CVE-2014-3174

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-3174
modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service (read of uninitialized memory) via crafted API calls.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html
http://secunia.com/advisories/60268
http://secunia.com/advisories/60424
http://secunia.com/advisories/61482
http://security.gentoo.org/glsa/glsa-201408-16.xml
http://www.debian.org/security/2014/dsa-3039
http://www.securityfocus.com/bid/69407
http://www.securitytracker.com/id/1030767
https://crbug.com/389219
https://exchange.xforce.ibmcloud.com/vulnerabilities/95474
https://src.chromium.org/viewvc/blink?revision=177250&view=revision
http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html
http://secunia.com/advisories/60268
http://secunia.com/advisories/60424
http://secunia.com/advisories/61482
http://security.gentoo.org/glsa/glsa-201408-16.xml
http://www.debian.org/security/2014/dsa-3039
http://www.securityfocus.com/bid/69407
http://www.securitytracker.com/id/1030767
https://crbug.com/389219
https://exchange.xforce.ibmcloud.com/vulnerabilities/95474
https://src.chromium.org/viewvc/blink?revision=177250&view=revision
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.3:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.4:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.5:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.6:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.7:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.8:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.9:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.10:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.11:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.12:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.13:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.14:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.15:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.16:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.17:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.18:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.19:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.20:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.21:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.22:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.23:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.24:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.25:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.26:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.27:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.28:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.29:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.30:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.31:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.32:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.34:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.35:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.36:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.37:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.39:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.43:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.44:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.45:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.46:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.47:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.48:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.49:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.50:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.51:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.52:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.53:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.54:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.55:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.56:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.57:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.58:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.59:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.60:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.61:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.62:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.63:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.64:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.65:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.66:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.67:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.68:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.69:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.70:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.71:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.72:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.73:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.74:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.75:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.76:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.77:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.78:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.80:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.81:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.89:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.90:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.91:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:37.0.2062.92:*:*:*:*:*:*:*
History

21 Nov 2024, 02:07

Type Values Removed Values Added
References () http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html - () http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html -
References () http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html - () http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html -
References () http://secunia.com/advisories/60268 - () http://secunia.com/advisories/60268 -
References () http://secunia.com/advisories/60424 - () http://secunia.com/advisories/60424 -
References () http://secunia.com/advisories/61482 - () http://secunia.com/advisories/61482 -
References () http://security.gentoo.org/glsa/glsa-201408-16.xml - () http://security.gentoo.org/glsa/glsa-201408-16.xml -
References () http://www.debian.org/security/2014/dsa-3039 - () http://www.debian.org/security/2014/dsa-3039 -
References () http://www.securityfocus.com/bid/69407 - () http://www.securityfocus.com/bid/69407 -
References () http://www.securitytracker.com/id/1030767 - () http://www.securitytracker.com/id/1030767 -
References () https://crbug.com/389219 - () https://crbug.com/389219 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/95474 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/95474 -
References () https://src.chromium.org/viewvc/blink?revision=177250&view=revision - () https://src.chromium.org/viewvc/blink?revision=177250&view=revision -

07 Nov 2023, 02:19

Type Values Removed Values Added
References (CONFIRM) http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html - Vendor Advisory () http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html -
References (BID) http://www.securityfocus.com/bid/69407 - () http://www.securityfocus.com/bid/69407 -
References (SECUNIA) http://secunia.com/advisories/60268 - () http://secunia.com/advisories/60268 -
References (SECTRACK) http://www.securitytracker.com/id/1030767 - () http://www.securitytracker.com/id/1030767 -
References (DEBIAN) http://www.debian.org/security/2014/dsa-3039 - () http://www.debian.org/security/2014/dsa-3039 -
References (SECUNIA) http://secunia.com/advisories/61482 - () http://secunia.com/advisories/61482 -
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/95474 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/95474 -
References (SECUNIA) http://secunia.com/advisories/60424 - () http://secunia.com/advisories/60424 -
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html - () http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html -
References (CONFIRM) https://crbug.com/389219 - () https://crbug.com/389219 -
References (GENTOO) http://security.gentoo.org/glsa/glsa-201408-16.xml - () http://security.gentoo.org/glsa/glsa-201408-16.xml -
References (CONFIRM) https://src.chromium.org/viewvc/blink?revision=177250&view=revision - Patch () https://src.chromium.org/viewvc/blink?revision=177250&view=revision -
Information

Published : 2014-08-27 01:55

Updated : 2025-04-12 10:46

NVD link : CVE-2014-3174

Mitre link : CVE-2014-3174

CVE.ORG link : CVE-2014-3174

JSON object : View

Products Affected

google

  • chrome
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer