CVE-2014-7906

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
googlechrome
𝑥
≤ 39.0.2171.45
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
kinetic
not-affected
jammy
not-affected
impish
not-affected
focal
not-affected
bionic
not-affected
xenial
ignored
trusty
dne
Common Weakness Enumeration
References
http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
http://rhn.redhat.com/errata/RHSA-2014-1894.html
http://secunia.com/advisories/60194
http://www.securityfocus.com/bid/71159
http://www.securitytracker.com/id/1031241
https://chromium.googlesource.com/chromium/src/+/3a2cf7d1376ae33054b878232fb38b8fbed29e31
https://code.google.com/p/chromium/issues/detail?id=423030
https://exchange.xforce.ibmcloud.com/vulnerabilities/98794
http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
http://rhn.redhat.com/errata/RHSA-2014-1894.html
http://secunia.com/advisories/60194
http://www.securityfocus.com/bid/71159
http://www.securitytracker.com/id/1031241
https://chromium.googlesource.com/chromium/src/+/3a2cf7d1376ae33054b878232fb38b8fbed29e31
https://code.google.com/p/chromium/issues/detail?id=423030
https://exchange.xforce.ibmcloud.com/vulnerabilities/98794