CVE-2014-3178

Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.2062.120, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of render-tree inconsistencies.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
googlechrome
37.0.2062.0
googlechrome
37.0.2062.1
googlechrome
37.0.2062.2
googlechrome
37.0.2062.3
googlechrome
37.0.2062.4
googlechrome
37.0.2062.5
googlechrome
37.0.2062.6
googlechrome
37.0.2062.7
googlechrome
37.0.2062.8
googlechrome
37.0.2062.9
googlechrome
37.0.2062.10
googlechrome
37.0.2062.11
googlechrome
37.0.2062.12
googlechrome
37.0.2062.13
googlechrome
37.0.2062.14
googlechrome
37.0.2062.15
googlechrome
37.0.2062.16
googlechrome
37.0.2062.17
googlechrome
37.0.2062.18
googlechrome
37.0.2062.19
googlechrome
37.0.2062.20
googlechrome
37.0.2062.21
googlechrome
37.0.2062.22
googlechrome
37.0.2062.23
googlechrome
37.0.2062.24
googlechrome
37.0.2062.25
googlechrome
37.0.2062.26
googlechrome
37.0.2062.27
googlechrome
37.0.2062.28
googlechrome
37.0.2062.29
googlechrome
37.0.2062.30
googlechrome
37.0.2062.31
googlechrome
37.0.2062.32
googlechrome
37.0.2062.33
googlechrome
37.0.2062.34
googlechrome
37.0.2062.35
googlechrome
37.0.2062.36
googlechrome
37.0.2062.37
googlechrome
37.0.2062.39
googlechrome
37.0.2062.43
googlechrome
37.0.2062.44
googlechrome
37.0.2062.45
googlechrome
37.0.2062.46
googlechrome
37.0.2062.47
googlechrome
37.0.2062.48
googlechrome
37.0.2062.49
googlechrome
37.0.2062.50
googlechrome
37.0.2062.51
googlechrome
37.0.2062.52
googlechrome
37.0.2062.53
googlechrome
37.0.2062.54
googlechrome
37.0.2062.55
googlechrome
37.0.2062.56
googlechrome
37.0.2062.57
googlechrome
37.0.2062.58
googlechrome
37.0.2062.59
googlechrome
37.0.2062.60
googlechrome
37.0.2062.61
googlechrome
37.0.2062.62
googlechrome
37.0.2062.63
googlechrome
37.0.2062.64
googlechrome
37.0.2062.65
googlechrome
37.0.2062.66
googlechrome
37.0.2062.67
googlechrome
37.0.2062.68
googlechrome
37.0.2062.69
googlechrome
37.0.2062.70
googlechrome
37.0.2062.71
googlechrome
37.0.2062.72
googlechrome
37.0.2062.73
googlechrome
37.0.2062.74
googlechrome
37.0.2062.75
googlechrome
37.0.2062.76
googlechrome
37.0.2062.77
googlechrome
37.0.2062.78
googlechrome
37.0.2062.80
googlechrome
37.0.2062.81
googlechrome
37.0.2062.89
googlechrome
37.0.2062.90
googlechrome
37.0.2062.91
googlechrome
37.0.2062.92
googlechrome
37.0.2062.93
googlechrome
37.0.2062.94
googlechrome
37.0.2062.95
googlechrome
37.0.2062.96
googlechrome
37.0.2062.97
googlechrome
37.0.2062.99
googlechrome
37.0.2062.100
googlechrome
37.0.2062.113
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
utopic
Fixed 38.0.2125.111-0ubuntu0.14.10.1.1103
released
trusty
Fixed 37.0.2062.120-0ubuntu0.14.04.1~pkg1049
released
precise
Fixed 37.0.2062.120-0ubuntu0.12.04.1~pkg917
released
lucid
ignored
oxide-qt
utopic
Fixed 1.2.0-0ubuntu1
released
trusty
Fixed 1.2.5-0ubuntu0.14.04.1
released
precise
dne
lucid
dne
References
http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_9.html
http://secunia.com/advisories/61446
http://security.gentoo.org/glsa/glsa-201409-06.xml
http://www.debian.org/security/2014/dsa-3039
http://www.securityfocus.com/bid/69709
https://crbug.com/401362
https://exchange.xforce.ibmcloud.com/vulnerabilities/95815
https://src.chromium.org/viewvc/blink?revision=180539&view=revision
http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_9.html
http://secunia.com/advisories/61446
http://security.gentoo.org/glsa/glsa-201409-06.xml
http://www.debian.org/security/2014/dsa-3039
http://www.securityfocus.com/bid/69709
https://crbug.com/401362
https://exchange.xforce.ibmcloud.com/vulnerabilities/95815
https://src.chromium.org/viewvc/blink?revision=180539&view=revision