-16.xml  View
663558 69008 CVE-2014-1713 SUSE:openSUSE-SU-2014:0501  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
13072 JVNDB-2014-001947 Google Chrome で使用される Google V8 におけるサービス運用妨害 (DoS) の脆弱性 Google Chrome で使用される Google V8 は、遅延非最適化 (lazy deoptimization) を適切に実装しないため、サービス運用妨害 (メモリ破損) 状態にされるなど、不特定の影響を受ける脆弱性が存在します。 CVE-2014-1721 69008 7.5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001947.html  View