var-201408-0378
Vulnerability from variot
The Public Key Pinning (PKP) implementation in Google Chrome before 36.0.1985.143 on Windows, OS X, and Linux, and before 36.0.1985.135 on Android, does not correctly consider the properties of SPDY connections, which allows remote attackers to obtain sensitive information by leveraging the use of multiple domain names. Google Chrome is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. Versions prior to Chrome 36.0.1985.143 are vulnerable. Verify the properties of the SPDY connection. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-3039-1 security@debian.org http://www.debian.org/security/ Michael Gilbert September 28, 2014 http://www.debian.org/security/faq
Package : chromium-browser CVE ID : CVE-2014-3160 CVE-2014-3162 CVE-2014-3165 CVE-2014-3166 CVE-2014-3167 CVE-2014-3168 CVE-2014-3169 CVE-2014-3170 CVE-2014-3171 CVE-2014-3172 CVE-2014-3173 CVE-2014-3174 CVE-2014-3175 CVE-2014-3176 CVE-2014-3177 CVE-2014-3178 CVE-2014-3179
Several vulnerabilities were discovered in the chromium web browser.
CVE-2014-3160
Christian Schneider discovered a same origin bypass issue in SVG
file resource fetching.
CVE-2014-3162
The Google Chrome development team addressed multiple issues with
potential security impact for chromium 36.0.1985.125.
CVE-2014-3165
Colin Payne discovered a use-after-free issue in the Web Sockets
implementation.
CVE-2014-3166
Antoine Delignat-Lavaud discovered an information leak in the SPDY
protocol implementation.
CVE-2014-3167
The Google Chrome development team addressed multiple issues with
potential security impact for chromium 36.0.1985.143.
CVE-2014-3168
cloudfuzzer discovered a use-after-free issue in SVG image file
handling.
CVE-2014-3169
Andrzej Dyjak discovered a use-after-free issue in the Webkit/Blink
Document Object Model implementation.
CVE-2014-3170
Rob Wu discovered a way to spoof the url of chromium extensions.
CVE-2014-3171
cloudfuzzer discovered a use-after-free issue in chromium's v8
bindings.
CVE-2014-3172
Eli Grey discovered a way to bypass access restrictions using
chromium's Debugger extension API.
CVE-2014-3173
jmuizelaar discovered an uninitialized read issue in WebGL.
CVE-2014-3174
Atte Kettunen discovered an uninitialized read issue in Web Audio.
CVE-2014-3175
The Google Chrome development team addressed multiple issues with
potential security impact for chromium 37.0.2062.94.
CVE-2014-3176
lokihardt@asrt discovered a combination of flaws that can lead to
remote code execution outside of chromium's sandbox.
CVE-2014-3177
lokihardt@asrt discovered a combination of flaws that can lead to
remote code execution outside of chromium's sandbox.
CVE-2014-3178
miaubiz discovered a use-after-free issue in the Document Object
Model implementation in Blink/Webkit.
CVE-2014-3179
The Google Chrome development team addressed multiple issues with
potential security impact for chromium 37.0.2062.120.
For the stable distribution (wheezy), these problems have been fixed in version 37.0.2062.120-1~deb7u1.
For the testing (jessie) and unstable (sid) distributions, these problems have been fixed in version 37.0.2062.120-1.
We recommend that you upgrade your chromium-browser packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQQcBAEBCgAGBQJUKFfrAAoJELjWss0C1vRzHiEgAIABz3HDoSbH2wCbN58xmQPs EXADJVYxCyYN6YFnR4lSxekGX3p0Gr+zjGnVzmAVAQnflWEX4e+U4nXN581oLvC4 9DRGyFW5IANzi98AViRZ5SV5lFG93q/ipL5H74/kfg4gqBoxXTw/a6QF20nRYxES S5LQGqMu9Hzkto23nzQUc45uItapphd78StNLtdpaVVN2UV3dDMItMnDpDWpxv9h kUGK1cKjcMEVWOejvI8YEALYo6OMunwR+G6HwG7soc7k4zHOlesIJ86HoKz1aYgZ Yj6reRBZxpQSwAKMzdxKT5OyAMbYadOk6ryPmJSqJv6ky5q13quqqjjecIthY29G hHRInemqRNoGjza1OJj8+vs1K+uWoLbth91CC62KXKhSGVydbOhBXyLtpWsSLGVn YOAeT45QZqmIzvSuAm3HULJmZdLmiFefu8bSHZRuJLt95UZzHBYtD8i85DTCOWaO p6XymJQPbvJtPQ1Qw+ZIJnsjzMhFIwRmuJPm67ZiLt/aQdnsY+WKWlZAvrCSxczp n+eRNRKBRsEiKIQUvRv0S91wCSVnEX6ywY/faOrZv2aH8J1VcYT+qqjMmvpzHgKl HikDmyW7k67Lko8R8Ah92+pktFFFTx/aPEGWrJUOqd+OdREPlv8F06ZNe0lK1nM2 AYn03pLaJvCv3JqGFdEUEPQQpTMsI6cs+VC21RkP9/c3RV7Y6ExjtarZ/1nNVf7q IyqZyYPRd3WmS9gIrsOODUDBWeamd1RkYm3r0u61oP+39m6rX9GIk/2FrWzrefDK nbewNAPtywb4y1Xjg4aHHFiJEVy+8D3qhZkgUTug10Xye2qSzlwRbi+eNmdFwJ/m xf8QTNvGluPcejRiCYmTEosqT2SksWULDfqUx4+3k/uIfpaI15V4QXyIhGFlNxKs cweaD6U5pAvK/RyTuxigM1ezYTs4JZFkYDhbzeCgb03mWOmbU9VP3Sqr+klRRiLA 1cOm22oXmb8P53gHFXxB9V4jBdPk7XVwjB4EA20+qHH6jIePGnhjkNm7hgZJB7Dr vuKmA7g/bCEnlGJC9XjutVXetgF6rx6uVpDKixLOHYwux+2tIu/Qy0AuWfUhT1Yu /CuW/CVztOPyLY2pOwLT5Ao1ERdCk/JzqRzCUfvX+xGirm5b3yT+9j+C2Ij1ohBc Sxs+kAJlldvbUN8/D+gyInWHqbacnu0pnIag05Cwk2mVgOGhPAyJsPuAawqtPj0K aQbBNpXhCMkTc4kRktISA6CBcQUBdWuavKmkYej3SOmluc+sjw6dbm4W8EjI1pJY 6Up8h8azSmt5OTNiAtjxrw/ddH2mFCJGo5+jUjpaICs/218+f5XnquZZMTD3tV8= =pGsl -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-2320-1 August 20, 2014
oxide-qt vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Oxide.
Software Description: - oxide-qt: Web browser engine library for Qt (QML plugin)
Details:
A use-after-free was discovered in the websockets implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2014-3167)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: liboxideqtcore0 1.0.5-0ubuntu0.14.04.1 oxideqt-codecs 1.0.5-0ubuntu0.14.04.1 oxideqt-codecs-extra 1.0.5-0ubuntu0.14.04.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2320-1 CVE-2014-3165, CVE-2014-3166, CVE-2014-3167, https://launchpad.net/bugs/1356372
Package Information: https://launchpad.net/ubuntu/+source/oxide-qt/1.0.5-0ubuntu0.14.04.1 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201408-16
http://security.gentoo.org/
Severity: Normal Title: Chromium: Multiple vulnerabilities Date: August 30, 2014 Bugs: #504328, #504890, #507212, #508788, #510288, #510904, #512944, #517304, #519788, #521276 ID: 201408-16
Synopsis
Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to execute arbitrary code.
Background
Chromium is an open-source web browser project.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 37.0.2062.94 >= 37.0.2062.94
Description
Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could conduct a number of attacks which include: cross site scripting attacks, bypassing of sandbox protection, potential execution of arbitrary code with the privileges of the process, or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-37.0.2062.94"
References
[ 1 ] CVE-2014-1741 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1741 [ 2 ] CVE-2014-0538 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0538 [ 3 ] CVE-2014-1700 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1700 [ 4 ] CVE-2014-1701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1701 [ 5 ] CVE-2014-1702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1702 [ 6 ] CVE-2014-1703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1703 [ 7 ] CVE-2014-1704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1704 [ 8 ] CVE-2014-1705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1705 [ 9 ] CVE-2014-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1713 [ 10 ] CVE-2014-1714 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1714 [ 11 ] CVE-2014-1715 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1715 [ 12 ] CVE-2014-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1716 [ 13 ] CVE-2014-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1717 [ 14 ] CVE-2014-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1718 [ 15 ] CVE-2014-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1719 [ 16 ] CVE-2014-1720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1720 [ 17 ] CVE-2014-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1721 [ 18 ] CVE-2014-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1722 [ 19 ] CVE-2014-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1723 [ 20 ] CVE-2014-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1724 [ 21 ] CVE-2014-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1725 [ 22 ] CVE-2014-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1726 [ 23 ] CVE-2014-1727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1727 [ 24 ] CVE-2014-1728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1728 [ 25 ] CVE-2014-1729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1729 [ 26 ] CVE-2014-1730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1730 [ 27 ] CVE-2014-1731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1731 [ 28 ] CVE-2014-1732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1732 [ 29 ] CVE-2014-1733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1733 [ 30 ] CVE-2014-1734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1734 [ 31 ] CVE-2014-1735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1735 [ 32 ] CVE-2014-1740 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1740 [ 33 ] CVE-2014-1742 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1742 [ 34 ] CVE-2014-1743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1743 [ 35 ] CVE-2014-1744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1744 [ 36 ] CVE-2014-1745 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1745 [ 37 ] CVE-2014-1746 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1746 [ 38 ] CVE-2014-1747 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1747 [ 39 ] CVE-2014-1748 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1748 [ 40 ] CVE-2014-1749 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1749 [ 41 ] CVE-2014-3154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3154 [ 42 ] CVE-2014-3155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3155 [ 43 ] CVE-2014-3156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3156 [ 44 ] CVE-2014-3157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3157 [ 45 ] CVE-2014-3160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3160 [ 46 ] CVE-2014-3162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3162 [ 47 ] CVE-2014-3165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3165 [ 48 ] CVE-2014-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3166 [ 49 ] CVE-2014-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3167 [ 50 ] CVE-2014-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3168 [ 51 ] CVE-2014-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3169 [ 52 ] CVE-2014-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3170 [ 53 ] CVE-2014-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3171 [ 54 ] CVE-2014-3172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3172 [ 55 ] CVE-2014-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3173 [ 56 ] CVE-2014-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3174 [ 57 ] CVE-2014-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3175 [ 58 ] CVE-2014-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3176 [ 59 ] CVE-2014-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3177
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201408-16.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201408-0378",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "36.0.1985.135"
},
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "36.0.1985.143"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "36.0.1985.57"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "36.0.1985.135 (android)"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "36.0.1985.143 (windows"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "mac os x"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "linux)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "36.0.1985.72"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "36.0.1985.76"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "36.0.1985.79"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "36.0.1985.77"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "36.0.1985.70"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "36.0.1985.74"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "36.0.1985.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "36.0.1985.78"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "36.0.1985.75"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "36.0.1985.73"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.96379"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.96365"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.91275"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874102"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.310"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.309"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.308"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.307"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.306"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.305"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.304"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.303"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.302"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.301"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.300"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.237"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.226"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.225"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.224"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.223"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.222"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.221"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.220"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.219"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.218"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.217"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.216"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.215"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.214"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.213"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.212"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.211"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.210"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.209"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.208"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.207"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.206"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.205"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.204"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.203"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.202"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.201"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.200"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.19"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.17"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.15"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.105"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.104"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.103"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.102"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.101"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.100"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.550.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "19.0.1084.52"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "19"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.168"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.162"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.151"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.142"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.83"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.78"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.60"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.56"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.46"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.77"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.75"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.63"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.121"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.120"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.202"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.186"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.163"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.215"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "69202"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003793"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-227"
},
{
"db": "NVD",
"id": "CVE-2014-3166"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:google:chrome",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003793"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Antoine Delignat-Lavaud",
"sources": [
{
"db": "BID",
"id": "69202"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3166",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-3166",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-3166",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-71105",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3166",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-3166",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-227",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-71105",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3166",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71105"
},
{
"db": "VULMON",
"id": "CVE-2014-3166"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003793"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-227"
},
{
"db": "NVD",
"id": "CVE-2014-3166"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Public Key Pinning (PKP) implementation in Google Chrome before 36.0.1985.143 on Windows, OS X, and Linux, and before 36.0.1985.135 on Android, does not correctly consider the properties of SPDY connections, which allows remote attackers to obtain sensitive information by leveraging the use of multiple domain names. Google Chrome is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information. This may aid in further attacks. \nVersions prior to Chrome 36.0.1985.143 are vulnerable. Verify the properties of the SPDY connection. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3039-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nSeptember 28, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2014-3160 CVE-2014-3162 CVE-2014-3165 CVE-2014-3166\n CVE-2014-3167 CVE-2014-3168 CVE-2014-3169 CVE-2014-3170\n CVE-2014-3171 CVE-2014-3172 CVE-2014-3173 CVE-2014-3174\n CVE-2014-3175 CVE-2014-3176 CVE-2014-3177 CVE-2014-3178\n CVE-2014-3179\n\nSeveral vulnerabilities were discovered in the chromium web browser. \n\nCVE-2014-3160\n\n Christian Schneider discovered a same origin bypass issue in SVG\n file resource fetching. \n\nCVE-2014-3162\n\n The Google Chrome development team addressed multiple issues with\n potential security impact for chromium 36.0.1985.125. \n\nCVE-2014-3165\n\n Colin Payne discovered a use-after-free issue in the Web Sockets\n implementation. \n\nCVE-2014-3166\n\n Antoine Delignat-Lavaud discovered an information leak in the SPDY\n protocol implementation. \n\nCVE-2014-3167\n\n The Google Chrome development team addressed multiple issues with\n potential security impact for chromium 36.0.1985.143. \n\nCVE-2014-3168\n\n cloudfuzzer discovered a use-after-free issue in SVG image file\n handling. \n\nCVE-2014-3169\n\n Andrzej Dyjak discovered a use-after-free issue in the Webkit/Blink\n Document Object Model implementation. \n\nCVE-2014-3170\n\n Rob Wu discovered a way to spoof the url of chromium extensions. \n\nCVE-2014-3171\n\n cloudfuzzer discovered a use-after-free issue in chromium\u0027s v8\n bindings. \n\nCVE-2014-3172\n\n Eli Grey discovered a way to bypass access restrictions using\n chromium\u0027s Debugger extension API. \n\nCVE-2014-3173\n\n jmuizelaar discovered an uninitialized read issue in WebGL. \n\nCVE-2014-3174\n\n Atte Kettunen discovered an uninitialized read issue in Web Audio. \n\nCVE-2014-3175\n\n The Google Chrome development team addressed multiple issues with\n potential security impact for chromium 37.0.2062.94. \n\nCVE-2014-3176\n\n lokihardt@asrt discovered a combination of flaws that can lead to\n remote code execution outside of chromium\u0027s sandbox. \n\nCVE-2014-3177\n\n lokihardt@asrt discovered a combination of flaws that can lead to\n remote code execution outside of chromium\u0027s sandbox. \n\nCVE-2014-3178\n\n miaubiz discovered a use-after-free issue in the Document Object\n Model implementation in Blink/Webkit. \n\nCVE-2014-3179\n\n The Google Chrome development team addressed multiple issues with\n potential security impact for chromium 37.0.2062.120. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 37.0.2062.120-1~deb7u1. \n\nFor the testing (jessie) and unstable (sid) distributions, these\nproblems have been fixed in version 37.0.2062.120-1. \n\nWe recommend that you upgrade your chromium-browser packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQQcBAEBCgAGBQJUKFfrAAoJELjWss0C1vRzHiEgAIABz3HDoSbH2wCbN58xmQPs\nEXADJVYxCyYN6YFnR4lSxekGX3p0Gr+zjGnVzmAVAQnflWEX4e+U4nXN581oLvC4\n9DRGyFW5IANzi98AViRZ5SV5lFG93q/ipL5H74/kfg4gqBoxXTw/a6QF20nRYxES\nS5LQGqMu9Hzkto23nzQUc45uItapphd78StNLtdpaVVN2UV3dDMItMnDpDWpxv9h\nkUGK1cKjcMEVWOejvI8YEALYo6OMunwR+G6HwG7soc7k4zHOlesIJ86HoKz1aYgZ\nYj6reRBZxpQSwAKMzdxKT5OyAMbYadOk6ryPmJSqJv6ky5q13quqqjjecIthY29G\nhHRInemqRNoGjza1OJj8+vs1K+uWoLbth91CC62KXKhSGVydbOhBXyLtpWsSLGVn\nYOAeT45QZqmIzvSuAm3HULJmZdLmiFefu8bSHZRuJLt95UZzHBYtD8i85DTCOWaO\np6XymJQPbvJtPQ1Qw+ZIJnsjzMhFIwRmuJPm67ZiLt/aQdnsY+WKWlZAvrCSxczp\nn+eRNRKBRsEiKIQUvRv0S91wCSVnEX6ywY/faOrZv2aH8J1VcYT+qqjMmvpzHgKl\nHikDmyW7k67Lko8R8Ah92+pktFFFTx/aPEGWrJUOqd+OdREPlv8F06ZNe0lK1nM2\nAYn03pLaJvCv3JqGFdEUEPQQpTMsI6cs+VC21RkP9/c3RV7Y6ExjtarZ/1nNVf7q\nIyqZyYPRd3WmS9gIrsOODUDBWeamd1RkYm3r0u61oP+39m6rX9GIk/2FrWzrefDK\nnbewNAPtywb4y1Xjg4aHHFiJEVy+8D3qhZkgUTug10Xye2qSzlwRbi+eNmdFwJ/m\nxf8QTNvGluPcejRiCYmTEosqT2SksWULDfqUx4+3k/uIfpaI15V4QXyIhGFlNxKs\ncweaD6U5pAvK/RyTuxigM1ezYTs4JZFkYDhbzeCgb03mWOmbU9VP3Sqr+klRRiLA\n1cOm22oXmb8P53gHFXxB9V4jBdPk7XVwjB4EA20+qHH6jIePGnhjkNm7hgZJB7Dr\nvuKmA7g/bCEnlGJC9XjutVXetgF6rx6uVpDKixLOHYwux+2tIu/Qy0AuWfUhT1Yu\n/CuW/CVztOPyLY2pOwLT5Ao1ERdCk/JzqRzCUfvX+xGirm5b3yT+9j+C2Ij1ohBc\nSxs+kAJlldvbUN8/D+gyInWHqbacnu0pnIag05Cwk2mVgOGhPAyJsPuAawqtPj0K\naQbBNpXhCMkTc4kRktISA6CBcQUBdWuavKmkYej3SOmluc+sjw6dbm4W8EjI1pJY\n6Up8h8azSmt5OTNiAtjxrw/ddH2mFCJGo5+jUjpaICs/218+f5XnquZZMTD3tV8=\n=pGsl\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-2320-1\nAugust 20, 2014\n\noxide-qt vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Oxide. \n\nSoftware Description:\n- oxide-qt: Web browser engine library for Qt (QML plugin)\n\nDetails:\n\nA use-after-free was discovered in the websockets implementation in Blink. \nIf a user were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to cause a denial of service via\nrenderer crash. (CVE-2014-3167)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n liboxideqtcore0 1.0.5-0ubuntu0.14.04.1\n oxideqt-codecs 1.0.5-0ubuntu0.14.04.1\n oxideqt-codecs-extra 1.0.5-0ubuntu0.14.04.1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2320-1\n CVE-2014-3165, CVE-2014-3166, CVE-2014-3167, https://launchpad.net/bugs/1356372\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/oxide-qt/1.0.5-0ubuntu0.14.04.1\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201408-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Chromium: Multiple vulnerabilities\n Date: August 30, 2014\n Bugs: #504328, #504890, #507212, #508788, #510288, #510904,\n #512944, #517304, #519788, #521276\n ID: 201408-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Chromium, the worst of\nwhich can allow remote attackers to execute arbitrary code. \n\nBackground\n==========\n\nChromium is an open-source web browser project. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium \u003c 37.0.2062.94 \u003e= 37.0.2062.94\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could conduct a number of attacks which include:\ncross site scripting attacks, bypassing of sandbox protection,\npotential execution of arbitrary code with the privileges of the\nprocess, or cause a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/chromium-37.0.2062.94\"\n\nReferences\n==========\n\n[ 1 ] CVE-2014-1741\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1741\n[ 2 ] CVE-2014-0538\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0538\n[ 3 ] CVE-2014-1700\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1700\n[ 4 ] CVE-2014-1701\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1701\n[ 5 ] CVE-2014-1702\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1702\n[ 6 ] CVE-2014-1703\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1703\n[ 7 ] CVE-2014-1704\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1704\n[ 8 ] CVE-2014-1705\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1705\n[ 9 ] CVE-2014-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1713\n[ 10 ] CVE-2014-1714\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1714\n[ 11 ] CVE-2014-1715\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1715\n[ 12 ] CVE-2014-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1716\n[ 13 ] CVE-2014-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1717\n[ 14 ] CVE-2014-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1718\n[ 15 ] CVE-2014-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1719\n[ 16 ] CVE-2014-1720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1720\n[ 17 ] CVE-2014-1721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1721\n[ 18 ] CVE-2014-1722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1722\n[ 19 ] CVE-2014-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1723\n[ 20 ] CVE-2014-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1724\n[ 21 ] CVE-2014-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1725\n[ 22 ] CVE-2014-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1726\n[ 23 ] CVE-2014-1727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1727\n[ 24 ] CVE-2014-1728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1728\n[ 25 ] CVE-2014-1729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1729\n[ 26 ] CVE-2014-1730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1730\n[ 27 ] CVE-2014-1731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1731\n[ 28 ] CVE-2014-1732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1732\n[ 29 ] CVE-2014-1733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1733\n[ 30 ] CVE-2014-1734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1734\n[ 31 ] CVE-2014-1735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1735\n[ 32 ] CVE-2014-1740\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1740\n[ 33 ] CVE-2014-1742\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1742\n[ 34 ] CVE-2014-1743\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1743\n[ 35 ] CVE-2014-1744\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1744\n[ 36 ] CVE-2014-1745\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1745\n[ 37 ] CVE-2014-1746\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1746\n[ 38 ] CVE-2014-1747\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1747\n[ 39 ] CVE-2014-1748\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1748\n[ 40 ] CVE-2014-1749\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1749\n[ 41 ] CVE-2014-3154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3154\n[ 42 ] CVE-2014-3155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3155\n[ 43 ] CVE-2014-3156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3156\n[ 44 ] CVE-2014-3157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3157\n[ 45 ] CVE-2014-3160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3160\n[ 46 ] CVE-2014-3162\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3162\n[ 47 ] CVE-2014-3165\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3165\n[ 48 ] CVE-2014-3166\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3166\n[ 49 ] CVE-2014-3167\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3167\n[ 50 ] CVE-2014-3168\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3168\n[ 51 ] CVE-2014-3169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3169\n[ 52 ] CVE-2014-3170\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3170\n[ 53 ] CVE-2014-3171\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3171\n[ 54 ] CVE-2014-3172\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3172\n[ 55 ] CVE-2014-3173\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3173\n[ 56 ] CVE-2014-3174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3174\n[ 57 ] CVE-2014-3175\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3175\n[ 58 ] CVE-2014-3176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3176\n[ 59 ] CVE-2014-3177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3177\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201408-16.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3166"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003793"
},
{
"db": "BID",
"id": "69202"
},
{
"db": "VULHUB",
"id": "VHN-71105"
},
{
"db": "VULMON",
"id": "CVE-2014-3166"
},
{
"db": "PACKETSTORM",
"id": "128462"
},
{
"db": "PACKETSTORM",
"id": "127951"
},
{
"db": "PACKETSTORM",
"id": "128057"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3166",
"trust": 3.2
},
{
"db": "BID",
"id": "69202",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "60798",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "60685",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "59904",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "59693",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1030732",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003793",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201408-227",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-71105",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-3166",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128462",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127951",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128057",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71105"
},
{
"db": "VULMON",
"id": "CVE-2014-3166"
},
{
"db": "BID",
"id": "69202"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003793"
},
{
"db": "PACKETSTORM",
"id": "128462"
},
{
"db": "PACKETSTORM",
"id": "127951"
},
{
"db": "PACKETSTORM",
"id": "128057"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-227"
},
{
"db": "NVD",
"id": "CVE-2014-3166"
}
]
},
"id": "VAR-201408-0378",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-71105"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:42:40.387000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Revision 288435",
"trust": 0.8,
"url": "https://src.chromium.org/viewvc/chrome?revision=288435\u0026view=revision"
},
{
"title": "Revision 286598",
"trust": 0.8,
"url": "https://src.chromium.org/viewvc/chrome?revision=286598\u0026view=revision"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2014/08/stable-channel-update.html"
},
{
"title": "Chrome for Android Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2014/08/chrome-for-android-update.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.co.jp/chrome/browser/"
},
{
"title": "google-chrome-36.0.1985.143-stable_current_i386",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=51703"
},
{
"title": "googlechrome-36.0.1985.143",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=51702"
},
{
"title": "ChromeSetup-36.0.1985.143",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=51701"
},
{
"title": "google_chrome_36.0.1985.135",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=51704"
},
{
"title": "Ubuntu Security Notice: oxide-qt vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2320-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2014-3166 "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/google-fixes-12-vulnerabilities-in-chrome-36/107777/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3166"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003793"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-227"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71105"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003793"
},
{
"db": "NVD",
"id": "CVE-2014-3166"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/69202"
},
{
"trust": 1.9,
"url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"trust": 1.8,
"url": "http://googlechromereleases.blogspot.com/2014/08/chrome-for-android-update.html"
},
{
"trust": 1.8,
"url": "http://googlechromereleases.blogspot.com/2014/08/chrome-for-ios-update.html"
},
{
"trust": 1.8,
"url": "http://googlechromereleases.blogspot.com/2014/08/stable-channel-update.html"
},
{
"trust": 1.8,
"url": "https://code.google.com/p/chromium/issues/detail?id=398925"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2014/dsa-3039"
},
{
"trust": 1.8,
"url": "http://www.ietf.org/mail-archive/web/tls/current/msg13345.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1030732"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/59693"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/59904"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/60685"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/60798"
},
{
"trust": 1.7,
"url": "https://src.chromium.org/viewvc/chrome?revision=288435\u0026view=revision"
},
{
"trust": 1.7,
"url": "https://src.chromium.org/viewvc/chrome?revision=286598\u0026view=revision"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3166"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3166"
},
{
"trust": 0.3,
"url": "http://www.google.com/chrome"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3165"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3166"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3167"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://src.chromium.org/viewvc/chrome?revision=286598\u0026amp;view=revision"
},
{
"trust": 0.1,
"url": "https://src.chromium.org/viewvc/chrome?revision=288435\u0026amp;view=revision"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2014-3166"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/google-fixes-12-vulnerabilities-in-chrome-36/107777/"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2320-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3172"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3160"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3175"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3174"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3169"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3179"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3171"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3162"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3170"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3168"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3173"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2320-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/oxide-qt/1.0.5-0ubuntu0.14.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1356372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1720"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1720"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1700"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3167"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0538"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1740"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3173"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1702"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3165"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3168"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3171"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3175"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1749"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1727"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1741"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1729"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3166"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1722"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1714"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1715"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1715"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1701"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1745"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1748"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1702"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1742"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3174"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1704"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0538"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1732"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3170"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1713"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1743"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1721"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1701"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1704"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1746"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3172"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3176"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1700"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1714"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1705"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3162"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1703"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1744"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1703"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71105"
},
{
"db": "VULMON",
"id": "CVE-2014-3166"
},
{
"db": "BID",
"id": "69202"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003793"
},
{
"db": "PACKETSTORM",
"id": "128462"
},
{
"db": "PACKETSTORM",
"id": "127951"
},
{
"db": "PACKETSTORM",
"id": "128057"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-227"
},
{
"db": "NVD",
"id": "CVE-2014-3166"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-71105"
},
{
"db": "VULMON",
"id": "CVE-2014-3166"
},
{
"db": "BID",
"id": "69202"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003793"
},
{
"db": "PACKETSTORM",
"id": "128462"
},
{
"db": "PACKETSTORM",
"id": "127951"
},
{
"db": "PACKETSTORM",
"id": "128057"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-227"
},
{
"db": "NVD",
"id": "CVE-2014-3166"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-71105"
},
{
"date": "2014-08-13T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3166"
},
{
"date": "2014-08-12T00:00:00",
"db": "BID",
"id": "69202"
},
{
"date": "2014-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003793"
},
{
"date": "2014-09-30T00:18:23",
"db": "PACKETSTORM",
"id": "128462"
},
{
"date": "2014-08-20T23:10:01",
"db": "PACKETSTORM",
"id": "127951"
},
{
"date": "2014-09-02T06:19:45",
"db": "PACKETSTORM",
"id": "128057"
},
{
"date": "2014-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-227"
},
{
"date": "2014-08-13T04:57:12.613000",
"db": "NVD",
"id": "CVE-2014-3166"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-71105"
},
{
"date": "2022-11-10T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3166"
},
{
"date": "2015-03-19T09:36:00",
"db": "BID",
"id": "69202"
},
{
"date": "2014-08-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003793"
},
{
"date": "2022-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-227"
},
{
"date": "2024-11-21T02:07:34.720000",
"db": "NVD",
"id": "CVE-2014-3166"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "128057"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-227"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Google Chrome of Public Key Pinning Vulnerability in which important information is obtained in the implementation of",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003793"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-227"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…