CVE-2014-7906Use After Free in Google Chrome

CWE-399CWE-416Use After Free4 documents4 sources
Severity
7.5HIGHNVD
EPSS
1.2%
top 21.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedNov 19
Latest updateMay 17

Description

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDgoogle/chrome39.0.2171.45

🔴Vulnerability Details

1
GHSA
GHSA-rff6-5r42-5rpm: Use-after-free vulnerability in the Pepper plugins in Google Chrome before 392022-05-17

📋Vendor Advisories

1
Red Hat
chromium-browser: Use-after-free in pepper plugins2014-11-18

💬Community

1
Bugzilla
CVE-2014-7906 chromium-browser: Use-after-free in pepper plugins2014-11-19