CVE-2014-1730Type Confusion in Google Chrome

CWE-843Type Confusion7 documents6 sources
Severity
7.8HIGHNVD
EPSS
0.9%
top 23.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedApr 26
Latest updateMay 17

Description

Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc.

CVSS vector

AV:N/AC:L/C:C/I:N/A:NExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDgoogle/chrome< 34.0.1847.131+1

🔴Vulnerability Details

3
GHSA
GHSA-78jq-7m93-2fvg: Google V8, as used in Google Chrome before 342022-05-17
OSV
oxide-qt vulnerabilities2014-07-23
OSV
CVE-2014-1730: Google V8, as used in Google Chrome before 342014-04-26

📋Vendor Advisories

2
Ubuntu
Oxide vulnerabilities2014-07-23
Red Hat
v8: type confusion issue fixed in Google Chrome 34.0.1847.1312014-04-01

💬Community

1
Bugzilla
CVE-2014-1730 v8: type confusion issue fixed in Google Chrome 34.0.1847.1312014-04-28