CVE-2014-3192

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.6.z:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:6.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:07

Type Values Removed Values Added
References () http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html - () http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html -
References () http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html - () http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html -
References () http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html - () http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html -
References () http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html - () http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html -
References () http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html - () http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html -
References () http://rhn.redhat.com/errata/RHSA-2014-1626.html - () http://rhn.redhat.com/errata/RHSA-2014-1626.html -
References () http://support.apple.com/HT204243 - () http://support.apple.com/HT204243 -
References () http://support.apple.com/HT204245 - () http://support.apple.com/HT204245 -
References () http://support.apple.com/HT204246 - () http://support.apple.com/HT204246 -
References () http://www.securityfocus.com/bid/70273 - () http://www.securityfocus.com/bid/70273 -
References () http://www.securitytracker.com/id/1031647 - () http://www.securitytracker.com/id/1031647 -
References () https://crbug.com/403276 - () https://crbug.com/403276 -
References () https://src.chromium.org/viewvc/blink?revision=182309&view=revision - () https://src.chromium.org/viewvc/blink?revision=182309&view=revision -
References () https://support.apple.com/kb/HT204949 - () https://support.apple.com/kb/HT204949 -

07 Nov 2023, 02:20

Type Values Removed Values Added
References (CONFIRM) http://support.apple.com/HT204243 - Third Party Advisory () http://support.apple.com/HT204243 -
References (SECTRACK) http://www.securitytracker.com/id/1031647 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1031647 -
References (CONFIRM) http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html - Vendor Advisory () http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html -
References (CONFIRM) https://support.apple.com/kb/HT204949 - Third Party Advisory () https://support.apple.com/kb/HT204949 -
References (CONFIRM) https://crbug.com/403276 - Issue Tracking, Third Party Advisory () https://crbug.com/403276 -
References (BID) http://www.securityfocus.com/bid/70273 - () http://www.securityfocus.com/bid/70273 -
References (APPLE) http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html - Mailing List, Third Party Advisory () http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html -
References (CONFIRM) http://support.apple.com/HT204246 - Third Party Advisory () http://support.apple.com/HT204246 -
References (APPLE) http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html - Mailing List, Third Party Advisory () http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html -
References (CONFIRM) https://src.chromium.org/viewvc/blink?revision=182309&view=revision - Issue Tracking, Third Party Advisory () https://src.chromium.org/viewvc/blink?revision=182309&view=revision -
References (APPLE) http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html - Mailing List, Third Party Advisory () http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html -
References (REDHAT) http://rhn.redhat.com/errata/RHSA-2014-1626.html - Third Party Advisory () http://rhn.redhat.com/errata/RHSA-2014-1626.html -
References (CONFIRM) http://support.apple.com/HT204245 - Third Party Advisory () http://support.apple.com/HT204245 -
References (APPLE) http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html - Mailing List, Third Party Advisory () http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html -

Information

Published : 2014-10-08 10:55

Updated : 2024-11-21 02:07


NVD link : CVE-2014-3192

Mitre link : CVE-2014-3192

CVE.ORG link : CVE-2014-3192


JSON object : View

Products Affected

redhat

  • enterprise_linux_workstation_supplementary
  • enterprise_linux_server_supplementary_eus
  • enterprise_linux_server_supplementary
  • enterprise_linux_desktop_supplementary

apple

  • itunes
  • iphone_os
  • safari
  • tvos

google

  • chrome
CWE
CWE-416

Use After Free