Google Chrome vulnerabilities

CVE-2014-3191 [HIGH] CWE-416 CVE-2014-3191: Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree, related to the FrameView::updateLayoutAndStyleForPainting fu

CVE-2014-3193 [HIGH] CWE-416 CVE-2014-3193: The SessionService::GetLastSession function in browser/sessions/session_service.cc in Google Chrome The SessionService::GetLastSession function in browser/sessions/session_service.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing.

CVE-2014-3196 [HIGH] CWE-264 CVE-2014-3196: base/memory/shared_memory_win.cc in Google Chrome before 38.0.2125.101 on Windows does not properly base/memory/shared_memory_win.cc in Google Chrome before 38.0.2125.101 on Windows does not properly implement read-only restrictions on shared memory, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors.

CVE-2014-7967 [HIGH] CVE-2014-7967: Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, as used in Google Chrome before Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, as used in Google Chrome before 38.0.2125.101, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVE-2014-3200 [HIGH] CVE-2014-3200: Multiple unspecified vulnerabilities in Google Chrome before 38.0.2125.101 allow attackers to cause Multiple unspecified vulnerabilities in Google Chrome before 38.0.2125.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVE-2014-3192 [HIGH] CWE-416 CVE-2014-3192: Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/Pro Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2014-3197 [MEDIUM] CWE-264 CVE-2014-3197: The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a crafted web site.

CVE-2014-3199 [MEDIUM] CWE-399 CVE-2014-3199: The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8 bindings in Blink, as used The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 38.0.2125.101, has an erroneous fallback outcome for wrapper-selection failures, which allows remote attackers to cause a denial of service via vectors that trigger stopping a worker process that had been handling an Event object.

CVE-2014-3187 [MEDIUM] CWE-79 CVE-2014-3187: Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict pro Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of (1) facetime:// and (2) facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site.

CVE-2014-3198 [MEDIUM] CWE-119 CVE-2014-3198: The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2014-3195 [MEDIUM] CWE-399 CVE-2014-3195: Google V8, as used in Google Chrome before 38.0.2125.101, does not properly track JavaScript heap-me Google V8, as used in Google Chrome before 38.0.2125.101, does not properly track JavaScript heap-memory allocations as allocations of uninitialized memory and does not properly concatenate arrays of double-precision floating-point numbers, which allows remote attackers to obtain sensitive information via crafted JavaScript code, related to the PagedS

CVE-2014-1568 [HIGH] CWE-310 CVE-2014-1568: Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.1 Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X

CVE-2014-3178 [HIGH] CVE-2014-3178: Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.206 Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.2062.120, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of render-tree inconsistencies.

CVE-2014-3179 [HIGH] CVE-2014-3179: Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.120 allow attackers to cause Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.120 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVE-2014-3176 [CRITICAL] CWE-94 CVE-2014-3176: Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the s Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177.

CVE-2014-3177 [CRITICAL] CVE-2014-3177: Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the s Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176.

CVE-2014-3175 [CRITICAL] CVE-2014-3175: Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors, related to the load_truetype_glyph function in truetype/ttgload.c in FreeType and other functions in other components.

CVE-2014-3169 [HIGH] CVE-2014-3169: Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as us Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging script execution that occurs before notification of node removal.

CVE-2014-3171 [HIGH] CVE-2014-3171: Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062. Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper use of HashMap add operations instead of HashMap set operations, related to bindings/core/v8/DOMWrapperMap.h and bindings/core/v8/SerializedS

CVE-2014-3168 [HIGH] CVE-2014-3168: Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37. Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper caching associated with animation.