| Vulnerability Name: | CVE-2014-1713 (CCN-91811) | ||||||||||||||||||||||||||||
| Assigned: | 2014-03-14 | ||||||||||||||||||||||||||||
| Published: | 2014-03-14 | ||||||||||||||||||||||||||||
| Updated: | 2022-11-10 | ||||||||||||||||||||||||||||
| Summary: | Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value. | ||||||||||||||||||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-416 | ||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||
| References: | Source: BUGTRAQ Type: Broken Link 20140326 VUPEN Security Research - Google Chrome Blink "locationAttributeSetter" Use-after-free (Pwn2Own) Source: APPLE Type: Broken Link APPLE-SA-2014-04-01-1 Source: APPLE Type: Broken Link APPLE-SA-2014-04-22-3 Source: APPLE Type: Broken Link APPLE-SA-2014-04-22-2 Source: MITRE Type: CNA CVE-2014-1713 Source: CCN Type: Google Chrome Releases Web site Stable Channel Update Source: CONFIRM Type: Release Notes, Vendor Advisory http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html Source: CONFIRM Type: Release Notes, Vendor Advisory http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html Source: SUSE Type: Broken Link openSUSE-SU-2014:0501 Source: CCN Type: SA57439 Google Chrome Blink Bindings Use-After-Free and V8 Memory Corruption Vulnerabilities Source: CCN Type: SA57440 Google Chrome for Android Multiple Vulnerabilities Source: CCN Type: SA58140 Apple iOS Multiple Vulnerabilities Source: CCN Type: SA58142 Apple TV Multiple Vulnerabilities Source: GENTOO Type: Third Party Advisory GLSA-201408-16 Source: CCN Type: Apple Web site About the security content of iOS 7.1.1 Source: DEBIAN Type: Third Party Advisory DSA-2883 Source: CCN Type: BID-66243 WebKit Use-After-Free Remote Code Execution Vulnerability Source: CONFIRM Type: Exploit, Issue Tracking, Mailing List, Vendor Advisory https://code.google.com/p/chromium/issues/detail?id=352374 Source: XF Type: UNKNOWN google-chrome-cve20141713-code-exec(91811) Source: CONFIRM Type: Mailing List, Vendor Advisory https://src.chromium.org/viewvc/blink?revision=169176&view=revision Source: CONFIRM Type: Third Party Advisory https://support.apple.com/kb/HT6537 Source: CCN Type: WhiteSource Vulnerability Database CVE-2014-1713 Source: CCN Type: ZDI-14-086 (Pwn2Own) Google Chrome Blink Use-After-Free Remote Code Execution Vulnerability | ||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||