CVE-2014-1705Out-of-bounds Write in Google Chrome

CWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources
Severity
7.5HIGHNVD
EPSS
3.0%
top 13.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Google ChromeDebian LinuxOpensuse
Timeline
PublishedMar 16
Latest updateMay 14

Description

Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDgoogle/chrome< 33.0.1750.152+1
NVDopensuse/opensuse12.3, 13.1+1

Also affects: Debian Linux 7.0, 8.0

🔴Vulnerability Details

3
GHSA
GHSA-vcfv-fw3h-7g9v: Google V8, as used in Google Chrome before 332022-05-14
Project0
Attacking ECMAScript Engines with Redefinition - Project Zero2015-08-01
OSV
CVE-2014-1705: Google V8, as used in Google Chrome before 332014-03-16

📋Vendor Advisories

1
Red Hat
v8: ArrayBuffer memory corruption fixed in Chrome 33.0.1750.1522014-03-14

💬Community

3
Bugzilla
CVE-2014-1705 v8: memory corruption vulnerability fixed in Google Chrome version 33.0.1750.152 [epel-6]2014-03-17
Bugzilla
CVE-2014-1705 v8: ArrayBuffer memory corruption fixed in Chrome 33.0.1750.1522014-03-17
Bugzilla
CVE-2014-1705 v8: memory corruption vulnerability fixed in Google Chrome version 33.0.1750.152 [fedora-all]2014-03-17