SB2014061103 - Multiple vulnerabilities in Chrome
Published: June 11, 2014 Updated: February 8, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2014-3154)
The vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service or possibly have unspecified other impact via vectors related to a Blink shutdown.
2) Input validation error (CVE-ID: CVE-2014-3155)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
net/spdy/spdy_write_queue.cc in the SPDY implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging incorrect queue maintenance. Per http://cwe.mitre.org/data/definitions/125.html: "CWE-125: Out-of-bounds Read"
3) Buffer overflow (CVE-ID: CVE-2014-3156)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Buffer overflow in the clipboard implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unexpected bitmap data, related to content/renderer/renderer_clipboard_client.cc and content/renderer/webclipboard_impl.cc.
4) Buffer overflow (CVE-ID: CVE-2014-3157)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library.
Remediation
Install update from vendor's website.
References
- http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html
- http://secunia.com/advisories/58585
- http://secunia.com/advisories/59090
- http://secunia.com/advisories/60061
- http://secunia.com/advisories/60372
- http://security.gentoo.org/glsa/glsa-201408-16.xml
- http://www.debian.org/security/2014/dsa-2959
- http://www.securityfocus.com/bid/67977
- https://code.google.com/p/chromium/issues/detail?id=369525
- https://src.chromium.org/viewvc/blink?revision=173620&view=revision
- https://src.chromium.org/viewvc/chrome?revision=269345&view=revision
- http://www.securityfocus.com/bid/67980
- https://code.google.com/p/chromium/issues/detail?id=369539
- https://src.chromium.org/viewvc/chrome?revision=267984&view=revision
- https://src.chromium.org/viewvc/chrome?revision=268730&view=revision
- https://src.chromium.org/viewvc/chrome?revision=269246&view=revision
- http://www.securityfocus.com/bid/67981
- https://code.google.com/p/chromium/issues/detail?id=369621
- https://src.chromium.org/viewvc/chrome?revision=271730&view=revision
- http://www.securityfocus.com/bid/67972
- https://code.google.com/p/chromium/issues/detail?id=368980
- https://src.chromium.org/viewvc/chrome?revision=268831&view=revision