Vulnerability CVE-2014-3157: Information

Description

Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library.

Severity: HIGH (7.5)

URL: https://nvd.nist.gov/vuln/detail/CVE-2014-3157

Published: June 11, 2014

Modified: Nov. 7, 2023

Error type identifier: CWE-119

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
chromium	sisyphus	36.0.1985.125-alt1	125.0.6422.141-alt1	ALT-PU-2014-1955-1	125664	Fixed
chromium	p10	36.0.1985.125-alt1	119.0.6045.159-alt0.p10.1	ALT-PU-2014-1955-1	125664	Fixed
chromium	p9	36.0.1985.125-alt1	97.0.4692.99-alt0.p9.1	ALT-PU-2014-1955-1	125664	Fixed
chromium	c10f1	36.0.1985.125-alt1	110.0.5481.177-alt1.p10.1	ALT-PU-2014-1955-1	125664	Fixed
chromium	c9f2	36.0.1985.125-alt1	84.0.4147.105-alt1.1.p9	ALT-PU-2014-1955-1	125664	Fixed
chromium	c7	38.0.2125.122-alt0.M70C.2	38.0.2125.122-alt0.M70C.2	ALT-PU-2016-1955-1	168870	Fixed
chromium	p11	36.0.1985.125-alt1	125.0.6422.141-alt1	ALT-PU-2014-1955-1	125664	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://src.chromium.org/viewvc/chrome?revision=268831&view=revision
67972
https://code.google.com/p/chromium/issues/detail?id=368980
59090
http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html
GLSA-201408-16
60372
60061
58585
DSA-2959

Affected configurations:
1. Configuration 1
  cpe:2.3:a:google:chrome:35.0.1916.114:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.99:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.57:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.122:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.3:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.38:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.105:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.128:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.95:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.52:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.82:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.42:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.36:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.111:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.124:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.61:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.98:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.47:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.110:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.10:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.20:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.85:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.9:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.92:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.119:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.23:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.49:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.54:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.106:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.35:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.33:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.5:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.11:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.86:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.117:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.125:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.17:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.13:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.118:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.72:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.109:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.77:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.88:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.59:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.44:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.108:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.74:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.140:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.45:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.137:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.18:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.151:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.107:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.21:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.6:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.71:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.41:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.8:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.4:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.127:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.19:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.0:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.40:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.149:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.101:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.32:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.51:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
  End including
  35.0.1916.152
  cpe:2.3:a:google:chrome:35.0.1916.115:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.142:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.116:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.80:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.39:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.43:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.121:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.93:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.113:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.34:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.37:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.103:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.123:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.90:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.68:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.141:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.1:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.112:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.27:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.7:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.126:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.120:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.84:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.138:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.46:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.104:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.22:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.150:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.69:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.15:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.31:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.96:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.14:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.56:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.2:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:35.0.1916.48:*:*:*:*:*:*:*

Version: v24.5.3

Vulnerability CVE-2014-3157: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1