FKIE_CVE-2014-1748

Vulnerability from fkie_nvd - Published: 2014-05-21 11:14 - Updated: 2025-04-12 10:46
Severity ?
Summary
The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.
References
chrome-cve-admin@google.comhttp://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html
chrome-cve-admin@google.comhttp://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html
chrome-cve-admin@google.comhttp://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html
chrome-cve-admin@google.comhttp://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html
chrome-cve-admin@google.comhttp://secunia.com/advisories/58920
chrome-cve-admin@google.comhttp://secunia.com/advisories/59155
chrome-cve-admin@google.comhttp://secunia.com/advisories/60372
chrome-cve-admin@google.comhttp://security.gentoo.org/glsa/glsa-201408-16.xml
chrome-cve-admin@google.comhttp://support.apple.com/kb/HT6596
chrome-cve-admin@google.comhttp://www.debian.org/security/2014/dsa-2939
chrome-cve-admin@google.comhttp://www.securitytracker.com/id/1030270
chrome-cve-admin@google.comhttp://www.ubuntu.com/usn/USN-2937-1
chrome-cve-admin@google.comhttps://code.google.com/p/chromium/issues/detail?id=331168
chrome-cve-admin@google.comhttps://src.chromium.org/viewvc/blink?revision=170625&view=revision
af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58920
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59155
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60372
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201408-16.xml
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT6596
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-2939
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030270
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2937-1
af854a3a-2127-422b-91ae-364da2661108https://code.google.com/p/chromium/issues/detail?id=331168
af854a3a-2127-422b-91ae-364da2661108https://src.chromium.org/viewvc/blink?revision=170625&view=revision
Impacted products
Vendor Product Version
google chrome *
google chrome 35.0.1916.0
google chrome 35.0.1916.1
google chrome 35.0.1916.2
google chrome 35.0.1916.3
google chrome 35.0.1916.4
google chrome 35.0.1916.5
google chrome 35.0.1916.6
google chrome 35.0.1916.7
google chrome 35.0.1916.8
google chrome 35.0.1916.9
google chrome 35.0.1916.10
google chrome 35.0.1916.11
google chrome 35.0.1916.13
google chrome 35.0.1916.14
google chrome 35.0.1916.15
google chrome 35.0.1916.17
google chrome 35.0.1916.18
google chrome 35.0.1916.19
google chrome 35.0.1916.20
google chrome 35.0.1916.21
google chrome 35.0.1916.22
google chrome 35.0.1916.23
google chrome 35.0.1916.27
google chrome 35.0.1916.31
google chrome 35.0.1916.32
google chrome 35.0.1916.33
google chrome 35.0.1916.34
google chrome 35.0.1916.35
google chrome 35.0.1916.36
google chrome 35.0.1916.37
google chrome 35.0.1916.38
google chrome 35.0.1916.39
google chrome 35.0.1916.40
google chrome 35.0.1916.41
google chrome 35.0.1916.42
google chrome 35.0.1916.43
google chrome 35.0.1916.44
google chrome 35.0.1916.45
google chrome 35.0.1916.46
google chrome 35.0.1916.47
google chrome 35.0.1916.48
google chrome 35.0.1916.49
google chrome 35.0.1916.51
google chrome 35.0.1916.52
google chrome 35.0.1916.54
google chrome 35.0.1916.56
google chrome 35.0.1916.57
google chrome 35.0.1916.59
google chrome 35.0.1916.61
google chrome 35.0.1916.68
google chrome 35.0.1916.69
google chrome 35.0.1916.71
google chrome 35.0.1916.72
google chrome 35.0.1916.74
google chrome 35.0.1916.77
google chrome 35.0.1916.80
google chrome 35.0.1916.82
google chrome 35.0.1916.84
google chrome 35.0.1916.85
google chrome 35.0.1916.86
google chrome 35.0.1916.88
google chrome 35.0.1916.90
google chrome 35.0.1916.92
google chrome 35.0.1916.93
google chrome 35.0.1916.95
google chrome 35.0.1916.96
google chrome 35.0.1916.98
google chrome 35.0.1916.99
google chrome 35.0.1916.101
google chrome 35.0.1916.103
google chrome 35.0.1916.104
google chrome 35.0.1916.105
google chrome 35.0.1916.106
google chrome 35.0.1916.107
google chrome 35.0.1916.108
google chrome 35.0.1916.109
google chrome 35.0.1916.110
google chrome 35.0.1916.111
google chrome 35.0.1916.112
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24036B85-837E-46F1-8D2A-7B06E0657979",
              "versionEndIncluding": "35.0.1916.113",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7A8B66A-B3CA-44D4-8840-E544D95C5C55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4626CE7E-1135-43BB-A999-D9E9645F4F26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15B6A451-EF11-47B4-84E7-3EF2554717BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E5FCB33-E3B3-4CB5-8009-67EBAA2AF27A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "825D51C2-BF0E-4A17-B07B-FBBE07FF3430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "44AE8107-4530-48A9-BF3D-6CEEFFDE81DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "94744496-D0BE-4FAC-B0DE-40E2EF7D2967",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D18C1D47-733C-4B51-9A04-253D06D20528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6B4DAE-315E-4D49-A4E2-169AE8C659AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E267532-0240-48B5-A8A7-D452DCE68545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B073B1B6-37FC-4481-A4A8-D859F9CAD0D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "249F1026-0BEE-44FC-BA08-B18A67EC2D34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D7BF63D-3561-4636-9D0F-5C029DE4FDE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DCFD8D-42CD-4E88-9B66-10D30390A029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B78C9F-2431-4BED-AE00-C9C6F49D91BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "6638F45A-3E2E-47A7-9E29-51BC80E821CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C21673-D3BE-4549-ADBE-86A8C544ACED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "905CE4CB-23CE-46B3-AF25-8300A348D330",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "63D7D729-94F9-406F-9AD7-FD4830234FA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B2C2C1-6D3C-416D-8BA2-8A1E8783260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E4E3A0D-5FFD-49BB-B0DC-D966D4FEE656",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "B09378C5-9960-4DBA-BADF-75F59A670949",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5DCFC6-4E56-4C8C-884C-DF1CB3BC7259",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BEB034A-ED1A-4692-BC3D-EC87204A6092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DC0366-8512-4679-9C01-92B894CB1E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "42440388-7439-407F-A753-77B5E196E764",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "08529C78-3AEF-4A48-B57A-A3AFD220E717",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4418F2D-F462-4E9B-BD09-12D24726BBAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B7553-A96D-48BC-A555-DB94EB630AAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B752A1B-08A6-4D76-9560-4B8287A43D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD5AB04-7B94-4B00-907A-499A19176509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "63AF805B-852D-412D-8B90-A4166041A0F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "741566D6-E3E0-43E6-8B12-19C1CD77C213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9BBD82A-39A6-4CC9-94FE-E3E81E0C06FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "F561EBB8-231D-481F-B109-CFEF3F010FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "3495A795-48EA-4BE9-B6CF-DF934AE3EE1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "4097E83B-5E58-4E70-B1B6-533B97C6405A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF37D299-CB0F-4F94-BBFE-4C1C966A4AB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "9965D997-4F96-48BF-94CE-BA471ADE2A26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADDAB66F-038E-4955-81B7-A6E2157C0BA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F095537D-5045-4450-BCBF-4C93E6E042F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "710040CA-3DEF-484A-88FF-C44D17526B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E8B5FDF-5ABE-4A17-B956-FE7CC3F3F1AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "5434C6FD-3C1C-4272-9D8F-5F7AB8E68046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F907549-BEA6-46C7-A528-7E97A8655595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "C66DBB18-CA4B-439E-8D2E-8E5E6A42CF62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E24A976-B366-412C-8635-CD65687C3A0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "717CD257-B2A1-4DE6-83BA-6CE0F58B1B60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "66BE9002-9D3A-4D58-A032-1E35364FAFD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.68:*:*:*:*:*:*:*",
              "matchCriteriaId": "313D6BBA-A159-47DA-97E9-CE63AD1DEBF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.69:*:*:*:*:*:*:*",
              "matchCriteriaId": "0576D407-07F9-4163-8937-8D85974918A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "72F45D58-425C-4ABB-ADD3-2BBADA74A19F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC63BF1F-DB9F-4C4E-8460-40A801084020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B3D4FD-9707-4B18-96CE-D7CF7EA5F881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.77:*:*:*:*:*:*:*",
              "matchCriteriaId": "694FBD5C-32E7-4E99-9BDD-8CE8E5D45CEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF7E21C9-50F7-44A3-B642-4BFF4699EBD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.82:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE68628B-FEBF-4A75-99C6-C6FA76A5989E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.84:*:*:*:*:*:*:*",
              "matchCriteriaId": "6755C15D-08BD-47DA-B363-6F31F7DE5923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.85:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDF01221-5CE0-4559-83E6-3273D573F0DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.86:*:*:*:*:*:*:*",
              "matchCriteriaId": "061A50AD-9D9F-44CA-867B-2E10B9282CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.88:*:*:*:*:*:*:*",
              "matchCriteriaId": "587440DE-F09E-4789-9B58-4FCDCBFA431E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3F1FFDF-509C-4608-9538-EFF07A5031C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CE0FDEC-2FDB-4902-9904-F2F9E2E6226E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "05F34690-1EFA-49D3-91B7-E3BD0B3D7056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "44578154-8DFF-4EC7-834C-B54FD6149B91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2C2D488-342C-4CAC-A07D-2C198465BC32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.98:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1D63F62-CC1E-43CF-B1D6-192492796862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.99:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5366995-F5FD-4F6E-BFB7-D1E61E52B9DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF55EAB7-A108-4B80-A969-D07A2EDA6184",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.103:*:*:*:*:*:*:*",
              "matchCriteriaId": "17E16492-4A75-474C-9DEA-B150763843B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.104:*:*:*:*:*:*:*",
              "matchCriteriaId": "E431FC69-6C1B-475D-B646-FFB2210C438B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.105:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA8FBB0-1004-40C2-AADD-4DE09CFE9326",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.106:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF6CF0AA-AEBE-48FD-A83B-D9ADC25C323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.107:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C6EC014-5EB1-4C19-B828-5DBA6A525194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.108:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E90CAB9-09DE-462B-96E4-4FAEC5642F66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.109:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B3CF5D9-E8DE-4751-A873-A3A6769BC19D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.110:*:*:*:*:*:*:*",
              "matchCriteriaId": "B86895A1-98A7-46C8-8E52-889CB34EEEA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E52314C-CB22-4702-8108-F855CEC349D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:35.0.1916.112:*:*:*:*:*:*:*",
              "matchCriteriaId": "379EB1A9-61DB-4A31-8568-DFB5BA3EE610",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n ScrollView::paint en platform/scroll/ScrollView.cpp en Blink, utilizado en Google Chrome anterior a 35.0.1916.114, permite a atacantes remotos falsificar la interfaz de usuario mediante la extensi\u00f3n de la representaci\u00f3n gr\u00e1fica de la barra de desplazamiento hacia el marco padre."
    }
  ],
  "id": "CVE-2014-1748",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-05-21T11:14:09.863",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://secunia.com/advisories/58920"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://secunia.com/advisories/59155"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://secunia.com/advisories/60372"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://support.apple.com/kb/HT6596"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.debian.org/security/2014/dsa-2939"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.securitytracker.com/id/1030270"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.ubuntu.com/usn/USN-2937-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://code.google.com/p/chromium/issues/detail?id=331168"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://src.chromium.org/viewvc/blink?revision=170625\u0026view=revision"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT6596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-2939"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030270"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2937-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://code.google.com/p/chromium/issues/detail?id=331168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://src.chromium.org/viewvc/blink?revision=170625\u0026view=revision"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.