Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | chromium-browser security update |
| Informations | |||
|---|---|---|---|
| Name | DSA-2920 | First vendor Publication | 2014-05-03 |
| Vendor | Debian | Last vendor Modification | 2014-05-03 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Several vulnerabilities have been discovered in the chromium web browser. CVE-2014-1730 A type confusion issue was discovered in the v8 javascript library. CVE-2014-1731 John Butler discovered a type confusion issue in the WebKit/Blink document object model implementation. CVE-2014-1732 Khalil Zhani discovered a use-after-free issue in the speech recognition feature. CVE-2014-1733 Jed Davis discovered a way to bypass the seccomp-bpf sandbox. CVE-2014-1734 The Google Chrome development team discovered and fixed multiple issues with potential security impact. CVE-2014-1735 The Google Chrome development team discovered and fixed multiple issues in version 3.24.35.33 of the v8 javascript library. CVE-2014-1736 SkyLined discovered an integer overlflow issue in the v8 javascript library. For the stable distribution (wheezy), these problems have been fixed in version 34.0.1847.132-1~deb7u1. For the testing distribution (jessie), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 34.0.1847.132-1. We recommend that you upgrade your chromium-browser packages. |
Original Source
| Url : http://www.debian.org/security/2014/dsa-2920 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 33 % | CWE-416 | Use After Free |
| 33 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
| 33 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:26403 | |||
| Oval ID: | oval:org.mitre.oval:def:26403 | ||
| Title: | Allows attackers to cause a denial of service or possibly have other impact | ||
| Description: | Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1735 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26658 | |||
| Oval ID: | oval:org.mitre.oval:def:26658 | ||
| Title: | Allows attackers to cause a denial of service or possibly have other impact | ||
| Description: | Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1734 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26738 | |||
| Oval ID: | oval:org.mitre.oval:def:26738 | ||
| Title: | Allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
| Description: | core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1731 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26766 | |||
| Oval ID: | oval:org.mitre.oval:def:26766 | ||
| Title: | Allows remote attackers to bypass intended sandbox restrictions | ||
| Description: | The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1733 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26790 | |||
| Oval ID: | oval:org.mitre.oval:def:26790 | ||
| Title: | Allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values | ||
| Description: | Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1730 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26835 | |||
| Oval ID: | oval:org.mitre.oval:def:26835 | ||
| Title: | Allows remote attackers to cause a denial of service or possibly have unspecified other impact | ||
| Description: | Use-after-free vulnerability in browser/ui/views/speech_recognition_bubble_views.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that triggers the presence of a Speech Recognition Bubble window for an incorrect duration. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1732 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2014-05-01 | IAVM : 2014-B-0049 - Multiple Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0050017 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-10-21 | Name : The remote host contains an application that is affected by multiple vulnerab... File : itunes_12_0_1.nasl - Type : ACT_GATHER_INFO |
| 2014-10-21 | Name : The remote host contains an application that is affected by multiple vulnerab... File : itunes_12_0_1_banner.nasl - Type : ACT_GATHER_INFO |
| 2014-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-16.nasl - Type : ACT_GATHER_INFO |
| 2014-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2298-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-370.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-371.nasl - Type : ACT_GATHER_INFO |
| 2014-05-22 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : macosx_Safari7_0_4.nasl - Type : ACT_GATHER_INFO |
| 2014-05-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2920.nasl - Type : ACT_GATHER_INFO |
| 2014-05-01 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_7cf25a0cd03111e3947b00262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
| 2014-04-25 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_34_0_1847_131.nasl - Type : ACT_GATHER_INFO |
| 2014-04-25 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_34_0_1847_131.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-05-06 17:26:30 |
|
| 2014-05-06 13:25:49 |
|
| 2014-05-04 00:18:45 |
|
