Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

DSA-2939-1 chromium-browser -- security update

Related Vulnerabilities: CVE-2014-1743   CVE-2014-1744   CVE-2014-1745   CVE-2014-1746   CVE-2014-1747   CVE-2014-1748   CVE-2014-1749   CVE-2014-3152  

Several vulnerabilities were discovered in the chromium web browser. CVE-2014-1743 cloudfuzzer discovered a use-after-free issue in the Blink/Webkit document object model implementation. CVE-2014-1744 Aaron Staple discovered an integer overflow issue in audio input handling. CVE-2014-1745 Atte Kettunen discovered a use-after-free issue in the Blink/Webkit scalable vector graphics implementation. CVE-2014-1746 Holger Fuhrmannek discovered an out-of-bounds read issue in the URL protocol implementation for handling media. CVE-2014-1747 packagesu discovered a cross-site scripting issue involving malformed MHTML files. CVE-2014-1748 Jordan Milne discovered a user interface spoofing issue. CVE-2014-1749 The Google Chrome development team discovered and fixed multiple issues with potential security impact. CVE-2014-3152 An integer underflow issue was discovered in the v8 javascript library. For the stable distribution (wheezy), these problems have been fixed in version 35.0.1916.114-1~deb7u2. For the testing distribution (jessie), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 35.0.1916.114-1. We recommend that you upgrade your chromium-browser packages.

Source

Debian Security Advisory

DSA-2939-1 chromium-browser -- security update

Date Reported:
31 May 2014
Affected Packages:
chromium-browser
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2014-1743, CVE-2014-1744, CVE-2014-1745, CVE-2014-1746, CVE-2014-1747, CVE-2014-1748, CVE-2014-1749, CVE-2014-3152.
More information:

Several vulnerabilities were discovered in the chromium web browser.

  • CVE-2014-1743

    cloudfuzzer discovered a use-after-free issue in the Blink/Webkit document object model implementation.

  • CVE-2014-1744

    Aaron Staple discovered an integer overflow issue in audio input handling.

  • CVE-2014-1745

    Atte Kettunen discovered a use-after-free issue in the Blink/Webkit scalable vector graphics implementation.

  • CVE-2014-1746

    Holger Fuhrmannek discovered an out-of-bounds read issue in the URL protocol implementation for handling media.

  • CVE-2014-1747

    packagesu discovered a cross-site scripting issue involving malformed MHTML files.

  • CVE-2014-1748

    Jordan Milne discovered a user interface spoofing issue.

  • CVE-2014-1749

    The Google Chrome development team discovered and fixed multiple issues with potential security impact.

  • CVE-2014-3152

    An integer underflow issue was discovered in the v8 javascript library.

For the stable distribution (wheezy), these problems have been fixed in version 35.0.1916.114-1~deb7u2.

For the testing distribution (jessie), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in version 35.0.1916.114-1.

We recommend that you upgrade your chromium-browser packages.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started