ID CVE-2014-1748
Summary The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.
References
Vulnerable Configurations
  • Google Chrome 35.0.1916.0
    cpe:2.3:a:google:chrome:35.0.1916.0
  • Google Chrome 35.0.1916.1
    cpe:2.3:a:google:chrome:35.0.1916.1
  • Google Chrome 35.0.1916.2
    cpe:2.3:a:google:chrome:35.0.1916.2
  • Google Chrome 35.0.1916.3
    cpe:2.3:a:google:chrome:35.0.1916.3
  • Google Chrome 35.0.1916.4
    cpe:2.3:a:google:chrome:35.0.1916.4
  • Google Chrome 35.0.1916.5
    cpe:2.3:a:google:chrome:35.0.1916.5
  • Google Chrome 35.0.1916.6
    cpe:2.3:a:google:chrome:35.0.1916.6
  • Google Chrome 35.0.1916.7
    cpe:2.3:a:google:chrome:35.0.1916.7
  • Google Chrome 35.0.1916.8
    cpe:2.3:a:google:chrome:35.0.1916.8
  • Google Chrome 35.0.1916.9
    cpe:2.3:a:google:chrome:35.0.1916.9
  • Google Chrome 35.0.1916.10
    cpe:2.3:a:google:chrome:35.0.1916.10
  • Google Chrome 35.0.1916.11
    cpe:2.3:a:google:chrome:35.0.1916.11
  • Google Chrome 35.0.1916.113
    cpe:2.3:a:google:chrome:35.0.1916.13
  • Google Chrome 35.0.1916.14
    cpe:2.3:a:google:chrome:35.0.1916.14
  • Google Chrome 35.0.1916.15
    cpe:2.3:a:google:chrome:35.0.1916.15
  • Google Chrome 35.0.1916.17
    cpe:2.3:a:google:chrome:35.0.1916.17
  • Google Chrome 35.0.1916.18
    cpe:2.3:a:google:chrome:35.0.1916.18
  • Google Chrome 35.0.1916.19
    cpe:2.3:a:google:chrome:35.0.1916.19
  • Google Chrome 35.0.1916.20
    cpe:2.3:a:google:chrome:35.0.1916.20
  • Google Chrome 35.0.1916.21
    cpe:2.3:a:google:chrome:35.0.1916.21
  • Google Chrome 35.0.1916.22
    cpe:2.3:a:google:chrome:35.0.1916.22
  • Google Chrome 35.0.1916.23
    cpe:2.3:a:google:chrome:35.0.1916.23
  • Google Chrome 35.0.1916.27
    cpe:2.3:a:google:chrome:35.0.1916.27
  • Google Chrome 35.0.1916.31
    cpe:2.3:a:google:chrome:35.0.1916.31
  • Google Chrome 35.0.1916.32
    cpe:2.3:a:google:chrome:35.0.1916.32
  • Google Chrome 35.0.1916.33
    cpe:2.3:a:google:chrome:35.0.1916.33
  • Google Chrome 35.0.1916.34
    cpe:2.3:a:google:chrome:35.0.1916.34
  • Google Chrome 35.0.1916.35
    cpe:2.3:a:google:chrome:35.0.1916.35
  • Google Chrome 35.0.1916.36
    cpe:2.3:a:google:chrome:35.0.1916.36
  • Google Chrome 35.0.1916.37
    cpe:2.3:a:google:chrome:35.0.1916.37
  • Google Chrome 35.0.1916.38
    cpe:2.3:a:google:chrome:35.0.1916.38
  • Google Chrome 35.0.1916.39
    cpe:2.3:a:google:chrome:35.0.1916.39
  • Google Chrome 35.0.1916.40
    cpe:2.3:a:google:chrome:35.0.1916.40
  • Google Chrome 35.0.1916.41
    cpe:2.3:a:google:chrome:35.0.1916.41
  • Google Chrome 35.0.1916.42
    cpe:2.3:a:google:chrome:35.0.1916.42
  • Google Chrome 35.0.1916.43
    cpe:2.3:a:google:chrome:35.0.1916.43
  • Google Chrome 35.0.1916.44
    cpe:2.3:a:google:chrome:35.0.1916.44
  • Google Chrome 35.0.1916.45
    cpe:2.3:a:google:chrome:35.0.1916.45
  • Google Chrome 35.0.1916.46
    cpe:2.3:a:google:chrome:35.0.1916.46
  • Google Chrome 35.0.1916.47
    cpe:2.3:a:google:chrome:35.0.1916.47
  • Google Chrome 35.0.1916.48
    cpe:2.3:a:google:chrome:35.0.1916.48
  • Google Chrome 35.0.1916.49
    cpe:2.3:a:google:chrome:35.0.1916.49
  • Google Chrome 35.0.1916.51
    cpe:2.3:a:google:chrome:35.0.1916.51
  • Google Chrome 35.0.1916.52
    cpe:2.3:a:google:chrome:35.0.1916.52
  • Google Chrome 35.0.1916.54
    cpe:2.3:a:google:chrome:35.0.1916.54
  • Google Chrome 35.0.1916.56
    cpe:2.3:a:google:chrome:35.0.1916.56
  • Google Chrome 35.0.1916.57
    cpe:2.3:a:google:chrome:35.0.1916.57
  • Google Chrome 35.0.1916.59
    cpe:2.3:a:google:chrome:35.0.1916.59
  • Google Chrome 35.0.1916.61
    cpe:2.3:a:google:chrome:35.0.1916.61
  • Google Chrome 35.0.1916.68
    cpe:2.3:a:google:chrome:35.0.1916.68
  • Google Chrome 35.0.1916.69
    cpe:2.3:a:google:chrome:35.0.1916.69
  • Google Chrome 35.0.1916.71
    cpe:2.3:a:google:chrome:35.0.1916.71
  • Google Chrome 35.0.1916.72
    cpe:2.3:a:google:chrome:35.0.1916.72
  • Google Chrome 35.0.1916.74
    cpe:2.3:a:google:chrome:35.0.1916.74
  • Google Chrome 35.0.1916.77
    cpe:2.3:a:google:chrome:35.0.1916.77
  • Google Chrome 35.0.1916.80
    cpe:2.3:a:google:chrome:35.0.1916.80
  • Google Chrome 35.0.1916.82
    cpe:2.3:a:google:chrome:35.0.1916.82
  • Google Chrome 35.0.1916.84
    cpe:2.3:a:google:chrome:35.0.1916.84
  • Google Chrome 35.0.1916.85
    cpe:2.3:a:google:chrome:35.0.1916.85
  • Google Chrome 35.0.1916.86
    cpe:2.3:a:google:chrome:35.0.1916.86
  • Google Chrome 35.0.1916.88
    cpe:2.3:a:google:chrome:35.0.1916.88
  • Google Chrome 35.0.1916.90
    cpe:2.3:a:google:chrome:35.0.1916.90
  • Google Chrome 35.0.1916.92
    cpe:2.3:a:google:chrome:35.0.1916.92
  • Google Chrome 35.0.1916.93
    cpe:2.3:a:google:chrome:35.0.1916.93
  • Google Chrome 35.0.1916.95
    cpe:2.3:a:google:chrome:35.0.1916.95
  • Google Chrome 35.0.1916.96
    cpe:2.3:a:google:chrome:35.0.1916.96
  • Google Chrome 35.0.1916.98
    cpe:2.3:a:google:chrome:35.0.1916.98
  • Google Chrome 35.0.1916.99
    cpe:2.3:a:google:chrome:35.0.1916.99
  • Google Chrome 35.0.1916.101
    cpe:2.3:a:google:chrome:35.0.1916.101
  • Google Chrome 35.0.1916.103
    cpe:2.3:a:google:chrome:35.0.1916.103
  • Google Chrome 35.0.1916.104
    cpe:2.3:a:google:chrome:35.0.1916.104
  • Google Chrome 35.0.1916.105
    cpe:2.3:a:google:chrome:35.0.1916.105
  • Google Chrome 35.0.1916.106
    cpe:2.3:a:google:chrome:35.0.1916.106
  • Google Chrome 35.0.1916.107
    cpe:2.3:a:google:chrome:35.0.1916.107
  • Google Chrome 35.0.1916.108
    cpe:2.3:a:google:chrome:35.0.1916.108
  • Google Chrome 35.0.1916.109
    cpe:2.3:a:google:chrome:35.0.1916.109
  • Google Chrome 35.0.1916.110
    cpe:2.3:a:google:chrome:35.0.1916.110
  • Google Chrome 35.0.1916.111
    cpe:2.3:a:google:chrome:35.0.1916.111
  • Google Chrome 35.0.1916.112
    cpe:2.3:a:google:chrome:35.0.1916.112
  • Google Chrome 35.0.1916.113
    cpe:2.3:a:google:chrome:35.0.1916.113
CVSS
Base: 5.0 (as of 21-05-2014 - 10:25)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-412.NASL
    description This update for webkitgtk fixes the following issues : - webkitgtk was updated to version 2.4.10 (boo#971460) : + Fix rendering of form controls and scrollbars with GTK+ >= 3.19. + Fix crashes on PPC64. + Fix the build on powerpc 32 bits. + Add ARM64 build support. + Security fixes: CVE-2015-1120, CVE-2015-1076, CVE-2015-1071, CVE-2015-1081, CVE-2015-1122, CVE-2015-1155, CVE-2014-1748, CVE-2015-3752, CVE-2015-5809, CVE-2015-5928, CVE-2015-3749, CVE-2015-3659, CVE-2015-3748, CVE-2015-3743, CVE-2015-3731, CVE-2015-3745, CVE-2015-5822, CVE-2015-3658, CVE-2015-3741, CVE-2015-3727, CVE-2015-5801, CVE-2015-5788, CVE-2015-3747, CVE-2015-5794, CVE-2015-1127, CVE-2015-1153, CVE-2015-1083. + Updated translations.
    last seen 2018-09-02
    modified 2016-04-05
    plugin id 90259
    published 2016-04-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90259
    title openSUSE Security Update : webkitgtk (openSUSE-2016-412)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_1091D2D1CB2E11E5B14BBCAEC565249C.NASL
    description webkit reports : The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.
    last seen 2018-09-01
    modified 2016-02-05
    plugin id 88583
    published 2016-02-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88583
    title FreeBSD : webkit -- UI spoof (1091d2d1-cb2e-11e5-b14b-bcaec565249c)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-FDE7FFCB77.NASL
    description This update addresses the following vulnerabilities : - CVE-2015-1120 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120) - CVE-2015-1076 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076) - CVE-2015-1071 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071) - CVE-2015-1081 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081) - CVE-2015-1122 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122) - CVE-2015-1155 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155) - CVE-2014-1748 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748) - CVE-2015-3752 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752) - CVE-2015-5809 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809) - CVE-2015-5928 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928) - CVE-2015-3749 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749) - CVE-2015-3659 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659) - CVE-2015-3748 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748) - CVE-2015-3743 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743) - CVE-2015-3731 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731) - CVE-2015-3745 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745) - CVE-2015-5822 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822) - CVE-2015-3658 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658) - CVE-2015-3741 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741) - CVE-2015-3727 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727) - CVE-2015-5801 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801) - CVE-2015-5788 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788) - CVE-2015-3747 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747) - CVE-2015-5794 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794) - CVE-2015-1127 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127) - CVE-2015-1153 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153) - CVE-2015-1083 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-03-29
    plugin id 90232
    published 2016-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90232
    title Fedora 24 : webkitgtk3-2.4.10-1.fc24 (2016-fde7ffcb77)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_GOOGLE_CHROME_35_0_1916_114.NASL
    description The version of Google Chrome installed on the remote Mac OS X host is a version prior to 35.0.1916.114. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to 'styles' and 'SVG' handling. (CVE-2014-1743, CVE-2014-1745) - An integer overflow error exists related to audio handling. (CVE-2014-1744) - An out-of-bounds read error exists related to media filters. (CVE-2014-1746) - A user-input validation error exists related to handling local MHTML files. (CVE-2014-1747) - An unspecified error exists related to the scrollbar that could allow UI spoofing. (CVE-2014-1748) - Various unspecified errors. (CVE-2014-1749) - An integer underflow error exists related to the V8 JavaScript engine. (CVE-2014-3152) - An error exists related to the 'Blink' 'SpeechInput' feature that could allow click-jacking and information disclosure. (CVE-2014-3803) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 74123
    published 2014-05-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74123
    title Google Chrome < 35.0.1916.114 Multiple Vulnerabilities (Mac OS X)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2937-1.NASL
    description A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-08-03
    plugin id 90094
    published 2016-03-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90094
    title Ubuntu 14.04 LTS / 15.10 : webkitgtk vulnerabilities (USN-2937-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2298-1.NASL
    description A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1730) A type confusion bug was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1731) Multiple security issues including memory safety bugs were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1735, CVE-2014-3162) Multiple use-after-free issues were discovered in the WebSockets implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1740) Multiple integer overflows were discovered in CharacterData implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1741) Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1742, CVE-2014-1743) An integer overflow bug was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1744) An out-of-bounds read was discovered in Chromium. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2014-1746) It was discovered that Blink allowed scrollbar painting to extend in to the parent frame in some circumstances. An attacker could potentially exploit this to conduct clickjacking attacks via UI redress. (CVE-2014-1748) An integer underflow was discovered in Blink. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3152) A use-after-free was discovered in Chromium. If a use were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3154) A security issue was discovered in the SPDY implementation. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-3155) A heap overflow was discovered in Chromium. If a use were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3157) It was discovered that Blink did not enforce security rules for subresource loading in SVG images. If a user opened a site that embedded a specially crafted image, an attacker could exploit this to log page views. (CVE-2014-3160) It was discovered that the SpeechInput feature in Blink could be activated without consent or any visible indication. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to eavesdrop on the user. (CVE-2014-3803). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-08-03
    plugin id 76756
    published 2014-07-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76756
    title Ubuntu 14.04 LTS : oxide-qt vulnerabilities (USN-2298-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-9EC1850FFF.NASL
    description This update addresses the following vulnerabilities: * [CVE-2015-1120](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1120) * [CVE-2015-1076](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1076) * [CVE-2015-1071](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1071) * [CVE-2015-1081](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1081) * [CVE-2015-1122](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1122) * [CVE-2015-1155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1155) * [CVE-2014-1748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 4-1748) * [CVE-2015-3752](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3752) * [CVE-2015-5809](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5809) * [CVE-2015-5928](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5928) * [CVE-2015-3749](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3749) * [CVE-2015-3659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3659) * [CVE-2015-3748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3748) * [CVE-2015-3743](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3743) * [CVE-2015-3731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3731) * [CVE-2015-3745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3745) * [CVE-2015-5822](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5822) * [CVE-2015-3658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3658) * [CVE-2015-3741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3741) * [CVE-2015-3727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3727) * [CVE-2015-5801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5801) * [CVE-2015-5788](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5788) * [CVE-2015-3747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3747) * [CVE-2015-5794](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5794) * [CVE-2015-1127](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1127) * [CVE-2015-1153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1153) * [CVE-2015-1083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1083) Additional fixes: * Fix crashes on PowerPC 64. * Fix the build on PowerPC 32. - Add ARM64 build support. Translation updates * German * Spanish * French - Italian * Korean * Brazilian Portuguese * Russian * Chinese. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-04-05
    plugin id 90283
    published 2016-04-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90283
    title Fedora 22 : webkitgtk-2.4.10-1.fc22 (2016-9ec1850fff)
  • NASL family Windows
    NASL id OPERA_2200.NASL
    description The version of Opera installed on the remote host is prior to version 22. It is, therefore, reportedly affected by multiple vulnerabilities in the bundled version of Chromium : - Use-after-free errors exist related to 'styles' and 'SVG' handling. (CVE-2014-1743, CVE-2014-1745) - An integer overflow error exists related to audio handling. (CVE-2014-1744) - An out-of-bounds read error exists related to media filters. (CVE-2014-1746) - A user-input validation error exists related to handling local MHTML files that could allow for universal cross-site scripting (UXSS) attacks. (CVE-2014-1747) - An unspecified error exists related to the scrollbar that could allow UI spoofing. (CVE-2014-1748) - Various unspecified errors. (CVE-2014-1749) - An integer underflow error exists related to the V8 JavaScript engine that could allow a denial of service condition. (CVE-2014-3152) - An error exists related to the 'Blick' 'SpeechInput' feature that could allow click-jacking and information disclosure. (CVE-2014-3803) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2018-09-01
    modified 2018-07-16
    plugin id 74362
    published 2014-06-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74362
    title Opera < 22 Multiple Chromium Vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SAFARI8_0_2.NASL
    description The version of Apple Safari installed on the remote Mac OS X host is a version prior to 6.2.2 / 7.1.2 / 8.0.2. It is, therefore, affected by the following vulnerabilities in WebKit : - An SVG loaded in an IMG element could load a CSS file cross-origin. This can allow data exfiltration. (CVE-2014-4465) - A UI spoofing flaw exists in the handling of scrollbar boundaries. Visiting websites that frame malicious content can allow the UI to be spoofed. (CVE-2014-1748) - Multiple memory corruption issues exist that can lead to an unexpected application crash or potential arbitrary code execution by means of malicious website content. (CVE-2014-4452, CVE-2014-4459, CVE-2014-4466, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475) Note that the 6.2.2 / 7.1.2 / 8.0.2 Safari updates include the security content of the 6.2.1 / 7.1.1 / 8.0.1 updates. These more recent updates, however, were released to fix potential issues with the installation of the previous patch release.
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 80055
    published 2014-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80055
    title Mac OS X : Apple Safari < 6.2.2 / 7.1.2 / 8.0.2 Multiple Vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-A4FCB02D6B.NASL
    description This update addresses the following vulnerabilities : - CVE-2015-1120 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120) - CVE-2015-1076 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076) - CVE-2015-1071 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071) - CVE-2015-1081 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081) - CVE-2015-1122 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122) - CVE-2015-1155 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155) - CVE-2014-1748 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748) - CVE-2015-3752 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752) - CVE-2015-5809 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809) - CVE-2015-5928 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928) - CVE-2015-3749 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749) - CVE-2015-3659 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659) - CVE-2015-3748 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748) - CVE-2015-3743 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743) - CVE-2015-3731 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731) - CVE-2015-3745 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745) - CVE-2015-5822 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822) - CVE-2015-3658 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658) - CVE-2015-3741 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741) - CVE-2015-3727 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727) - CVE-2015-5801 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801) - CVE-2015-5788 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788) - CVE-2015-3747 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747) - CVE-2015-5794 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794) - CVE-2015-1127 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127) - CVE-2015-1153 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153) - CVE-2015-1083 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2016-03-29
    plugin id 90220
    published 2016-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90220
    title Fedora 24 : webkitgtk-2.4.10-1.fc24 (2016-a4fcb02d6b)
  • NASL family Windows
    NASL id GOOGLE_CHROME_35_0_1916_114.NASL
    description The version of Google Chrome installed on the remote host is a version prior to 35.0.1916.114. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to 'styles' and 'SVG' handling. (CVE-2014-1743, CVE-2014-1745) - An integer overflow error exists related to audio handling. (CVE-2014-1744) - An out-of-bounds read error exists related to media filters. (CVE-2014-1746) - A user-input validation error exists related to handling local MHTML files. (CVE-2014-1747) - An unspecified error exists related to the scrollbar that could allow UI spoofing. (CVE-2014-1748) - Various unspecified errors. (CVE-2014-1749) - An integer underflow error exists related to the V8 JavaScript engine. (CVE-2014-3152) - An error exists related to the 'Blick' 'SpeechInput' feature that could allow click-jacking and information disclosure. (CVE-2014-3803) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2018-09-02
    modified 2018-07-12
    plugin id 74122
    published 2014-05-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74122
    title Google Chrome < 35.0.1916.114 Multiple Vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-1A7F7FFB58.NASL
    description This update addresses the following vulnerabilities : - CVE-2015-1120 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120) - CVE-2015-1076 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076) - CVE-2015-1071 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071) - CVE-2015-1081 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081) - CVE-2015-1122 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122) - CVE-2015-1155 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155) - CVE-2014-1748 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748) - CVE-2015-3752 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752) - CVE-2015-5809 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809) - CVE-2015-5928 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928) - CVE-2015-3749 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749) - CVE-2015-3659 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659) - CVE-2015-3748 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748) - CVE-2015-3743 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743) - CVE-2015-3731 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731) - CVE-2015-3745 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745) - CVE-2015-5822 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822) - CVE-2015-3658 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658) - CVE-2015-3741 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741) - CVE-2015-3727 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727) - CVE-2015-5801 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801) - CVE-2015-5788 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788) - CVE-2015-3747 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747) - CVE-2015-5794 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794) - CVE-2015-1127 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127) - CVE-2015-1153 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153) - CVE-2015-1083 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-03-22
    plugin id 90035
    published 2016-03-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90035
    title Fedora 23 : webkitgtk3-2.4.10-1.fc23 (2016-1a7f7ffb58)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201408-16.NASL
    description The remote host is affected by the vulnerability described in GLSA-201408-16 (Chromium: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could conduct a number of attacks which include: cross site scripting attacks, bypassing of sandbox protection, potential execution of arbitrary code with the privileges of the process, or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 77460
    published 2014-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77460
    title GLSA-201408-16 : Chromium: Multiple vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2939.NASL
    description Several vulnerabilities were discovered in the chromium web browser. - CVE-2014-1743 cloudfuzzer discovered a use-after-free issue in the Blink/Webkit document object model implementation. - CVE-2014-1744 Aaron Staple discovered an integer overflow issue in audio input handling. - CVE-2014-1745 Atte Kettunen discovered a use-after-free issue in the Blink/Webkit scalable vector graphics implementation. - CVE-2014-1746 Holger Fuhrmannek discovered an out-of-bounds read issue in the URL protocol implementation for handling media. - CVE-2014-1747 packagesu discovered a cross-site scripting issue involving malformed MHTML files. - CVE-2014-1748 Jordan Milne discovered a user interface spoofing issue. - CVE-2014-1749 The Google Chrome development team discovered and fixed multiple issues with potential security impact. - CVE-2014-3152 An integer underflow issue was discovered in the v8 JavaScript library.
    last seen 2018-09-01
    modified 2018-07-09
    plugin id 74256
    published 2014-06-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74256
    title Debian DSA-2939-1 : chromium-browser - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-5D6D75DBEA.NASL
    description This update addresses the following vulnerabilities : - CVE-2015-1120 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120) - CVE-2015-1076 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076) - CVE-2015-1071 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071) - CVE-2015-1081 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081) - CVE-2015-1122 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122) - CVE-2015-1155 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155) - CVE-2014-1748 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748) - CVE-2015-3752 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752) - CVE-2015-5809 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809) - CVE-2015-5928 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928) - CVE-2015-3749 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749) - CVE-2015-3659 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659) - CVE-2015-3748 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748) - CVE-2015-3743 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743) - CVE-2015-3731 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731) - CVE-2015-3745 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745) - CVE-2015-5822 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822) - CVE-2015-3658 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658) - CVE-2015-3741 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741) - CVE-2015-3727 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727) - CVE-2015-5801 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801) - CVE-2015-5788 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788) - CVE-2015-3747 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747) - CVE-2015-5794 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794) - CVE-2015-1127 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127) - CVE-2015-1153 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153) - CVE-2015-1083 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2016-03-24
    plugin id 90104
    published 2016-03-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90104
    title Fedora 23 : webkitgtk-2.4.10-1.fc23 (2016-5d6d75dbea)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-420.NASL
    description chromium was updated to version 35.0.1916.114 to fix various security issues. Security fixes : - CVE-2014-1743: Use-after-free in styles - CVE-2014-1744: Integer overflow in audio - CVE-2014-1745: Use-after-free in SVG - CVE-2014-1746: Out-of-bounds read in media filters - CVE-2014-1747: UXSS with local MHTML file - CVE-2014-1748: UI spoofing with scrollbar - CVE-2014-1749: Various fixes from internal audits, fuzzing and other initiatives - CVE-2014-3152: Integer underflow in V8 fixed - CVE-2014-1740: Use-after-free in WebSockets - CVE-2014-1741: Integer overflow in DOM range - CVE-2014-1742: Use-after-free in editing and 17 more for which no detailed information is given.
    last seen 2018-09-02
    modified 2014-12-05
    plugin id 75387
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75387
    title openSUSE Security Update : chromium (openSUSE-SU-2014:0783-1)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_64F3872BE05D11E39DD400262D5ED8EE.NASL
    description Google Chrome Releases reports : 23 security fixes in this release, including : - [356653] High CVE-2014-1743: Use-after-free in styles. Credit to cloudfuzzer. - [359454] High CVE-2014-1744: Integer overflow in audio. Credit to Aaron Staple. - [346192] High CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG. - [364065] Medium CVE-2014-1746: Out-of-bounds read in media filters. Credit to Holger Fuhrmannek. - [330663] Medium CVE-2014-1747: UXSS with local MHTML file. Credit to packagesu. - [331168] Medium CVE-2014-1748: UI spoofing with scrollbar. Credit to Jordan Milne. - [374649] CVE-2014-1749: Various fixes from internal audits, fuzzing and other initiatives. - [358057] CVE-2014-3152: Integer underflow in V8 fixed in version 3.25.28.16.
    last seen 2018-09-02
    modified 2014-06-14
    plugin id 74114
    published 2014-05-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74114
    title FreeBSD : chromium -- multiple vulnerabilities (64f3872b-e05d-11e3-9dd4-00262d5ed8ee)
refmap via4
apple APPLE-SA-2014-12-2-1
confirm
debian DSA-2939
gentoo GLSA-201408-16
sectrack 1030270
secunia
  • 58920
  • 59155
  • 60372
suse
  • openSUSE-SU-2014:0783
  • openSUSE-SU-2016:0915
ubuntu USN-2937-1
Last major update 06-01-2017 - 21:59
Published 21-05-2014 - 07:14
Last modified 28-12-2017 - 21:29
Back to Top