[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-1730Date: (C)2014-04-27   (M)2023-12-22


Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.8
Exploit Score: 10.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: NONE
Availability: NONE
  
Reference:
SECUNIA-58301
SECUNIA-60372
DSA-2920
GLSA-201408-16
IAVM:2014-B-0049
http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
https://code.google.com/p/chromium/issues/detail?id=354967
https://code.google.com/p/v8/source/detail?r=20375
https://code.google.com/p/v8/source/detail?r=20377
https://code.google.com/p/v8/source/detail?r=20388
https://code.google.com/p/v8/source/detail?r=20593
https://code.google.com/p/v8/source/detail?r=20595
openSUSE-SU-2014:0668
openSUSE-SU-2014:0669

CPE    2
cpe:/a:google:chrome:34.0.1847.130
cpe:/a:google:chrome:34.0.1847.131
CWE    1
CWE-264
OVAL    11
oval:org.secpod.oval:def:17501
oval:org.secpod.oval:def:17514
oval:org.secpod.oval:def:17508
oval:org.secpod.oval:def:17507
...

© SecPod Technologies