Oval Definition:oval:org.opensuse.security:def:20141701
Revision Date:2022-06-30Version:1
Title:CVE-2014-1701
Description:

The GenerateFunction function in bindings/scripts/code_generator_v8.pm in Blink, as used in Google Chrome before 33.0.1750.149, does not implement a certain cross-origin restriction for the EventTarget::dispatchEvent function, which allows remote attackers to conduct Universal XSS (UXSS) attacks via vectors involving events.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-1701
Mitre CVE-2014-1701
SUSE CVE-2014-1701
openSUSE-SU-2014:0501-1
Platform(s):openSUSE 12.3 Update
openSUSE 13.1
openSUSE Leap 15.0
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE 13.1 is installed
  • AND Package Information
  • chromedriver-33.0.1750.152-25.2 is installed
  • OR chromium-33.0.1750.152-25.2 is installed
  • OR chromium-desktop-gnome-33.0.1750.152-25.2 is installed
  • OR chromium-desktop-kde-33.0.1750.152-25.2 is installed
  • OR chromium-ffmpegsumo-33.0.1750.152-25.2 is installed
  • OR chromium-suid-helper-33.0.1750.152-25.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • chromium-66.0.3359.170-lp150.1 is installed
  • AND chromium is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • chromedriver-55.0.2883.75-3.1 is installed
  • OR chromium-55.0.2883.75-3.1 is installed
    • BACK