CVE-2014-1740
https://notcve.org/view.php?id=CVE-2014-1740
Multiple use-after-free vulnerabilities in net/websockets/websocket_job.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob deletion. Múltiples vulnerabilidades de uso después de liberación en net/websockets/websocket_job.cc en la implementación WebSockets en Google Chrome anterior a 34.0.1847.137 permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados con la eliminación de WebSocketJob. • http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html http://secunia.com/advisories/59155 http://secunia.com/advisories/60372 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2930 http://www.securityfocus.com/bid/67374 http://www.securitytracker.com/id/1030240 https://code.google.com/p/chromium/issues/detail?id=358038 https://src.chromium.org/viewvc • CWE-399: Resource Management Errors •
CVE-2014-1736 – Google Chrome ImageData Signedness Error Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1736
Integer overflow in api.cc in Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value. Desbordamiento de enteros en api.cc en Google V8, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anteriores 34.0.1847.132 en Linux, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un valor de longitud grande. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ImageData objects. In certain conditions, an attacker would be able to read and write pixel data. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html http://secunia.com/advisories/58301 http://www.debian.org/security/2014/dsa-2920 https://code.google.com/p/chromium/issues/detail?id=359802 https://code.google.com/p/v8/source/detail?r=20519 https://code.google.com/p/v8/source/detail?r=20525 • CWE-190: Integer Overflow or Wraparound •
CVE-2014-1734
https://notcve.org/view.php?id=CVE-2014-1734
Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html http://secunia.com/advisories/58301 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2920 https://code.google.com/p/chromium/issues/detail?id=356181 https://code.google.com/p/chromium/issues/detail?id=357382 https://code.google.com •
CVE-2014-1731
https://notcve.org/view.php?id=CVE-2014-1731
core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements. core/html/HTMLSelectElement.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux, no comprueba debidamente el estado renderer en un evento focus, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que aprovechan "confusión de tipo" para elementos SELECT. • http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html http://secunia.com/advisories/58301 http://secunia.com/advisories/60372 http://security.g • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2014-1735
https://notcve.org/view.php?id=CVE-2014-1735
Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 anterior a 3.24.35.33, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux, permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html http://secunia.com/advisories/58301 http://secunia.com/advisories/60372 http://security.gentoo.org/glsa/glsa-201408-16.xml http://www.debian.org/security/2014/dsa-2920 https://code.google.com/p/chromium/issues/detail?id=359130 https://code.google.com/p/chromium/issues/detail •