CVSS: 6.8EPSS: 0%CPEs: 55EXPL: 0CVE-2014-3187
https://notcve.org/view.php?id=CVE-2014-3187
Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of (1) facetime:// and (2) facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site. Google Chrome anterior a 37.0.2062.60 y 38.x anterior a 38.0.2125.59 en iOS no restringe debidamente el procesamiento de las URLs (1) facetime:// y (2) facetime-audio://, lo que permite a atacantes remotos obtener datos de vídeo y audio de un dispositivo a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2014/10/chrome-for-ios-update.html http://twitter.com/S9Labs/statuses/519576582742999043 https://code.google.com/p/chromium/issues/detail?id=413831 https://medium.com/section-9-lab/abusing-ios-url-handlers-on-messages-96979e8b12f5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 4%CPEs: 6EXPL: 0CVE-2014-3188 – v8: IPC and v8 issue fixed in Google Chrome 38.0.2125.101
https://notcve.org/view.php?id=CVE-2014-3188
Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h. Google Chrome anterior a 38.0.2125.101 y Chrome OS anterior a 38.0.2125.101 no manejan debidamente la interacción de IPC y Google V8, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores que involucran datos JSON, realcionado con el análisis sintáctico indebido de un indice escapado por ParseJsonObject en json-parser.h. • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update-for-chrome-os.html http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2014-1626.html https://code.google.com/p/v8/source/detail?r=24125 https://crbug.com/416449 https://access.redhat.com/security/cve/CVE-2014-3188 https://bugzilla.redhat.com/show_bug.cgi?id=1150848 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2014-3198 – chromium: OOB reads in PDFium fixed in Chrome 38.0.2125.101
https://notcve.org/view.php?id=CVE-2014-3198
The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. La función Instance::HandleInputEvent en pdf/instance.cc en el componente PDFium en Google Chrome anterior a 38.0.2125.101 interpreta cierto valor -1 como un indice en lugar de un código de error de página no visible, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2014-1626.html http://www.securityfocus.com/bid/70273 https://codereview.chromium.org/560133004 https://crbug.com/415307 https://access.redhat.com/security/cve/CVE-2014-3198 https://bugzilla.redhat.com/show_bug.cgi?id=1151368 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2014-3199 – chromium: multiple security fixes in Chrome 38.0.2125.101
https://notcve.org/view.php?id=CVE-2014-3199
The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 38.0.2125.101, has an erroneous fallback outcome for wrapper-selection failures, which allows remote attackers to cause a denial of service via vectors that trigger stopping a worker process that had been handling an Event object. La función wrap en bindings/core/v8/custom/V8EventCustom.cpp en los enlaces V8 en Blink, utilizado en Google Chrome anterior a 38.0.2125.101, tiene un resultado de reserva erróneo para fallos en la selección de envoltorios, lo que permite a atacantes remotos causar una denegación de servicio a través de vectores que provocan el parado de un proceso de trabajador que había estado manejando un objeto Event. • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2014-1626.html http://www.securityfocus.com/bid/70273 https://crbug.com/395411 https://src.chromium.org/viewvc/blink?revision=179340&view=revision https://access.redhat.com/security/cve/CVE-2014-3199 https://bugzilla.redhat.com/show_bug.cgi?id=1151381 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2014-3200 – chromium: multiple unspecified issues fixed in Chrome 38.0.2125.101
https://notcve.org/view.php?id=CVE-2014-3200
Multiple unspecified vulnerabilities in Google Chrome before 38.0.2125.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificados en Google Chrome anterior a 38.0.2125.101 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2014-1626.html http://www.securityfocus.com/bid/70273 https://code.google.com/p/chromium/issues/detail?id=348333 https://code.google.com/p/chromium/issues/detail?id=355438 https://code.google.com/p/chromium/issues/detail?id=360433 https://code.google.com/p/chromium/issues/detail?id=365141 https://code.google.com/p/chromium/issues/detail? •