Details of VAR-201408-0378

ID

VAR-201408-0378

CVE

CVE-2014-3166

TITLE

Google Chrome of Public Key Pinning Vulnerability in which important information is obtained in the implementation of

Trust: 0.8

sources: JVNDB: JVNDB-2014-003793

DESCRIPTION

The Public Key Pinning (PKP) implementation in Google Chrome before 36.0.1985.143 on Windows, OS X, and Linux, and before 36.0.1985.135 on Android, does not correctly consider the properties of SPDY connections, which allows remote attackers to obtain sensitive information by leveraging the use of multiple domain names. Google Chrome is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. Versions prior to Chrome 36.0.1985.143 are vulnerable. Verify the properties of the SPDY connection. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3039-1 security@debian.org http://www.debian.org/security/ Michael Gilbert September 28, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2014-3160 CVE-2014-3162 CVE-2014-3165 CVE-2014-3166 CVE-2014-3167 CVE-2014-3168 CVE-2014-3169 CVE-2014-3170 CVE-2014-3171 CVE-2014-3172 CVE-2014-3173 CVE-2014-3174 CVE-2014-3175 CVE-2014-3176 CVE-2014-3177 CVE-2014-3178 CVE-2014-3179 Several vulnerabilities were discovered in the chromium web browser. CVE-2014-3160 Christian Schneider discovered a same origin bypass issue in SVG file resource fetching. CVE-2014-3162 The Google Chrome development team addressed multiple issues with potential security impact for chromium 36.0.1985.125. CVE-2014-3165 Colin Payne discovered a use-after-free issue in the Web Sockets implementation. CVE-2014-3166 Antoine Delignat-Lavaud discovered an information leak in the SPDY protocol implementation. CVE-2014-3167 The Google Chrome development team addressed multiple issues with potential security impact for chromium 36.0.1985.143. CVE-2014-3168 cloudfuzzer discovered a use-after-free issue in SVG image file handling. CVE-2014-3169 Andrzej Dyjak discovered a use-after-free issue in the Webkit/Blink Document Object Model implementation. CVE-2014-3170 Rob Wu discovered a way to spoof the url of chromium extensions. CVE-2014-3171 cloudfuzzer discovered a use-after-free issue in chromium's v8 bindings. CVE-2014-3172 Eli Grey discovered a way to bypass access restrictions using chromium's Debugger extension API. CVE-2014-3173 jmuizelaar discovered an uninitialized read issue in WebGL. CVE-2014-3174 Atte Kettunen discovered an uninitialized read issue in Web Audio. CVE-2014-3175 The Google Chrome development team addressed multiple issues with potential security impact for chromium 37.0.2062.94. CVE-2014-3176 lokihardt@asrt discovered a combination of flaws that can lead to remote code execution outside of chromium's sandbox. CVE-2014-3177 lokihardt@asrt discovered a combination of flaws that can lead to remote code execution outside of chromium's sandbox. CVE-2014-3178 miaubiz discovered a use-after-free issue in the Document Object Model implementation in Blink/Webkit. CVE-2014-3179 The Google Chrome development team addressed multiple issues with potential security impact for chromium 37.0.2062.120. For the stable distribution (wheezy), these problems have been fixed in version 37.0.2062.120-1~deb7u1. For the testing (jessie) and unstable (sid) distributions, these problems have been fixed in version 37.0.2062.120-1. We recommend that you upgrade your chromium-browser packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJUKFfrAAoJELjWss0C1vRzHiEgAIABz3HDoSbH2wCbN58xmQPs EXADJVYxCyYN6YFnR4lSxekGX3p0Gr+zjGnVzmAVAQnflWEX4e+U4nXN581oLvC4 9DRGyFW5IANzi98AViRZ5SV5lFG93q/ipL5H74/kfg4gqBoxXTw/a6QF20nRYxES S5LQGqMu9Hzkto23nzQUc45uItapphd78StNLtdpaVVN2UV3dDMItMnDpDWpxv9h kUGK1cKjcMEVWOejvI8YEALYo6OMunwR+G6HwG7soc7k4zHOlesIJ86HoKz1aYgZ Yj6reRBZxpQSwAKMzdxKT5OyAMbYadOk6ryPmJSqJv6ky5q13quqqjjecIthY29G hHRInemqRNoGjza1OJj8+vs1K+uWoLbth91CC62KXKhSGVydbOhBXyLtpWsSLGVn YOAeT45QZqmIzvSuAm3HULJmZdLmiFefu8bSHZRuJLt95UZzHBYtD8i85DTCOWaO p6XymJQPbvJtPQ1Qw+ZIJnsjzMhFIwRmuJPm67ZiLt/aQdnsY+WKWlZAvrCSxczp n+eRNRKBRsEiKIQUvRv0S91wCSVnEX6ywY/faOrZv2aH8J1VcYT+qqjMmvpzHgKl HikDmyW7k67Lko8R8Ah92+pktFFFTx/aPEGWrJUOqd+OdREPlv8F06ZNe0lK1nM2 AYn03pLaJvCv3JqGFdEUEPQQpTMsI6cs+VC21RkP9/c3RV7Y6ExjtarZ/1nNVf7q IyqZyYPRd3WmS9gIrsOODUDBWeamd1RkYm3r0u61oP+39m6rX9GIk/2FrWzrefDK nbewNAPtywb4y1Xjg4aHHFiJEVy+8D3qhZkgUTug10Xye2qSzlwRbi+eNmdFwJ/m xf8QTNvGluPcejRiCYmTEosqT2SksWULDfqUx4+3k/uIfpaI15V4QXyIhGFlNxKs cweaD6U5pAvK/RyTuxigM1ezYTs4JZFkYDhbzeCgb03mWOmbU9VP3Sqr+klRRiLA 1cOm22oXmb8P53gHFXxB9V4jBdPk7XVwjB4EA20+qHH6jIePGnhjkNm7hgZJB7Dr vuKmA7g/bCEnlGJC9XjutVXetgF6rx6uVpDKixLOHYwux+2tIu/Qy0AuWfUhT1Yu /CuW/CVztOPyLY2pOwLT5Ao1ERdCk/JzqRzCUfvX+xGirm5b3yT+9j+C2Ij1ohBc Sxs+kAJlldvbUN8/D+gyInWHqbacnu0pnIag05Cwk2mVgOGhPAyJsPuAawqtPj0K aQbBNpXhCMkTc4kRktISA6CBcQUBdWuavKmkYej3SOmluc+sjw6dbm4W8EjI1pJY 6Up8h8azSmt5OTNiAtjxrw/ddH2mFCJGo5+jUjpaICs/218+f5XnquZZMTD3tV8= =pGsl -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-2320-1 August 20, 2014 oxide-qt vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Oxide. Software Description: - oxide-qt: Web browser engine library for Qt (QML plugin) Details: A use-after-free was discovered in the websockets implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2014-3167) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: liboxideqtcore0 1.0.5-0ubuntu0.14.04.1 oxideqt-codecs 1.0.5-0ubuntu0.14.04.1 oxideqt-codecs-extra 1.0.5-0ubuntu0.14.04.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2320-1 CVE-2014-3165, CVE-2014-3166, CVE-2014-3167, https://launchpad.net/bugs/1356372 Package Information: https://launchpad.net/ubuntu/+source/oxide-qt/1.0.5-0ubuntu0.14.04.1 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201408-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: August 30, 2014 Bugs: #504328, #504890, #507212, #508788, #510288, #510904, #512944, #517304, #519788, #521276 ID: 201408-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to execute arbitrary code. Background ========== Chromium is an open-source web browser project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 37.0.2062.94 >= 37.0.2062.94 Description =========== Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could conduct a number of attacks which include: cross site scripting attacks, bypassing of sandbox protection, potential execution of arbitrary code with the privileges of the process, or cause a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-37.0.2062.94" References ========== [ 1 ] CVE-2014-1741 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1741 [ 2 ] CVE-2014-0538 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0538 [ 3 ] CVE-2014-1700 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1700 [ 4 ] CVE-2014-1701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1701 [ 5 ] CVE-2014-1702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1702 [ 6 ] CVE-2014-1703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1703 [ 7 ] CVE-2014-1704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1704 [ 8 ] CVE-2014-1705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1705 [ 9 ] CVE-2014-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1713 [ 10 ] CVE-2014-1714 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1714 [ 11 ] CVE-2014-1715 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1715 [ 12 ] CVE-2014-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1716 [ 13 ] CVE-2014-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1717 [ 14 ] CVE-2014-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1718 [ 15 ] CVE-2014-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1719 [ 16 ] CVE-2014-1720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1720 [ 17 ] CVE-2014-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1721 [ 18 ] CVE-2014-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1722 [ 19 ] CVE-2014-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1723 [ 20 ] CVE-2014-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1724 [ 21 ] CVE-2014-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1725 [ 22 ] CVE-2014-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1726 [ 23 ] CVE-2014-1727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1727 [ 24 ] CVE-2014-1728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1728 [ 25 ] CVE-2014-1729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1729 [ 26 ] CVE-2014-1730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1730 [ 27 ] CVE-2014-1731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1731 [ 28 ] CVE-2014-1732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1732 [ 29 ] CVE-2014-1733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1733 [ 30 ] CVE-2014-1734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1734 [ 31 ] CVE-2014-1735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1735 [ 32 ] CVE-2014-1740 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1740 [ 33 ] CVE-2014-1742 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1742 [ 34 ] CVE-2014-1743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1743 [ 35 ] CVE-2014-1744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1744 [ 36 ] CVE-2014-1745 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1745 [ 37 ] CVE-2014-1746 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1746 [ 38 ] CVE-2014-1747 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1747 [ 39 ] CVE-2014-1748 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1748 [ 40 ] CVE-2014-1749 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1749 [ 41 ] CVE-2014-3154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3154 [ 42 ] CVE-2014-3155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3155 [ 43 ] CVE-2014-3156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3156 [ 44 ] CVE-2014-3157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3157 [ 45 ] CVE-2014-3160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3160 [ 46 ] CVE-2014-3162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3162 [ 47 ] CVE-2014-3165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3165 [ 48 ] CVE-2014-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3166 [ 49 ] CVE-2014-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3167 [ 50 ] CVE-2014-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3168 [ 51 ] CVE-2014-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3169 [ 52 ] CVE-2014-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3170 [ 53 ] CVE-2014-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3171 [ 54 ] CVE-2014-3172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3172 [ 55 ] CVE-2014-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3173 [ 56 ] CVE-2014-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3174 [ 57 ] CVE-2014-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3175 [ 58 ] CVE-2014-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3176 [ 59 ] CVE-2014-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3177 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201408-16.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.34

sources: NVD: CVE-2014-3166 // JVNDB: JVNDB-2014-003793 // BID: 69202 // VULHUB: VHN-71105 // VULMON: CVE-2014-3166 // PACKETSTORM: 128462 // PACKETSTORM: 127951 // PACKETSTORM: 128057

AFFECTED PRODUCTS

vendor:	debian	model:	linux	scope:	eq	version:	7.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	google	model:	chrome	scope:	lt	version:	36.0.1985.57	Trust: 1.0
vendor:	google	model:	chrome	scope:	lt	version:	36.0.1985.143	Trust: 1.0
vendor:	google	model:	chrome	scope:	lt	version:	36.0.1985.135	Trust: 1.0
vendor:	google	model:	chrome	scope:	lt	version:	36.0.1985.135 (android)	Trust: 0.8
vendor:	google	model:	chrome	scope:	lt	version:	36.0.1985.143 (windows	Trust: 0.8
vendor:	google	model:	chrome	scope:	eq	version:	mac os x	Trust: 0.8
vendor:	google	model:	chrome	scope:	eq	version:	linux)	Trust: 0.8
vendor:	google	model:	chrome	scope:	eq	version:	36.0.1985.72	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	36.0.1985.76	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	36.0.1985.79	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	36.0.1985.77	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	36.0.1985.70	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	36.0.1985.74	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	36.0.1985.8	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	36.0.1985.78	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	36.0.1985.75	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	36.0.1985.73	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	17.0.96379	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.96365	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	16.0.91275	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	15.0.874102	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	2.0.172.43	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	2.0.172.37	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	2.0.172.33	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	2.0.172.31	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	2.0.172.30	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	9.0.597.94	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	9.0.597.84	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	9.0.597.107	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.344	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.310	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.309	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.308	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.307	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.306	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.305	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.304	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.303	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.302	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.301	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.300	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.237	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.226	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.225	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.224	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.223	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.222	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.221	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.220	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.219	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.218	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.217	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.216	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.215	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.214	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.213	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.212	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.211	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.210	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.21	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.209	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.208	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.207	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.206	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.205	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.204	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.203	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.202	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.201	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.200	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.20	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.2	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.19	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.18	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.17	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.16	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.15	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.14	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.13	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.12	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.11	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.105	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.104	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.103	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.102	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.101	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.100	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.10	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.1	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.551.1	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.551.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.550.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	19.0.1084.52	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	19	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	18.0.1025.168	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	18.0.1025.162	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	18.0.1025.151	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	18.0.1025.142	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.963.83	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.963.78	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.963.60	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.963.56	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.963.46	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	16.0.912.77	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	16.0.912.75	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	16.0.912.63	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	16	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	15.0.874.121	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	15.0.874.120	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	14.0.835.202	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	14.0.835.186	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	14.0.835.163	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	14	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	13.0.782.215	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	13.0.782.112	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	13.0.782.107	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	13	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	12.0.742.91	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	12.0.742.112	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	12.0.742.100	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	12	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.77	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.71	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.68	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.65	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.57	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.43	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.672.2	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10.0.648.205	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10.0.648.204	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10.0.648.133	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10.0.648.128	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10.0.648.127	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	6.0	Trust: 0.3

sources: BID: 69202 // JVNDB: JVNDB-2014-003793 // CNNVD: CNNVD-201408-227 // NVD: CVE-2014-3166

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-3166
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2014-3166
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201408-227
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-71105
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2014-3166
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-3166
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	CVE-2014-3166
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-71105
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-71105 // VULMON: CVE-2014-3166 // JVNDB: JVNDB-2014-003793 // CNNVD: CNNVD-201408-227 // NVD: CVE-2014-3166

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-200	Trust: 0.9

sources: VULHUB: VHN-71105 // JVNDB: JVNDB-2014-003793 // NVD: CVE-2014-3166

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 128057 // CNNVD: CNNVD-201408-227

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201408-227

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-003793

PATCH

title:	Revision 288435	url:	https://src.chromium.org/viewvc/chrome?revision=288435&view=revision	Trust: 0.8
title:	Revision 286598	url:	https://src.chromium.org/viewvc/chrome?revision=286598&view=revision	Trust: 0.8
title:	Stable Channel Update	url:	http://googlechromereleases.blogspot.jp/2014/08/stable-channel-update.html	Trust: 0.8
title:	Chrome for Android Update	url:	http://googlechromereleases.blogspot.jp/2014/08/chrome-for-android-update.html	Trust: 0.8
title:	Google Chrome	url:	https://www.google.co.jp/chrome/browser/	Trust: 0.8
title:	google-chrome-36.0.1985.143-stable_current_i386	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=51703	Trust: 0.6
title:	googlechrome-36.0.1985.143	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=51702	Trust: 0.6
title:	ChromeSetup-36.0.1985.143	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=51701	Trust: 0.6
title:	google_chrome_36.0.1985.135	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=51704	Trust: 0.6
title:	Ubuntu Security Notice: oxide-qt vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-2320-1	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2014-3166	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/google-fixes-12-vulnerabilities-in-chrome-36/107777/	Trust: 0.1

sources: VULMON: CVE-2014-3166 // JVNDB: JVNDB-2014-003793 // CNNVD: CNNVD-201408-227

EXTERNAL IDS

db:	NVD	id:	CVE-2014-3166	Trust: 3.2
db:	BID	id:	69202	Trust: 2.1
db:	SECUNIA	id:	60798	Trust: 1.8
db:	SECUNIA	id:	60685	Trust: 1.8
db:	SECUNIA	id:	59904	Trust: 1.8
db:	SECUNIA	id:	59693	Trust: 1.8
db:	SECTRACK	id:	1030732	Trust: 1.8
db:	JVNDB	id:	JVNDB-2014-003793	Trust: 0.8
db:	CNNVD	id:	CNNVD-201408-227	Trust: 0.7
db:	VULHUB	id:	VHN-71105	Trust: 0.1
db:	VULMON	id:	CVE-2014-3166	Trust: 0.1
db:	PACKETSTORM	id:	128462	Trust: 0.1
db:	PACKETSTORM	id:	127951	Trust: 0.1
db:	PACKETSTORM	id:	128057	Trust: 0.1

sources: VULHUB: VHN-71105 // VULMON: CVE-2014-3166 // BID: 69202 // JVNDB: JVNDB-2014-003793 // PACKETSTORM: 128462 // PACKETSTORM: 127951 // PACKETSTORM: 128057 // CNNVD: CNNVD-201408-227 // NVD: CVE-2014-3166

REFERENCES

url:	http://www.securityfocus.com/bid/69202	Trust: 1.9
url:	http://security.gentoo.org/glsa/glsa-201408-16.xml	Trust: 1.9
url:	http://googlechromereleases.blogspot.com/2014/08/chrome-for-android-update.html	Trust: 1.8
url:	http://googlechromereleases.blogspot.com/2014/08/chrome-for-ios-update.html	Trust: 1.8
url:	http://googlechromereleases.blogspot.com/2014/08/stable-channel-update.html	Trust: 1.8
url:	https://code.google.com/p/chromium/issues/detail?id=398925	Trust: 1.8
url:	http://www.debian.org/security/2014/dsa-3039	Trust: 1.8
url:	http://www.ietf.org/mail-archive/web/tls/current/msg13345.html	Trust: 1.8
url:	http://www.securitytracker.com/id/1030732	Trust: 1.8
url:	http://secunia.com/advisories/59693	Trust: 1.8
url:	http://secunia.com/advisories/59904	Trust: 1.8
url:	http://secunia.com/advisories/60685	Trust: 1.8
url:	http://secunia.com/advisories/60798	Trust: 1.8
url:	https://src.chromium.org/viewvc/chrome?revision=288435&view=revision	Trust: 1.7
url:	https://src.chromium.org/viewvc/chrome?revision=286598&view=revision	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3166	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3166	Trust: 0.8
url:	http://www.google.com/chrome	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3165	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3166	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3167	Trust: 0.2
url:	http://www.debian.org/security/	Trust: 0.2
url:	https://src.chromium.org/viewvc/chrome?revision=286598&view=revision	Trust: 0.1
url:	https://src.chromium.org/viewvc/chrome?revision=288435&view=revision	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://github.com/live-hack-cve/cve-2014-3166	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/google-fixes-12-vulnerabilities-in-chrome-36/107777/	Trust: 0.1
url:	https://usn.ubuntu.com/2320-1/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3172	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3160	Trust: 0.1
url:	http://www.debian.org/security/faq	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3175	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3174	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3169	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3179	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3171	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3162	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3176	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3178	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3177	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3170	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3168	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3173	Trust: 0.1
url:	http://www.ubuntu.com/usn/usn-2320-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/oxide-qt/1.0.5-0ubuntu0.14.04.1	Trust: 0.1
url:	https://launchpad.net/bugs/1356372	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1720	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1720	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1728	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1700	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3157	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3167	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1716	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0538	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1740	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3173	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1705	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1702	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3165	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1717	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3168	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3171	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1730	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3175	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1749	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3156	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1727	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1731	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1726	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1724	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1741	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1729	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1716	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1723	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3166	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1722	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1714	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1713	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1715	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1715	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1725	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3169	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1701	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1745	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1722	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1748	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1702	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1730	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1725	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3177	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1717	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1742	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3174	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1704	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-0538	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1732	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1727	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3170	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1713	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1733	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1743	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1721	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1718	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3155	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1735	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1728	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1747	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1701	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1704	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1721	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1746	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1726	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3172	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3176	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1732	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1734	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1700	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1723	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1718	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3160	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1714	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1731	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1705	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3154	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3162	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1733	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1703	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1724	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1729	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1744	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1703	Trust: 0.1

CREDITS

Antoine Delignat-Lavaud

Trust: 0.3

sources: BID: 69202

SOURCES

db:	VULHUB	id:	VHN-71105
db:	VULMON	id:	CVE-2014-3166
db:	BID	id:	69202
db:	JVNDB	id:	JVNDB-2014-003793
db:	PACKETSTORM	id:	128462
db:	PACKETSTORM	id:	127951
db:	PACKETSTORM	id:	128057
db:	CNNVD	id:	CNNVD-201408-227
db:	NVD	id:	CVE-2014-3166

LAST UPDATE DATE

2025-04-13T20:11:38.819000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-71105	date:	2018-12-13T00:00:00
db:	VULMON	id:	CVE-2014-3166	date:	2022-11-10T00:00:00
db:	BID	id:	69202	date:	2015-03-19T09:36:00
db:	JVNDB	id:	JVNDB-2014-003793	date:	2014-08-20T00:00:00
db:	CNNVD	id:	CNNVD-201408-227	date:	2022-11-14T00:00:00
db:	NVD	id:	CVE-2014-3166	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-71105	date:	2014-08-13T00:00:00
db:	VULMON	id:	CVE-2014-3166	date:	2014-08-13T00:00:00
db:	BID	id:	69202	date:	2014-08-12T00:00:00
db:	JVNDB	id:	JVNDB-2014-003793	date:	2014-08-15T00:00:00
db:	PACKETSTORM	id:	128462	date:	2014-09-30T00:18:23
db:	PACKETSTORM	id:	127951	date:	2014-08-20T23:10:01
db:	PACKETSTORM	id:	128057	date:	2014-09-02T06:19:45
db:	CNNVD	id:	CNNVD-201408-227	date:	2014-08-14T00:00:00
db:	NVD	id:	CVE-2014-3166	date:	2014-08-13T04:57:12.613