CVE-2014-1745

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
googlechrome
𝑥
≤ 35.0.1916.113
googlechrome
35.0.1916.0
googlechrome
35.0.1916.1
googlechrome
35.0.1916.2
googlechrome
35.0.1916.3
googlechrome
35.0.1916.4
googlechrome
35.0.1916.5
googlechrome
35.0.1916.6
googlechrome
35.0.1916.7
googlechrome
35.0.1916.8
googlechrome
35.0.1916.9
googlechrome
35.0.1916.10
googlechrome
35.0.1916.11
googlechrome
35.0.1916.13
googlechrome
35.0.1916.14
googlechrome
35.0.1916.15
googlechrome
35.0.1916.17
googlechrome
35.0.1916.18
googlechrome
35.0.1916.19
googlechrome
35.0.1916.20
googlechrome
35.0.1916.21
googlechrome
35.0.1916.22
googlechrome
35.0.1916.23
googlechrome
35.0.1916.27
googlechrome
35.0.1916.31
googlechrome
35.0.1916.32
googlechrome
35.0.1916.33
googlechrome
35.0.1916.34
googlechrome
35.0.1916.35
googlechrome
35.0.1916.36
googlechrome
35.0.1916.37
googlechrome
35.0.1916.38
googlechrome
35.0.1916.39
googlechrome
35.0.1916.40
googlechrome
35.0.1916.41
googlechrome
35.0.1916.42
googlechrome
35.0.1916.43
googlechrome
35.0.1916.44
googlechrome
35.0.1916.45
googlechrome
35.0.1916.46
googlechrome
35.0.1916.47
googlechrome
35.0.1916.48
googlechrome
35.0.1916.49
googlechrome
35.0.1916.51
googlechrome
35.0.1916.52
googlechrome
35.0.1916.54
googlechrome
35.0.1916.56
googlechrome
35.0.1916.57
googlechrome
35.0.1916.59
googlechrome
35.0.1916.61
googlechrome
35.0.1916.68
googlechrome
35.0.1916.69
googlechrome
35.0.1916.71
googlechrome
35.0.1916.72
googlechrome
35.0.1916.74
googlechrome
35.0.1916.77
googlechrome
35.0.1916.80
googlechrome
35.0.1916.82
googlechrome
35.0.1916.84
googlechrome
35.0.1916.85
googlechrome
35.0.1916.86
googlechrome
35.0.1916.88
googlechrome
35.0.1916.90
googlechrome
35.0.1916.92
googlechrome
35.0.1916.93
googlechrome
35.0.1916.95
googlechrome
35.0.1916.96
googlechrome
35.0.1916.98
googlechrome
35.0.1916.99
googlechrome
35.0.1916.101
googlechrome
35.0.1916.103
googlechrome
35.0.1916.104
googlechrome
35.0.1916.105
googlechrome
35.0.1916.106
googlechrome
35.0.1916.107
googlechrome
35.0.1916.108
googlechrome
35.0.1916.109
googlechrome
35.0.1916.110
googlechrome
35.0.1916.111
googlechrome
35.0.1916.112
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
webkit2gtk
bullseye
2.44.2-1~deb11u1
ignored
bookworm
2.44.2-1~deb12u1
ignored
bullseye (security)
2.44.3-1~deb11u1
fixed
bookworm (security)
2.46.0-2~deb12u1
fixed
trixie
2.46.2-1
fixed
sid
2.46.3-1
fixed
wpewebkit
bullseye (security)
vulnerable
bullseye
ignored
bookworm
ignored
sid
2.46.3-1
fixed
trixie
2.46.3-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
trusty
Fixed 36.0.1985.125-0ubuntu1.14.04.0~pkg1029
released
saucy
ignored
precise
Fixed 36.0.1985.125-0ubuntu1.12.04.0~pkg897
released
lucid
ignored
oxide-qt
trusty
dne
saucy
dne
precise
dne
lucid
dne
Common Weakness Enumeration
References
http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html
http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html
http://secunia.com/advisories/58920
http://secunia.com/advisories/59155
http://security.gentoo.org/glsa/glsa-201408-16.xml
http://www.debian.org/security/2014/dsa-2939
http://www.openwall.com/lists/oss-security/2024/02/05/8
http://www.securitytracker.com/id/1030270
https://code.google.com/p/chromium/issues/detail?id=346192
https://src.chromium.org/viewvc/blink?revision=167993&view=revision
http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html
http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html
http://secunia.com/advisories/58920
http://secunia.com/advisories/59155
http://security.gentoo.org/glsa/glsa-201408-16.xml
http://www.debian.org/security/2014/dsa-2939
http://www.openwall.com/lists/oss-security/2024/02/05/8
http://www.securitytracker.com/id/1030270
https://code.google.com/p/chromium/issues/detail?id=346192
https://src.chromium.org/viewvc/blink?revision=167993&view=revision