7.5
CVSSv2

CVE-2014-1745

Published: 21/05/2014 Updated: 29/12/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome prior to 35.0.1916.114, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp.

Affected Products

Vendor Product Versions
GoogleChrome35.0.1916.0, 35.0.1916.1, 35.0.1916.2, 35.0.1916.3, 35.0.1916.4, 35.0.1916.5, 35.0.1916.6, 35.0.1916.7, 35.0.1916.8, 35.0.1916.9, 35.0.1916.10, 35.0.1916.11, 35.0.1916.13, 35.0.1916.14, 35.0.1916.15, 35.0.1916.17, 35.0.1916.18, 35.0.1916.19, 35.0.1916.20, 35.0.1916.21, 35.0.1916.22, 35.0.1916.23, 35.0.1916.27, 35.0.1916.31, 35.0.1916.32, 35.0.1916.33, 35.0.1916.34, 35.0.1916.35, 35.0.1916.36, 35.0.1916.37, 35.0.1916.38, 35.0.1916.39, 35.0.1916.40, 35.0.1916.41, 35.0.1916.42, 35.0.1916.43, 35.0.1916.44, 35.0.1916.45, 35.0.1916.46, 35.0.1916.47, 35.0.1916.48, 35.0.1916.49, 35.0.1916.51, 35.0.1916.52, 35.0.1916.54, 35.0.1916.56, 35.0.1916.57, 35.0.1916.59, 35.0.1916.61, 35.0.1916.68, 35.0.1916.69, 35.0.1916.71, 35.0.1916.72, 35.0.1916.74, 35.0.1916.77, 35.0.1916.80, 35.0.1916.82, 35.0.1916.84, 35.0.1916.85, 35.0.1916.86, 35.0.1916.88, 35.0.1916.90, 35.0.1916.92, 35.0.1916.93, 35.0.1916.95, 35.0.1916.96, 35.0.1916.98, 35.0.1916.99, 35.0.1916.101, 35.0.1916.103, 35.0.1916.104, 35.0.1916.105, 35.0.1916.106, 35.0.1916.107, 35.0.1916.108, 35.0.1916.109, 35.0.1916.110, 35.0.1916.111, 35.0.1916.112, 35.0.1916.113

Vendor Advisories

Several vulnerabilities were discovered in the chromium web browser CVE-2014-1743 cloudfuzzer discovered a use-after-free issue in the Blink/Webkit document object model implementation CVE-2014-1744 Aaron Staple discovered an integer overflow issue in audio input handling CVE-2014-1745 Atte Kettunen discovered a use-after-fr ...