CVE-2014-3198
chromium: OOB reads in PDFium fixed in Chrome 38.0.2125.101
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
La función Instance::HandleInputEvent en pdf/instance.cc en el componente PDFium en Google Chrome anterior a 38.0.2125.101 interpreta cierto valor -1 como un indice en lugar de un código de error de página no visible, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados.
Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. Several information leak flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to disclose potentially sensitive information.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-05-03 CVE Reserved
- 2014-10-08 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-125: Out-of-bounds Read
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html | X_refsource_confirm | |
| http://www.securityfocus.com/bid/70273 | Vdb Entry | |
| https://codereview.chromium.org/560133004 | X_refsource_confirm | |
| https://crbug.com/415307 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2014-1626.html | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2014-3198 | 2014-10-14 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1151368 | 2014-10-14 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | <= 38.0.2125.7 Search vendor "Google" for product "Chrome" and version " <= 38.0.2125.7" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Supplementary Search vendor "Redhat" for product "Enterprise Linux Desktop Supplementary" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop Supplementary" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Supplementary Search vendor "Redhat" for product "Enterprise Linux Server Supplementary" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Server Supplementary" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Supplementary Eus Search vendor "Redhat" for product "Enterprise Linux Server Supplementary Eus" | 6.6.z Search vendor "Redhat" for product "Enterprise Linux Server Supplementary Eus" and version "6.6.z" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Supplementary Search vendor "Redhat" for product "Enterprise Linux Workstation Supplementary" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation Supplementary" and version "6.0" | - |
Affected
| ||||||