Google : Security Vulnerabilities, CVEs, Published In August 2014 (Overflow)
modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service (read of uninitialized memory) via crafted API calls.
Max CVSS
5.0
EPSS Score
1.80%
Published
2014-08-27
Updated
2017-08-29
The WebGL implementation in Google Chrome before 37.0.2062.94 does not ensure that clear calls interact properly with the state of a draw buffer, which allows remote attackers to cause a denial of service (read of uninitialized memory) via a crafted CANVAS element, related to gpu/command_buffer/service/framebuffer_manager.cc and gpu/command_buffer/service/gles2_cmd_decoder.cc.
Max CVSS
5.0
EPSS Score
1.80%
Published
2014-08-27
Updated
2017-08-29
2 vulnerabilities found