Vulnerability CVE-2014-3192: Information

Description

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Severity: HIGH (7.5)

URL: https://nvd.nist.gov/vuln/detail/CVE-2014-3192
Published: Oct. 8, 2014
Modified: Nov. 7, 2023
Error type identifier: CWE-416

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
chromiumsisyphus38.0.2125.101-alt1125.0.6422.141-alt1ALT-PU-2014-2280-1132612Fixed
chromiump1038.0.2125.101-alt1119.0.6045.159-alt0.p10.1ALT-PU-2014-2280-1132612Fixed
chromiump938.0.2125.101-alt197.0.4692.99-alt0.p9.1ALT-PU-2014-2280-1132612Fixed
chromiumc10f138.0.2125.101-alt1110.0.5481.177-alt1.p10.1ALT-PU-2014-2280-1132612Fixed
chromiumc9f238.0.2125.101-alt184.0.4147.105-alt1.1.p9ALT-PU-2014-2280-1132612Fixed
chromiumc738.0.2125.122-alt0.M70C.238.0.2125.122-alt0.M70C.2ALT-PU-2016-1955-1168870Fixed
chromiump1138.0.2125.101-alt1125.0.6422.141-alt1ALT-PU-2014-2280-1132612Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
1031647
    http://support.apple.com/HT204245
      RHSA-2014:1626
        http://support.apple.com/HT204246
          APPLE-SA-2015-06-30-6
            https://src.chromium.org/viewvc/blink?revision=182309&view=revision
              http://support.apple.com/HT204243
                APPLE-SA-2015-01-27-2
                  APPLE-SA-2015-01-27-3
                    https://support.apple.com/kb/HT204949
                      APPLE-SA-2015-01-27-1
                        70273
                          https://crbug.com/403276
                            http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html

                                1. Configuration 1

                                  cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*
                                  cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*
                                  cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*
                                  cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.6.z:*:*:*:*:*:*:*

                                  Configuration 2

                                  cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*
                                  cpe:2.3:a:apple:safari:6.2.2:*:*:*:*:*:*:*
                                  cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
                                  End including
                                  8.1.2
                                  cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
                                  End including
                                  12.1.3
                                  cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*
                                  cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
                                  End including
                                  7.0.1

                                  Configuration 3

                                  cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
                                  End including
                                  38.0.2125.7
                              VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                              Version: v24.5.3
                              Back to top