CVE-2014-1703
Vulnerability Summary
Timeline
Description
Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDrop function in content/browser/renderer_host/websocket_dispatcher_host.cc in the Web Sockets implementation in Google Chrome before 33.0.1750.149 might allow remote attackers to bypass the sandbox protection mechanism by leveraging an incorrect deletion in a certain failure case.
CVSS Metrics
- v2.0•HIGH•Score: 7.5AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 0.54%• Percentile: 68%
Techniques & Countermeasures
- CWE-399•Resource Management Errors
Weaknesses in this category are related to improper management of system resources.
Affected Systems
- google•chrome
≤ 33.0.1750.146 | 33.0.1750.0 | 33.0.1750.1 | 33.0.1750.2 | 33.0.1750.3 | 33.0.1750.4 | 33.0.1750.5 | 33.0.1750.6 | 33.0.1750.7 | 33.0.1750.8 | 33.0.1750.9 | 33.0.1750.10 | 33.0.1750.11 | 33.0.1750.12 | 33.0.1750.13 | 33.0.1750.14 | 33.0.1750.15 | 33.0.1750.16 | 33.0.1750.18 | 33.0.1750.19 | 33.0.1750.20 | 33.0.1750.21 | 33.0.1750.22 | 33.0.1750.23 | 33.0.1750.24 | 33.0.1750.25 | 33.0.1750.26 | 33.0.1750.27 | 33.0.1750.28 | 33.0.1750.29 | 33.0.1750.30 | 33.0.1750.31 | 33.0.1750.34 | 33.0.1750.35 | 33.0.1750.36 | 33.0.1750.37 | 33.0.1750.38 | 33.0.1750.39 | 33.0.1750.40 | 33.0.1750.41 | 33.0.1750.42 | 33.0.1750.43 | 33.0.1750.44 | 33.0.1750.45 | 33.0.1750.46 | 33.0.1750.47 | 33.0.1750.48 | 33.0.1750.49 | 33.0.1750.50 | 33.0.1750.51 | 33.0.1750.52 | 33.0.1750.53 | 33.0.1750.54 | 33.0.1750.55 | 33.0.1750.56 | 33.0.1750.57 | 33.0.1750.58 | 33.0.1750.59 | 33.0.1750.60 | 33.0.1750.61 | 33.0.1750.62 | 33.0.1750.63 | 33.0.1750.64 | 33.0.1750.65 | 33.0.1750.66 | 33.0.1750.67 | 33.0.1750.68 | 33.0.1750.69 | 33.0.1750.70 | 33.0.1750.71 | 33.0.1750.73 | 33.0.1750.74 | 33.0.1750.75 | 33.0.1750.76 | 33.0.1750.77 | 33.0.1750.79 | 33.0.1750.80 | 33.0.1750.81 | 33.0.1750.82 | 33.0.1750.83 | 33.0.1750.85 | 33.0.1750.88 | 33.0.1750.89 | 33.0.1750.90 | 33.0.1750.91 | 33.0.1750.92 | 33.0.1750.93 | 33.0.1750.104 | 33.0.1750.106 | 33.0.1750.107 | 33.0.1750.108 | 33.0.1750.109 | 33.0.1750.110 | 33.0.1750.111 | 33.0.1750.112 | 33.0.1750.113 | 33.0.1750.115 | 33.0.1750.116 | 33.0.1750.117 | 33.0.1750.124 | 33.0.1750.125 | 33.0.1750.126 | 33.0.1750.132 | 33.0.1750.133 | 33.0.1750.135 | 33.0.1750.136 | 33.0.1750.144
References (7)
- http://www.debian.org/security/2014/dsa-2883
- https://code.google.com/p/chromium/issues/detail?id=338354
- http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html
- http://security.gentoo.org/glsa/glsa-201408-16.xml
- https://src.chromium.org/viewvc/chrome?revision=247627&view=revision
- http://www.securitytracker.com/id/1029914
- http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html