Bug 868707 (CVE-2014-1704) - VUL-0: CVE-2014-1704 CVE-2014-1705: v8: two security problems
Summary: VUL-0: CVE-2014-1704 CVE-2014-1705: v8: two security problems
Status: RESOLVED FIXED
Alias: CVE-2014-1704
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other openSUSE 12.3
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Forgotten User sM9JzehKpy
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/97082/
Whiteboard: CVSSv2:NVD:CVE-2014-1704:10.0:(AV:N/...
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-17 15:30 UTC by Marcus Meissner
Modified: 2020-04-01 22:10 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2014-03-17 15:30:39 UTC 
CVE-2014-1704 CVE-2014-1705 


http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1704
Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

https://code.google.com/p/v8/source/detail?r=19668
https://code.google.com/p/v8/source/detail?r=19614
https://code.google.com/p/v8/source/detail?r=18564
https://code.google.com/p/chromium/issues/detail?id=349079
https://code.google.com/p/chromium/issues/detail?id=345715
https://code.google.com/p/chromium/issues/detail?id=328202
http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html


Name: CVE-2014-1705
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1705
Assigned: 20140129
Reference: http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html
Reference: http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html
Reference: https://code.google.com/p/chromium/issues/detail?id=351787

Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and
Linux and before 33.0.1750.154 on Windows, allows remote attackers to
cause a denial of service (memory corruption) or possibly have
unspecified other impact via unknown vectors.
Comment 1 Swamp Workflow Management 2014-03-17 23:00:53 UTC 
bugbot adjusting priority
Comment 2 Forgotten User sM9JzehKpy 2014-11-26 14:00:10 UTC 
Closing bug as that we already have Chromium Stable version 39.