CVE-2014-1742

Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
googlechrome
𝑥
≤ 34.0.1847.136
googlechrome
34.0.1847.0
googlechrome
34.0.1847.1
googlechrome
34.0.1847.2
googlechrome
34.0.1847.3
googlechrome
34.0.1847.4
googlechrome
34.0.1847.5
googlechrome
34.0.1847.6
googlechrome
34.0.1847.7
googlechrome
34.0.1847.8
googlechrome
34.0.1847.9
googlechrome
34.0.1847.10
googlechrome
34.0.1847.12
googlechrome
34.0.1847.14
googlechrome
34.0.1847.15
googlechrome
34.0.1847.23
googlechrome
34.0.1847.24
googlechrome
34.0.1847.25
googlechrome
34.0.1847.36
googlechrome
34.0.1847.37
googlechrome
34.0.1847.38
googlechrome
34.0.1847.39
googlechrome
34.0.1847.41
googlechrome
34.0.1847.42
googlechrome
34.0.1847.43
googlechrome
34.0.1847.44
googlechrome
34.0.1847.45
googlechrome
34.0.1847.46
googlechrome
34.0.1847.47
googlechrome
34.0.1847.48
googlechrome
34.0.1847.49
googlechrome
34.0.1847.50
googlechrome
34.0.1847.51
googlechrome
34.0.1847.52
googlechrome
34.0.1847.53
googlechrome
34.0.1847.54
googlechrome
34.0.1847.55
googlechrome
34.0.1847.56
googlechrome
34.0.1847.57
googlechrome
34.0.1847.58
googlechrome
34.0.1847.59
googlechrome
34.0.1847.60
googlechrome
34.0.1847.61
googlechrome
34.0.1847.62
googlechrome
34.0.1847.63
googlechrome
34.0.1847.64
googlechrome
34.0.1847.65
googlechrome
34.0.1847.66
googlechrome
34.0.1847.67
googlechrome
34.0.1847.68
googlechrome
34.0.1847.69
googlechrome
34.0.1847.71
googlechrome
34.0.1847.72
googlechrome
34.0.1847.73
googlechrome
34.0.1847.74
googlechrome
34.0.1847.75
googlechrome
34.0.1847.76
googlechrome
34.0.1847.77
googlechrome
34.0.1847.78
googlechrome
34.0.1847.79
googlechrome
34.0.1847.80
googlechrome
34.0.1847.81
googlechrome
34.0.1847.82
googlechrome
34.0.1847.83
googlechrome
34.0.1847.85
googlechrome
34.0.1847.86
googlechrome
34.0.1847.87
googlechrome
34.0.1847.91
googlechrome
34.0.1847.92
googlechrome
34.0.1847.94
googlechrome
34.0.1847.97
googlechrome
34.0.1847.98
googlechrome
34.0.1847.99
googlechrome
34.0.1847.100
googlechrome
34.0.1847.101
googlechrome
34.0.1847.102
googlechrome
34.0.1847.103
googlechrome
34.0.1847.104
googlechrome
34.0.1847.109
googlechrome
34.0.1847.111
googlechrome
34.0.1847.112
googlechrome
34.0.1847.113
googlechrome
34.0.1847.114
googlechrome
34.0.1847.115
googlechrome
34.0.1847.116
googlechrome
34.0.1847.118
googlechrome
34.0.1847.120
googlechrome
34.0.1847.130
googlechrome
34.0.1847.131
googlechrome
34.0.1847.132
googlechrome
34.0.1847.133
googlechrome
34.0.1847.134
googlechrome
34.0.1847.135
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
trusty
Fixed 36.0.1985.125-0ubuntu1.14.04.0~pkg1029
released
saucy
ignored
quantal
ignored
precise
Fixed 36.0.1985.125-0ubuntu1.12.04.0~pkg897
released
lucid
ignored
oxide-qt
trusty
Fixed 1.0.4-0ubuntu0.14.04.1
released
saucy
dne
quantal
dne
precise
dne
lucid
dne
Common Weakness Enumeration
References
http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html
http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html
http://secunia.com/advisories/59155
http://secunia.com/advisories/60372
http://security.gentoo.org/glsa/glsa-201408-16.xml
http://www.debian.org/security/2014/dsa-2930
http://www.securityfocus.com/bid/67375
http://www.securitytracker.com/id/1030240
https://code.google.com/p/chromium/issues/detail?id=356690
https://src.chromium.org/viewvc/blink?revision=171440&view=revision
http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html
http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html
http://secunia.com/advisories/59155
http://secunia.com/advisories/60372
http://security.gentoo.org/glsa/glsa-201408-16.xml
http://www.debian.org/security/2014/dsa-2930
http://www.securityfocus.com/bid/67375
http://www.securitytracker.com/id/1030240
https://code.google.com/p/chromium/issues/detail?id=356690
https://src.chromium.org/viewvc/blink?revision=171440&view=revision