Vulnerability Details : CVE-2014-1703
Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDrop function in content/browser/renderer_host/websocket_dispatcher_host.cc in the Web Sockets implementation in Google Chrome before 33.0.1750.149 might allow remote attackers to bypass the sandbox protection mechanism by leveraging an incorrect deletion in a certain failure case.
Vulnerability category: Memory Corruption
Products affected by CVE-2014-1703
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.113:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.112:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.104:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.93:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.83:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.82:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.73:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.71:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.64:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.63:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.56:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.55:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.47:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.115:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.107:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.106:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.88:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.85:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.75:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.74:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.66:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.65:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.58:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.57:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.109:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.108:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.90:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.89:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.79:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.77:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.76:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.68:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.67:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.60:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.51:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.34:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.111:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.110:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.92:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.91:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.81:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.80:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.70:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.69:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.62:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.61:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.54:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.53:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.25:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.125:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.126:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.135:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.136:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.116:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.117:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.124:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.132:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.133:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.144:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-1703
1.11%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-1703
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2014-1703
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-1703
-
http://www.securitytracker.com/id/1029914
Google Chrome Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks - SecurityTracker
-
http://security.gentoo.org/glsa/glsa-201408-16.xml
Chromium: Multiple vulnerabilities (GLSA 201408-16) — Gentoo security
-
https://code.google.com/p/chromium/issues/detail?id=338354
338354 - Heap-use-after-free in IPC::Message::Header const* Pickle::headerT<IPC::Message::Header> - chromium - Monorail
-
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html
[security-announce] openSUSE-SU-2014:0501-1: important: chromium to 33.0
-
http://www.debian.org/security/2014/dsa-2883
Debian -- Security Information -- DSA-2883-1 chromium-browser
-
https://src.chromium.org/viewvc/chrome?revision=247627&view=revision
[chrome] Revision 247627
-
http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html
Chrome Releases: Stable Channel UpdateVendor Advisory
Jump to