CVE-2014-1741
Vulnerability Summary
Timeline
Description
Multiple integer overflows in the replace-data functionality in the CharacterData interface implementation in core/dom/CharacterData.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to ranges.
CVSS Metrics
- v2.0•HIGH•Score: 7.5AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 1.88%• Percentile: 83%
Techniques & Countermeasures
- CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.
Affected Systems
- Unknown•Chrome
≤ 34.0.1847.136 | 34.0.1847.0 | 34.0.1847.1 | 34.0.1847.2 | 34.0.1847.3 | 34.0.1847.4 | 34.0.1847.5 | 34.0.1847.6 | 34.0.1847.7 | 34.0.1847.8 | 34.0.1847.9 | 34.0.1847.10 | 34.0.1847.12 | 34.0.1847.14 | 34.0.1847.15 | 34.0.1847.23 | 34.0.1847.24 | 34.0.1847.25 | 34.0.1847.36 | 34.0.1847.37 | 34.0.1847.38 | 34.0.1847.39 | 34.0.1847.41 | 34.0.1847.42 | 34.0.1847.43 | 34.0.1847.44 | 34.0.1847.45 | 34.0.1847.46 | 34.0.1847.47 | 34.0.1847.48 | 34.0.1847.49 | 34.0.1847.50 | 34.0.1847.51 | 34.0.1847.52 | 34.0.1847.53 | 34.0.1847.54 | 34.0.1847.55 | 34.0.1847.56 | 34.0.1847.57 | 34.0.1847.58 | 34.0.1847.59 | 34.0.1847.60 | 34.0.1847.61 | 34.0.1847.62 | 34.0.1847.63 | 34.0.1847.64 | 34.0.1847.65 | 34.0.1847.66 | 34.0.1847.67 | 34.0.1847.68 | 34.0.1847.69 | 34.0.1847.71 | 34.0.1847.72 | 34.0.1847.73 | 34.0.1847.74 | 34.0.1847.75 | 34.0.1847.76 | 34.0.1847.77 | 34.0.1847.78 | 34.0.1847.79 | 34.0.1847.80 | 34.0.1847.81 | 34.0.1847.82 | 34.0.1847.83 | 34.0.1847.85 | 34.0.1847.86 | 34.0.1847.87 | 34.0.1847.91 | 34.0.1847.92 | 34.0.1847.94 | 34.0.1847.97 | 34.0.1847.98 | 34.0.1847.99 | 34.0.1847.100 | 34.0.1847.101 | 34.0.1847.102 | 34.0.1847.103 | 34.0.1847.104 | 34.0.1847.109 | 34.0.1847.111 | 34.0.1847.112 | 34.0.1847.113 | 34.0.1847.114 | 34.0.1847.115 | 34.0.1847.116 | 34.0.1847.118 | 34.0.1847.120 | 34.0.1847.130 | 34.0.1847.131 | 34.0.1847.132 | 34.0.1847.133 | 34.0.1847.134 | 34.0.1847.135
References (10)
- https://src.chromium.org/viewvc/blink?revision=171165&view=revision
- http://www.debian.org/security/2014/dsa-2930
- http://security.gentoo.org/glsa/glsa-201408-16.xml
- http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html
- http://secunia.com/advisories/60372
- http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html
- http://secunia.com/advisories/59155
- http://www.securityfocus.com/bid/67376
- http://www.securitytracker.com/id/1030240
- https://code.google.com/p/chromium/issues/detail?id=349898