CVE-2014-1746

CVSS V2 Medium 5 CVSS V3 None
Description
The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer.
Overview
  • CVE ID
  • CVE-2014-1746
  • Assigner
  • cve-coordination@google.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2014-05-21T11:14:09
  • Last Modified Date
  • 2017-12-29T02:29:19
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* 1 OR 35.0.1916.113
cpe:2.3:a:google:chrome:35.0.1916.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.32:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.33:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.34:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.35:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.36:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.37:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.38:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.39:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.40:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.41:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.42:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.43:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.44:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.45:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.46:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.47:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.48:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.49:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.51:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.52:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.54:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.56:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.57:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.59:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.61:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.68:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.69:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.71:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.72:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.74:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.77:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.80:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.82:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.84:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.85:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.86:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.88:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.90:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.92:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.93:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.95:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.96:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.98:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.99:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.101:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.103:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.104:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.105:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.106:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.107:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.108:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.109:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.110:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.111:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:35.0.1916.112:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:N/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
History
Created Old Value New Value Data Type Notes
2022-05-10 18:54:04 Added to TrackCVE
2022-12-01 23:11:13 security@google.com cve-coordination@google.com CVE Assigner updated
2022-12-01 23:11:13 2014-05-21T11:14Z 2014-05-21T11:14:09 CVE Published Date updated
2022-12-01 23:11:13 2017-12-29T02:29:19 CVE Modified Date updated
2022-12-01 23:11:13 Modified Vulnerability Status updated