PT-2014-1035 · Google+1 · Google Chrome+1

Publicado

2014-04-24

Atualizado

2024-06-15

CVE-2014-1730

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 34.0.1847.131 on Windows and OS X Google Chrome versions prior to 34.0.1847.132 on Linux

Description The issue is related to incorrect storage of internationalization metadata, allowing remote attackers to bypass intended access restrictions. This is achieved by leveraging "type confusion" and reading property values, with the vulnerability being connected to i18n.js and runtime.cc.

Recommendations For Google Chrome versions prior to 34.0.1847.131 on Windows and OS X, update to version 34.0.1847.131 or later. For Google Chrome versions prior to 34.0.1847.132 on Linux, update to version 34.0.1847.132 or later.

Correção

Type Confusion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264CWE-843

Identificadores relacionados

BDU:2014-00117

BDU:2015-00097

CVE-2014-1730

DSA-2920-1

MGASA-2014-0213

OPENSUSE-SU-2024:10171-1

OPENSUSE-SU-2024:12948-1

USN-2298-1

Produtos afetados

Google Chrome

Ubuntu

PT-2014-1035 · Google+1 · Google Chrome+1

CVE-2014-1730

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2417