CVE-2014-3168

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper caching associated with animation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
googlechrome
𝑥
≤ 37.0.2062.93
googlechrome
37.0.2062.0
googlechrome
37.0.2062.1
googlechrome
37.0.2062.2
googlechrome
37.0.2062.3
googlechrome
37.0.2062.4
googlechrome
37.0.2062.5
googlechrome
37.0.2062.6
googlechrome
37.0.2062.7
googlechrome
37.0.2062.8
googlechrome
37.0.2062.9
googlechrome
37.0.2062.10
googlechrome
37.0.2062.11
googlechrome
37.0.2062.12
googlechrome
37.0.2062.13
googlechrome
37.0.2062.14
googlechrome
37.0.2062.15
googlechrome
37.0.2062.16
googlechrome
37.0.2062.17
googlechrome
37.0.2062.18
googlechrome
37.0.2062.19
googlechrome
37.0.2062.20
googlechrome
37.0.2062.21
googlechrome
37.0.2062.22
googlechrome
37.0.2062.23
googlechrome
37.0.2062.24
googlechrome
37.0.2062.25
googlechrome
37.0.2062.26
googlechrome
37.0.2062.27
googlechrome
37.0.2062.28
googlechrome
37.0.2062.29
googlechrome
37.0.2062.30
googlechrome
37.0.2062.31
googlechrome
37.0.2062.32
googlechrome
37.0.2062.33
googlechrome
37.0.2062.34
googlechrome
37.0.2062.35
googlechrome
37.0.2062.36
googlechrome
37.0.2062.37
googlechrome
37.0.2062.39
googlechrome
37.0.2062.43
googlechrome
37.0.2062.44
googlechrome
37.0.2062.45
googlechrome
37.0.2062.46
googlechrome
37.0.2062.47
googlechrome
37.0.2062.48
googlechrome
37.0.2062.49
googlechrome
37.0.2062.50
googlechrome
37.0.2062.51
googlechrome
37.0.2062.52
googlechrome
37.0.2062.53
googlechrome
37.0.2062.54
googlechrome
37.0.2062.55
googlechrome
37.0.2062.56
googlechrome
37.0.2062.57
googlechrome
37.0.2062.58
googlechrome
37.0.2062.59
googlechrome
37.0.2062.60
googlechrome
37.0.2062.61
googlechrome
37.0.2062.62
googlechrome
37.0.2062.63
googlechrome
37.0.2062.64
googlechrome
37.0.2062.65
googlechrome
37.0.2062.66
googlechrome
37.0.2062.67
googlechrome
37.0.2062.68
googlechrome
37.0.2062.69
googlechrome
37.0.2062.70
googlechrome
37.0.2062.71
googlechrome
37.0.2062.72
googlechrome
37.0.2062.73
googlechrome
37.0.2062.74
googlechrome
37.0.2062.75
googlechrome
37.0.2062.76
googlechrome
37.0.2062.77
googlechrome
37.0.2062.78
googlechrome
37.0.2062.80
googlechrome
37.0.2062.81
googlechrome
37.0.2062.89
googlechrome
37.0.2062.90
googlechrome
37.0.2062.91
googlechrome
37.0.2062.92
debiandebian_linux
7.0
opensuseopensuse
12.3
opensuseopensuse
13.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
trusty
Fixed 37.0.2062.94-0ubuntu0.14.04.1~pkg1042
released
precise
Fixed 37.0.2062.94-0ubuntu0.12.04.1~pkg909
released
lucid
ignored
oxide-qt
trusty
Fixed 1.1.2-0ubuntu0.14.04.1
released
precise
dne
lucid
dne
References
http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html
http://secunia.com/advisories/60268
http://secunia.com/advisories/60424
http://secunia.com/advisories/61482
http://security.gentoo.org/glsa/glsa-201408-16.xml
http://www.debian.org/security/2014/dsa-3039
http://www.securityfocus.com/bid/69398
http://www.securitytracker.com/id/1030767
https://crbug.com/369860
https://exchange.xforce.ibmcloud.com/vulnerabilities/95468
https://src.chromium.org/viewvc/blink?revision=174338&view=revision
https://src.chromium.org/viewvc/blink?revision=174923&view=revision
http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html
http://secunia.com/advisories/60268
http://secunia.com/advisories/60424
http://secunia.com/advisories/61482
http://security.gentoo.org/glsa/glsa-201408-16.xml
http://www.debian.org/security/2014/dsa-3039
http://www.securityfocus.com/bid/69398
http://www.securitytracker.com/id/1030767
https://crbug.com/369860
https://exchange.xforce.ibmcloud.com/vulnerabilities/95468
https://src.chromium.org/viewvc/blink?revision=174338&view=revision
https://src.chromium.org/viewvc/blink?revision=174923&view=revision