CVE-2014-1745

Опубликовано: 21 мая 2014

Источник: nvd

CVSS3: 7.1

CVSS2: 7.5

EPSS Низкий

Описание

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 35.0.1916.113 (включая)

cpe:2.3:a:google:chrome:35.0.1916.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.3:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.4:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.5:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.6:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.7:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.9:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.10:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.11:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.13:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.14:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.15:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.17:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.18:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.19:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.20:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.21:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.22:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.23:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.32:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.34:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.35:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.36:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.39:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.40:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.41:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.42:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.43:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.44:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.45:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.46:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.47:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.48:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.49:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.51:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.52:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.54:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.56:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.57:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.59:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.61:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.68:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.69:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.71:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.72:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.74:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.77:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.80:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.82:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.84:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.85:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.86:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.88:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.90:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.92:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.93:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.95:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.96:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.98:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.99:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.101:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.103:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.104:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.105:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.106:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.107:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.108:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.109:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.110:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.111:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.112:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00937

Низкий

7.1 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-399

Связанные уязвимости

CVE-2014-1745

CVSS3: 7.1

ubuntu

около 11 лет назад

CVE-2014-1745

CVSS3: 7.1

redhat

больше 1 года назад

CVE-2014-1745

CVSS3: 7.1

debian

около 11 лет назад

Use-after-free vulnerability in the SVG implementation in Blink, as us ...

GHSA-pr96-m2pj-3g36

CVSS3: 7.1

github

около 3 лет назад

BDU:2014-00330

fstec

около 11 лет назад

Уязвимость браузера Google Chrome, позволяющая злоумышленнику выполнить произвольный код или вызвать отказ в обслуживании

EPSS

Процентиль: 75%

0.00937

Низкий

7.1 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-399