Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-3192

Опубликовано: 07 окт. 2014
Источник: redhat
CVSS2: 6.8

Описание

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Отчет

This issue affects the versions of webkitgtk and webkitgtk3 as shipped with Red Hat Enterprise Linux 6 and 7 respectively. Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6webkitgtkWill not fix
Red Hat Enterprise Linux 7webkitgtk3Will not fix
Supplementary for Red Hat Enterprise Linux 6chromium-browserFixedRHSA-2014:162614.10.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1151395chromium: use-after-free in DOM, fixed in Chrome 38.0.2125.101

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-3192

ubuntu
почти 11 лет назад

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

nvd логотип

CVE-2014-3192

nvd
почти 11 лет назад

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

debian логотип

CVE-2014-3192

debian
почти 11 лет назад

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyle ...

github логотип

GHSA-xxfg-fm6v-83pq

github
около 3 лет назад

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

6.8 Medium

CVSS2