CVE-2014-3177Code Injection in Google Chrome

CWE-94Code Injection6 documents3 sources
Severity
10.0CRITICALNVD
EPSS
7.3%
top 8.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedAug 27
Latest updateMay 17

Description

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDgoogle/chrome37.0.2062.93+81

🔴Vulnerability Details

4
GHSA
GHSA-2c22-7f4c-fw6q: Google Chrome before 372022-05-17
GHSA
GHSA-h5p3-xphh-6569: Google Chrome before 372022-05-17
OSV
CVE-2014-3176: Google Chrome before 372014-08-27
OSV
CVE-2014-3177: Google Chrome before 372014-08-27