CVE-2014-3188
Last modified
CVE-2014-3188 is a vulnerability of currently unknown severity. Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h.. EPSS estimates a 5.95% chance of exploitation in the next 30 days.
Description
Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Chrome Os | <= 38.0.2125.77 | |
| Chrome | <= 38.0.2125.7 | |
| Redhat | Enterprise Linux Desktop Supplementary | 6.0 |
| Redhat | Enterprise Linux Server Supplementary | 6.0 |
| Redhat | Enterprise Linux Server Supplementary Eus | 6.6.z |
| Redhat | Enterprise Linux Workstation Supplementary | 6.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-3188?
How severe is CVE-2014-3188?
How do I fix CVE-2014-3188?
Are you affected by CVE-2014-3188?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST