7.5

CVE-2014-7906

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version <= 39.0.2171.45
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.95% 0.776
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
http://rhn.redhat.com/errata/RHSA-2014-1894.html
http://secunia.com/advisories/60194
http://www.securitytracker.com/id/1031241
http://www.securityfocus.com/bid/71159
https://chromium.googlesource.com/chromium/src/+/3a2cf7d1376ae33054b878232fb38b8fbed29e31
https://code.google.com/p/chromium/issues/detail?id=423030
https://exchange.xforce.ibmcloud.com/vulnerabilities/98794