Published: 21/05/2014 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome prior to 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote malicious users to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome
google chrome 35.0.1916.99
google chrome 35.0.1916.57
google chrome 35.0.1916.3
google chrome 35.0.1916.38
google chrome 35.0.1916.105
google chrome 35.0.1916.95
google chrome 35.0.1916.52
google chrome 35.0.1916.82
google chrome 35.0.1916.42
google chrome 35.0.1916.36
google chrome 35.0.1916.111
google chrome 35.0.1916.61
google chrome 35.0.1916.98
google chrome 35.0.1916.47
google chrome 35.0.1916.110
google chrome 35.0.1916.10
google chrome 35.0.1916.20
google chrome 35.0.1916.85
google chrome 35.0.1916.9
google chrome 35.0.1916.92
google chrome 35.0.1916.23
google chrome 35.0.1916.49
google chrome 35.0.1916.54
google chrome 35.0.1916.106
google chrome 35.0.1916.35
google chrome 35.0.1916.33
google chrome 35.0.1916.5
google chrome 35.0.1916.11
google chrome 35.0.1916.86
google chrome 35.0.1916.17
google chrome 35.0.1916.13
google chrome 35.0.1916.72
google chrome 35.0.1916.109
google chrome 35.0.1916.77
google chrome 35.0.1916.88
google chrome 35.0.1916.59
google chrome 35.0.1916.44
google chrome 35.0.1916.108
google chrome 35.0.1916.74
google chrome 35.0.1916.45
google chrome 35.0.1916.18
google chrome 35.0.1916.107
google chrome 35.0.1916.21
google chrome 35.0.1916.6
google chrome 35.0.1916.71
google chrome 35.0.1916.41
google chrome 35.0.1916.8
google chrome 35.0.1916.4
google chrome 35.0.1916.19
google chrome 35.0.1916.0
google chrome 35.0.1916.40
google chrome 35.0.1916.101
google chrome 35.0.1916.32
google chrome 35.0.1916.51
google chrome 35.0.1916.80
google chrome 35.0.1916.39
google chrome 35.0.1916.43
google chrome 35.0.1916.93
google chrome 35.0.1916.34
google chrome 35.0.1916.37
google chrome 35.0.1916.103
google chrome 35.0.1916.90
google chrome 35.0.1916.68
google chrome 35.0.1916.1
google chrome 35.0.1916.112
google chrome 35.0.1916.27
google chrome 35.0.1916.7
google chrome 35.0.1916.84
google chrome 35.0.1916.46
google chrome 35.0.1916.104
google chrome 35.0.1916.22
google chrome 35.0.1916.69
google chrome 35.0.1916.15
google chrome 35.0.1916.31
google chrome 35.0.1916.96
google chrome 35.0.1916.14
google chrome 35.0.1916.56
google chrome 35.0.1916.2
google chrome 35.0.1916.48

Several security issues were fixed in Oxide ...

Several vulnerabilities were discovered in the chromium web browser CVE-2014-1743 cloudfuzzer discovered a use-after-free issue in the Blink/Webkit document object model implementation CVE-2014-1744 Aaron Staple discovered an integer overflow issue in audio input handling CVE-2014-1745 Atte Kettunen discovered a use-after-fr ...

CWE-119 https://code.google.com/p/chromium/issues/detail?id=364065 https://src.chromium.org/viewvc/chrome?revision=267280&view=revision http://www.debian.org/security/2014/dsa-2939 http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html http://security.gentoo.org/glsa/glsa-201408-16.xml http://secunia.com/advisories/60372 http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html http://secunia.com/advisories/59155 http://secunia.com/advisories/58920 http://www.securitytracker.com/id/1030270 https://usn.ubuntu.com/2298-1/https://nvd.nist.gov

Get Started

CVE-2014-1746

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect