CVE-2014-1748

MEDIUM

Description

The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.

References

http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html

http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html

http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html

http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html

http://secunia.com/advisories/58920

http://secunia.com/advisories/59155

http://secunia.com/advisories/60372

http://security.gentoo.org/glsa/glsa-201408-16.xml

http://support.apple.com/kb/HT6596

http://www.debian.org/security/2014/dsa-2939

http://www.securitytracker.com/id/1030270

http://www.ubuntu.com/usn/USN-2937-1

https://code.google.com/p/chromium/issues/detail?id=331168

https://src.chromium.org/viewvc/blink?revision=170625&view=revision

Details

Source: MITRE

Published: 2014-05-21

Updated: 2017-12-29

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:google:chrome:35.0.1916.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.3:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.4:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.5:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.6:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.7:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.9:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.10:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.11:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.13:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.14:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.15:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.17:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.18:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.19:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.20:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.21:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.22:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.23:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.32:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.34:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.35:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.36:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.39:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.40:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.41:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.42:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.43:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.44:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.45:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.46:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.47:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.48:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.49:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.51:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.52:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.54:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.56:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.57:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.59:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.61:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.68:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.69:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.71:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.72:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.74:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.77:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.80:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.82:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.84:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.85:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.86:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.88:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.90:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.92:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.93:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.95:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.96:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.98:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.99:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.101:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.103:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.104:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.105:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.106:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.107:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.108:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.109:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.110:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.111:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:35.0.1916.112:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to 35.0.1916.113 (inclusive)

Tenable Plugins

View all (19 total)

ID	Name	Product	Family	Severity
90283	Fedora 22 : webkitgtk-2.4.10-1.fc22 (2016-9ec1850fff)	Nessus	Fedora Local Security Checks	medium
90259	openSUSE Security Update : webkitgtk (openSUSE-2016-412)	Nessus	SuSE Local Security Checks	medium
90232	Fedora 24 : webkitgtk3-2.4.10-1.fc24 (2016-fde7ffcb77)	Nessus	Fedora Local Security Checks	medium
90220	Fedora 24 : webkitgtk-2.4.10-1.fc24 (2016-a4fcb02d6b)	Nessus	Fedora Local Security Checks	medium
90104	Fedora 23 : webkitgtk-2.4.10-1.fc23 (2016-5d6d75dbea)	Nessus	Fedora Local Security Checks	medium
90094	Ubuntu 14.04 LTS / 15.10 : webkitgtk vulnerabilities (USN-2937-1)	Nessus	Ubuntu Local Security Checks	medium
90035	Fedora 23 : webkitgtk3-2.4.10-1.fc23 (2016-1a7f7ffb58)	Nessus	Fedora Local Security Checks	medium
88583	FreeBSD : webkit -- UI spoof (1091d2d1-cb2e-11e5-b14b-bcaec565249c)	Nessus	FreeBSD Local Security Checks	medium
8590	Safari < 6.2.2 / 7.1.2 / 8.0.2 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
80055	Mac OS X : Apple Safari < 6.2.2 / 7.1.2 / 8.0.2 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high
77460	GLSA-201408-16 : Chromium: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
76756	Ubuntu 14.04 LTS : oxide-qt vulnerabilities (USN-2298-1)	Nessus	Ubuntu Local Security Checks	high
75387	openSUSE Security Update : chromium (openSUSE-SU-2014:0783-1)	Nessus	SuSE Local Security Checks	high
74362	Opera < 22 Multiple Chromium Vulnerabilities	Nessus	Windows	high
74256	Debian DSA-2939-1 : chromium-browser - security update	Nessus	Debian Local Security Checks	high
8263	Google Chrome < 35.0.1916.114 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
74123	Google Chrome < 35.0.1916.114 Multiple Vulnerabilities (Mac OS X)	Nessus	MacOS X Local Security Checks	high
74122	Google Chrome < 35.0.1916.114 Multiple Vulnerabilities	Nessus	Windows	high
74114	FreeBSD : chromium -- multiple vulnerabilities (64f3872b-e05d-11e3-9dd4-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	high