usn-2298-1
Vulnerability from osv_ubuntu
A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1730)
A type confusion bug was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1731)
Multiple security issues including memory safety bugs were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1735, CVE-2014-3162)
Multiple use-after-free issues were discovered in the WebSockets implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1740)
Multiple integer overflows were discovered in CharacterData implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1741)
Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1742, CVE-2014-1743)
An integer overflow bug was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1744)
An out-of-bounds read was discovered in Chromium. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2014-1746)
It was discovered that Blink allowed scrollbar painting to extend in to the parent frame in some circumstances. An attacker could potentially exploit this to conduct clickjacking attacks via UI redress. (CVE-2014-1748)
An integer underflow was discovered in Blink. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3152)
A use-after-free was discovered in Chromium. If a use were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3154)
A security issue was discovered in the SPDY implementation. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-3155)
A heap overflow was discovered in Chromium. If a use were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3157)
It was discovered that Blink did not enforce security rules for subresource loading in SVG images. If a user opened a site that embedded a specially crafted image, an attacker could exploit this to log page views. (CVE-2014-3160)
It was discovered that the SpeechInput feature in Blink could be activated without consent or any visible indication. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to eavesdrop on the user. (CVE-2014-3803)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2014-1730",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1731",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1735",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1740",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1741",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1742",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1743",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1744",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1746",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1748",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-3152",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-3154",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-3155",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-3157",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-3160",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-3162",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-3803",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:14.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "liboxideqt-qmlplugin",
"binary_version": "1.0.4-0ubuntu0.14.04.1"
},
{
"binary_name": "liboxideqtcore0",
"binary_version": "1.0.4-0ubuntu0.14.04.1"
},
{
"binary_name": "oxideqmlscene",
"binary_version": "1.0.4-0ubuntu0.14.04.1"
},
{
"binary_name": "oxideqt-codecs",
"binary_version": "1.0.4-0ubuntu0.14.04.1"
},
{
"binary_name": "oxideqt-codecs-extra",
"binary_version": "1.0.4-0ubuntu0.14.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "oxide-qt",
"purl": "pkg:deb/ubuntu/oxide-qt@1.0.4-0ubuntu0.14.04.1?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.4-0ubuntu0.14.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.0.0~bzr437-0ubuntu1",
"1.0.0~bzr452-0ubuntu1",
"1.0.0~bzr475-0ubuntu1",
"1.0.0~bzr490-0ubuntu1",
"1.0.0~bzr501-0ubuntu1",
"1.0.0~bzr501-0ubuntu2"
]
}
],
"aliases": [],
"details": "A type confusion bug was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash, or execute arbitrary\ncode with the privileges of the sandboxed render process. (CVE-2014-1730)\n\nA type confusion bug was discovered in Blink. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash, or execute arbitrary\ncode with the privileges of the sandboxed render process. (CVE-2014-1731)\n\nMultiple security issues including memory safety bugs were discovered in\nChromium. If a user were tricked in to opening a specially crafted website,\nan attacker could potentially exploit these to cause a denial of service via\napplication crash or execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2014-1735, CVE-2014-3162)\n\nMultiple use-after-free issues were discovered in the WebSockets\nimplementation. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit these to cause a denial of\nservice via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-1740)\n\nMultiple integer overflows were discovered in CharacterData\nimplementation. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit these to cause a denial of\nservice via renderer crash or execute arbitrary code with the privileges\nof the sandboxed render process. (CVE-2014-1741)\n\nMultiple use-after-free issues were discovered in Blink. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service via renderer crash\nor execute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-1742, CVE-2014-1743)\n\nAn integer overflow bug was discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash or execute arbitrary code with the privileges of the user invoking\nthe program. (CVE-2014-1744)\n\nAn out-of-bounds read was discovered in Chromium. If a user were tricked\nin to opening a specially crafter website, an attacker could potentially\nexploit this to cause a denial of service via application crash.\n(CVE-2014-1746)\n\nIt was discovered that Blink allowed scrollbar painting to extend in to\nthe parent frame in some circumstances. An attacker could potentially\nexploit this to conduct clickjacking attacks via UI redress.\n(CVE-2014-1748)\n\nAn integer underflow was discovered in Blink. If a user were tricked in to\nopening a specially crafter website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash or execute arbitrary\ncode with the privileges of the sandboxed render process. (CVE-2014-3152)\n\nA use-after-free was discovered in Chromium. If a use were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash or execute arbitrary\ncode with the privileges of the sandboxed render process.\n(CVE-2014-3154)\n\nA security issue was discovered in the SPDY implementation. An attacker\ncould potentially exploit this to cause a denial of service via\napplication crash or execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2014-3155)\n\nA heap overflow was discovered in Chromium. If a use were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash or execute arbitrary\ncode with the privileges of the sandboxed render process. (CVE-2014-3157)\n\nIt was discovered that Blink did not enforce security rules for\nsubresource loading in SVG images. If a user opened a site that embedded a\nspecially crafted image, an attacker could exploit this to log page views.\n(CVE-2014-3160)\n\nIt was discovered that the SpeechInput feature in Blink could be activated\nwithout consent or any visible indication. If a user were tricked in to\nopening a specially crafted website, an attacker could exploit this to\neavesdrop on the user. (CVE-2014-3803)\n",
"id": "USN-2298-1",
"modified": "2026-02-10T04:40:49Z",
"published": "2014-07-23T20:11:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-2298-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1730"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1731"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1735"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1740"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1741"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1742"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1743"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1744"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1746"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1748"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-3152"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-3154"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-3155"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-3157"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-3160"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-3162"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-3803"
},
{
"type": "REPORT",
"url": "https://launchpad.net/bugs/1337301"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "oxide-qt vulnerabilities",
"upstream": [
"UBUNTU-CVE-2014-1730",
"UBUNTU-CVE-2014-1731",
"UBUNTU-CVE-2014-1735",
"UBUNTU-CVE-2014-1740",
"UBUNTU-CVE-2014-1741",
"UBUNTU-CVE-2014-1742",
"UBUNTU-CVE-2014-1743",
"UBUNTU-CVE-2014-1744",
"UBUNTU-CVE-2014-1746",
"UBUNTU-CVE-2014-1748",
"UBUNTU-CVE-2014-3152",
"UBUNTU-CVE-2014-3154",
"UBUNTU-CVE-2014-3155",
"UBUNTU-CVE-2014-3157",
"UBUNTU-CVE-2014-3160",
"UBUNTU-CVE-2014-3162",
"UBUNTU-CVE-2014-3803"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.