Computer Security
[EN] securityvulns.ru no-pyccku


Google Chrome / Chromium multiple security vulnerabilities
Published:17.06.2014
Source:
SecurityVulns ID:13842
Type:client
Threat Level:
8/10
Description:Memory corruptions, buffer overflows.
Affected:GOOGLE : Chrome 35
CVE:CVE-2014-3157 (Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library.)
 CVE-2014-3156 (Buffer overflow in the clipboard implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unexpected bitmap data, related to content/renderer/renderer_clipboard_client.cc and content/renderer/webclipboard_impl.cc.)
 CVE-2014-3155 (net/spdy/spdy_write_queue.cc in the SPDY implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging incorrect queue maintenance.)
 CVE-2014-3154 (Use-after-free vulnerability in the ChildThread::Shutdown function in content/child/child_thread.cc in the filesystem API in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a Blink shutdown.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2959-1] chromium-browser security update (17.06.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod