Vulnerabilities > CVE-2014-7908 - Numeric Errors vulnerability in Google Chrome
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a large atom in (1) MPEG-4 or (2) QuickTime .mov data.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_D395E44F6F4F11E4A44400262D5ED8EE.NASL description Google Chrome Releases reports : 42 security fixes in this release, including : - [389734] High CVE-2014-7899: Address bar spoofing. Credit to Eli Grey. - [406868] High CVE-2014-7900: Use-after-free in pdfium. Credit to Atte Kettunen from OUSPG. - [413375] High CVE-2014-7901: Integer overflow in pdfium. Credit to cloudfuzzer. - [414504] High CVE-2014-7902: Use-after-free in pdfium. Credit to cloudfuzzer. - [414525] High CVE-2014-7903: Buffer overflow in pdfium. Credit to cloudfuzzer. - [418161] High CVE-2014-7904: Buffer overflow in Skia. Credit to Atte Kettunen from OUSPG. - [421817] High CVE-2014-7905: Flaw allowing navigation to intents that do not have the BROWSABLE category. Credit to WangTao(neobyte) of Baidu X-Team. - [423030] High CVE-2014-7906: Use-after-free in pepper plugins. Credit to Chen Zhang (demi6od) of the NSFOCUS Security Team. - [423703] High CVE-2014-0574: Double-free in Flash. Credit to biloulehibou. - [424453] High CVE-2014-7907: Use-after-free in blink. Credit to Chen Zhang (demi6od) of the NSFOCUS Security Team. - [425980] High CVE-2014-7908: Integer overflow in media. Credit to Christoph Diehl. - [391001] Medium CVE-2014-7909: Uninitialized memory read in Skia. Credit to miaubiz. - CVE-2014-7910: Various fixes from internal audits, fuzzing and other initiatives. last seen 2020-06-01 modified 2020-06-02 plugin id 79320 published 2014-11-19 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79320 title FreeBSD : chromium -- multiple vulnerabilities (d395e44f-6f4f-11e4-a444-00262d5ed8ee) NASL family MacOS X Local Security Checks NASL id MACOSX_GOOGLE_CHROME_39_0_2171_65.NASL description The version of Google Chrome installed on the remote Mac OS X host is a version prior to 39.0.2171.65. It is, therefore, affected by the following vulnerabilities : - A double-free vulnerability exists in the version of Adobe Flash bundled with Chrome which could result in arbitrary code execution. (CVE-2014-0574) - An unspecified address bar spoofing vulnerability exists which could be used to aid in phishing attacks. (CVE-2014-7899) - Multiple use-after-free vulnerabilities exist in pdfium which could result in arbitrary code execution. (CVE-2014-7900, CVE-2014-7902) - Integer overflow vulnerabilities exist in pdfium and the media component which could result in arbitrary code execution. (CVE-2014-7901, CVE-2014-7908) - Buffer overflow vulnerabilities exist in pdfium and Skia which could result in arbitrary code execution. (CVE-2014-7903, CVE-2014-7904) - Use-after-free vulnerabilities exist in Pepper plugins and Blink which could result in arbitrary code execution. (CVE-2014-7906, CVE-2014-7907) - An unspecified uninitialized memory read exists. (CVE-2014-7909) - Multiple unspecified vulnerabilities exist. (CVE-2014-7910) last seen 2020-06-01 modified 2020-06-02 plugin id 79337 published 2014-11-19 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79337 title Google Chrome < 39.0.2171.65 Multiple Vulnerabilities (Mac OS X) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2410-1.NASL description A buffer overflow was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacked could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7904) Multiple use-after-frees were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacked could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7907) An integer overflow was discovered in media. If a user were tricked in to opening a specially crafted website, an attacked could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7908) An uninitialized memory read was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2014-7909) Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7910). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 79354 published 2014-11-20 reporter Ubuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79354 title Ubuntu 14.04 LTS / 14.10 : oxide-qt vulnerabilities (USN-2410-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-1894.NASL description Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Chromium is an open source web browser, powered by WebKit (Blink). Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. (CVE-2014-7904, CVE-2014-7906, CVE-2014-7907, CVE-2014-7910, CVE-2014-7908, CVE-2014-7909) A flaw was found in the way Chromium parsed certain URL values. A malicious attacker could use this flaw to perform phishing attacks. (CVE-2014-7899) All Chromium users should upgrade to these updated packages, which contain Chromium version 39.0.2171.65, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect. last seen 2020-05-31 modified 2014-11-25 plugin id 79426 published 2014-11-25 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79426 title RHEL 6 : chromium-browser (RHSA-2014:1894) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201412-13.NASL description The remote host is affected by the vulnerability described in GLSA-201412-13 (Chromium: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 79966 published 2014-12-15 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/79966 title GLSA-201412-13 : Chromium: Multiple vulnerabilities NASL family Windows NASL id GOOGLE_CHROME_39_0_2171_65.NASL description The version of Google Chrome installed on the remote Windows host is a version prior to 39.0.2171.65. It is, therefore, affected by the following vulnerabilities : - A double-free vulnerability exists in the version of Adobe Flash bundled with Chrome which could result in arbitrary code execution. (CVE-2014-0574) - An unspecified address bar spoofing vulnerability exists which could be used to aid in phishing attacks. (CVE-2014-7899) - Multiple use-after-free vulnerabilities exist in pdfium which could result in arbitrary code execution. (CVE-2014-7900, CVE-2014-7902) - Integer overflow vulnerabilities exist in pdfium and the media component which could result in arbitrary code execution. (CVE-2014-7901, CVE-2014-7908) - Buffer overflow vulnerabilities exist in pdfium and Skia which could result in arbitrary code execution. (CVE-2014-7903, CVE-2014-7904) - Use-after-free vulnerabilities exist in Pepper plugins and Blink which could result in arbitrary code execution. (CVE-2014-7906, CVE-2014-7907) - An unspecified uninitialized memory read exists. (CVE-2014-7909) - Multiple unspecified vulnerabilities exist. (CVE-2014-7910) last seen 2020-06-01 modified 2020-06-02 plugin id 79336 published 2014-11-19 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79336 title Google Chrome < 39.0.2171.65 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-764.NASL description chromium was updated to version 39.0.2171.65 to fix 13 security issues. These security issues were fixed : - Use-after-free in pepper plugins (CVE-2014-7906). - Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chromebefore 39.0.2171.65, al... (CVE-2014-7903). - Uninitialized memory read in Skia (CVE-2014-7909). - Unspecified security issues (CVE-2014-7910). - Integer overflow in media (CVE-2014-7908). - Integer overflow in the opj_t2_read_packet_data function infxcodec/fx_libopenjpeg/libopenjpeg20/t2.... (CVE-2014-7901). - Use-after-free in blink (CVE-2014-7907). - Address bar spoofing (CVE-2014-7899). - Buffer overflow in Skia (CVE-2014-7904). - Use-after-free vulnerability in the CPDF_Parser (CVE-2014-7900). - Use-after-free vulnerability in PDFium allows DoS (CVE-2014-7902). - Flaw allowing navigation to intents that do not have the BROWSABLE category (CVE-2014-7905). - Double-free in Flash (CVE-2014-0574). last seen 2020-06-05 modified 2014-12-15 plugin id 79997 published 2014-12-15 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79997 title openSUSE Security Update : chromium (openSUSE-SU-2014:1626-1)
Redhat
advisories |
| ||||
rpms |
|
References
- http://www.securitytracker.com/id/1031241
- https://chromium.googlesource.com/chromium/src/+/b2006ac87cec58363090e7d5e10d5d9e3bbda9f9
- http://rhn.redhat.com/errata/RHSA-2014-1894.html
- http://secunia.com/advisories/62608
- https://code.google.com/p/chromium/issues/detail?id=425980
- http://secunia.com/advisories/60194
- http://www.securityfocus.com/bid/71168
- http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98796