Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-7941

Опубликовано: 22 янв. 2015
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:chromium:chromium:40.0.2214.110:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.6.z:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Версия до 40.0.2214.85 (включая)
Конфигурация 4

Одно из

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

EPSS

Процентиль: 84%
0.02253
Низкий

5 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2014-7941

ubuntu
около 11 лет назад

The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data.

redhat логотип

CVE-2014-7941

redhat
около 11 лет назад

The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data.

debian логотип

CVE-2014-7941

debian
около 11 лет назад

The SelectionOwner::ProcessTarget function in ui/base/x/selection_owne ...

github логотип

GHSA-6877-256j-g6q4

github
больше 3 лет назад

The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data.

EPSS

Процентиль: 84%
0.02253
Низкий

5 Medium

CVSS2

Дефекты

CWE-119