CVE-2014-1730

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-1730
Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc.

7.8 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:N/A:N

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html
http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html
http://secunia.com/advisories/58301
http://secunia.com/advisories/60372
http://security.gentoo.org/glsa/glsa-201408-16.xml
http://www.debian.org/security/2014/dsa-2920
https://code.google.com/p/chromium/issues/detail?id=354967
https://code.google.com/p/v8/source/detail?r=20375
https://code.google.com/p/v8/source/detail?r=20377
https://code.google.com/p/v8/source/detail?r=20388
https://code.google.com/p/v8/source/detail?r=20593
https://code.google.com/p/v8/source/detail?r=20595
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
History

07 Nov 2023, 02:19

Type Values Removed Values Added
References (CONFIRM) https://code.google.com/p/v8/source/detail?r=20375 - Vendor Advisory () https://code.google.com/p/v8/source/detail?r=20375 -
References (CONFIRM) https://code.google.com/p/chromium/issues/detail?id=354967 - Permissions Required () https://code.google.com/p/chromium/issues/detail?id=354967 -
References (SUSE) http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html - Broken Link () http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html -
References (CONFIRM) https://code.google.com/p/v8/source/detail?r=20388 - Vendor Advisory () https://code.google.com/p/v8/source/detail?r=20388 -
References (GENTOO) http://security.gentoo.org/glsa/glsa-201408-16.xml - Third Party Advisory () http://security.gentoo.org/glsa/glsa-201408-16.xml -
References (CONFIRM) http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html - Broken Link, Release Notes, Vendor Advisory () http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html -
References (CONFIRM) https://code.google.com/p/v8/source/detail?r=20595 - Vendor Advisory () https://code.google.com/p/v8/source/detail?r=20595 -
References (SECUNIA) http://secunia.com/advisories/60372 - Broken Link () http://secunia.com/advisories/60372 -
References (SECUNIA) http://secunia.com/advisories/58301 - Broken Link, Vendor Advisory () http://secunia.com/advisories/58301 -
References (DEBIAN) http://www.debian.org/security/2014/dsa-2920 - Third Party Advisory () http://www.debian.org/security/2014/dsa-2920 -
References (SUSE) http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html - Broken Link () http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html -
References (CONFIRM) https://code.google.com/p/v8/source/detail?r=20593 - Vendor Advisory () https://code.google.com/p/v8/source/detail?r=20593 -
References (CONFIRM) https://code.google.com/p/v8/source/detail?r=20377 - Vendor Advisory () https://code.google.com/p/v8/source/detail?r=20377 -

10 Nov 2022, 17:58

Type Values Removed Values Added
References (SECUNIA) http://secunia.com/advisories/58301 - (SECUNIA) http://secunia.com/advisories/58301 - Broken Link, Vendor Advisory
References (CONFIRM) https://code.google.com/p/chromium/issues/detail?id=354967 - (CONFIRM) https://code.google.com/p/chromium/issues/detail?id=354967 - Permissions Required
References (GENTOO) http://security.gentoo.org/glsa/glsa-201408-16.xml - (GENTOO) http://security.gentoo.org/glsa/glsa-201408-16.xml - Third Party Advisory
References (CONFIRM) https://code.google.com/p/v8/source/detail?r=20388 - (CONFIRM) https://code.google.com/p/v8/source/detail?r=20388 - Vendor Advisory
References (SECUNIA) http://secunia.com/advisories/60372 - (SECUNIA) http://secunia.com/advisories/60372 - Broken Link
References (CONFIRM) https://code.google.com/p/v8/source/detail?r=20375 - (CONFIRM) https://code.google.com/p/v8/source/detail?r=20375 - Vendor Advisory
References (CONFIRM) http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html - Vendor Advisory (CONFIRM) http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html - Broken Link, Release Notes, Vendor Advisory
References (SUSE) http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html - (SUSE) http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html - Broken Link
References (CONFIRM) https://code.google.com/p/v8/source/detail?r=20595 - (CONFIRM) https://code.google.com/p/v8/source/detail?r=20595 - Vendor Advisory
References (CONFIRM) https://code.google.com/p/v8/source/detail?r=20593 - (CONFIRM) https://code.google.com/p/v8/source/detail?r=20593 - Vendor Advisory
References (SUSE) http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html - (SUSE) http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html - Broken Link
References (DEBIAN) http://www.debian.org/security/2014/dsa-2920 - (DEBIAN) http://www.debian.org/security/2014/dsa-2920 - Third Party Advisory
References (CONFIRM) https://code.google.com/p/v8/source/detail?r=20377 - (CONFIRM) https://code.google.com/p/v8/source/detail?r=20377 - Vendor Advisory
CPE cpe:2.3:a:google:chrome:34.0.1847.104:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.44:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.118:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.37:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.79:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.57:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.94:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.61:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.6:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.83:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.59:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.81:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.43:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.100:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.48:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.39:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.91:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.56:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.8:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.25:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.10:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.14:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.80:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.111:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.69:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.65:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.77:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.72:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.15:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.52:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.120:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.7:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.3:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.130:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.71:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.86:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.49:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.42:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.85:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.47:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.41:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.60:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.54:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.73:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.98:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.114:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.68:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.113:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.23:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.63:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.99:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.24:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.50:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.64:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.53:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.97:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.102:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.67:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.109:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.55:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.45:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.82:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.116:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.58:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.4:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.115:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.66:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.78:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.46:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.103:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.38:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.9:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.5:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.92:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.75:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.87:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.12:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.101:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.51:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.36:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.76:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.74:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.62:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:34.0.1847.112:*:*:*:*:*:*:*		 cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
CWE CWE-264 CWE-843
Information

Published : 2014-04-26 10:55

Updated : 2023-12-10 11:31

NVD link : CVE-2014-1730

Mitre link : CVE-2014-1730

CVE.ORG link : CVE-2014-1730

JSON object : View

Products Affected

linux

  • linux_kernel

microsoft

  • windows

google

  • chrome

apple

  • mac_os_x
CWE
CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')