CVE-2014-1730 — HIGH (7.8) — White Hats Nepal

Q: How severe is CVE-2014-1730?

CVE-2014-1730 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-1730?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Apple Mac Os X, Microsoft Windows, Linux Linux Kernel.

Vulnerability Description

Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:C/I:N/A:N

Confidentiality

COMPLETE

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Google	Chrome	< 34.0.1847.131
Apple	Mac Os X	-
Microsoft	Windows	-
Linux	Linux Kernel	-

Related Weaknesses (CWE)

CWE-843

References

FAQ

What is CVE-2014-1730?

CVE-2014-1730 is a vulnerability with a CVSS score of 7.8 (HIGH). Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to ...

How severe is CVE-2014-1730?

CVE-2014-1730 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-1730?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Apple Mac Os X, Microsoft Windows, Linux Linux Kernel.