CVE Vulnerabilities

CVE-2014-1748

Published: May 21, 2014 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.

Affected Software

Name Vendor Start Version End Version
Chrome Google * 35.0.1916.113 (including)
Chrome Google 35.0.1916.0 (including) 35.0.1916.0 (including)
Chrome Google 35.0.1916.1 (including) 35.0.1916.1 (including)
Chrome Google 35.0.1916.2 (including) 35.0.1916.2 (including)
Chrome Google 35.0.1916.3 (including) 35.0.1916.3 (including)
Chrome Google 35.0.1916.4 (including) 35.0.1916.4 (including)
Chrome Google 35.0.1916.5 (including) 35.0.1916.5 (including)
Chrome Google 35.0.1916.6 (including) 35.0.1916.6 (including)
Chrome Google 35.0.1916.7 (including) 35.0.1916.7 (including)
Chrome Google 35.0.1916.8 (including) 35.0.1916.8 (including)
Chrome Google 35.0.1916.9 (including) 35.0.1916.9 (including)
Chrome Google 35.0.1916.10 (including) 35.0.1916.10 (including)
Chrome Google 35.0.1916.11 (including) 35.0.1916.11 (including)
Chrome Google 35.0.1916.13 (including) 35.0.1916.13 (including)
Chrome Google 35.0.1916.14 (including) 35.0.1916.14 (including)
Chrome Google 35.0.1916.15 (including) 35.0.1916.15 (including)
Chrome Google 35.0.1916.17 (including) 35.0.1916.17 (including)
Chrome Google 35.0.1916.18 (including) 35.0.1916.18 (including)
Chrome Google 35.0.1916.19 (including) 35.0.1916.19 (including)
Chrome Google 35.0.1916.20 (including) 35.0.1916.20 (including)
Chrome Google 35.0.1916.21 (including) 35.0.1916.21 (including)
Chrome Google 35.0.1916.22 (including) 35.0.1916.22 (including)
Chrome Google 35.0.1916.23 (including) 35.0.1916.23 (including)
Chrome Google 35.0.1916.27 (including) 35.0.1916.27 (including)
Chrome Google 35.0.1916.31 (including) 35.0.1916.31 (including)
Chrome Google 35.0.1916.32 (including) 35.0.1916.32 (including)
Chrome Google 35.0.1916.33 (including) 35.0.1916.33 (including)
Chrome Google 35.0.1916.34 (including) 35.0.1916.34 (including)
Chrome Google 35.0.1916.35 (including) 35.0.1916.35 (including)
Chrome Google 35.0.1916.36 (including) 35.0.1916.36 (including)
Chrome Google 35.0.1916.37 (including) 35.0.1916.37 (including)
Chrome Google 35.0.1916.38 (including) 35.0.1916.38 (including)
Chrome Google 35.0.1916.39 (including) 35.0.1916.39 (including)
Chrome Google 35.0.1916.40 (including) 35.0.1916.40 (including)
Chrome Google 35.0.1916.41 (including) 35.0.1916.41 (including)
Chrome Google 35.0.1916.42 (including) 35.0.1916.42 (including)
Chrome Google 35.0.1916.43 (including) 35.0.1916.43 (including)
Chrome Google 35.0.1916.44 (including) 35.0.1916.44 (including)
Chrome Google 35.0.1916.45 (including) 35.0.1916.45 (including)
Chrome Google 35.0.1916.46 (including) 35.0.1916.46 (including)
Chrome Google 35.0.1916.47 (including) 35.0.1916.47 (including)
Chrome Google 35.0.1916.48 (including) 35.0.1916.48 (including)
Chrome Google 35.0.1916.49 (including) 35.0.1916.49 (including)
Chrome Google 35.0.1916.51 (including) 35.0.1916.51 (including)
Chrome Google 35.0.1916.52 (including) 35.0.1916.52 (including)
Chrome Google 35.0.1916.54 (including) 35.0.1916.54 (including)
Chrome Google 35.0.1916.56 (including) 35.0.1916.56 (including)
Chrome Google 35.0.1916.57 (including) 35.0.1916.57 (including)
Chrome Google 35.0.1916.59 (including) 35.0.1916.59 (including)
Chrome Google 35.0.1916.61 (including) 35.0.1916.61 (including)
Chrome Google 35.0.1916.68 (including) 35.0.1916.68 (including)
Chrome Google 35.0.1916.69 (including) 35.0.1916.69 (including)
Chrome Google 35.0.1916.71 (including) 35.0.1916.71 (including)
Chrome Google 35.0.1916.72 (including) 35.0.1916.72 (including)
Chrome Google 35.0.1916.74 (including) 35.0.1916.74 (including)
Chrome Google 35.0.1916.77 (including) 35.0.1916.77 (including)
Chrome Google 35.0.1916.80 (including) 35.0.1916.80 (including)
Chrome Google 35.0.1916.82 (including) 35.0.1916.82 (including)
Chrome Google 35.0.1916.84 (including) 35.0.1916.84 (including)
Chrome Google 35.0.1916.85 (including) 35.0.1916.85 (including)
Chrome Google 35.0.1916.86 (including) 35.0.1916.86 (including)
Chrome Google 35.0.1916.88 (including) 35.0.1916.88 (including)
Chrome Google 35.0.1916.90 (including) 35.0.1916.90 (including)
Chrome Google 35.0.1916.92 (including) 35.0.1916.92 (including)
Chrome Google 35.0.1916.93 (including) 35.0.1916.93 (including)
Chrome Google 35.0.1916.95 (including) 35.0.1916.95 (including)
Chrome Google 35.0.1916.96 (including) 35.0.1916.96 (including)
Chrome Google 35.0.1916.98 (including) 35.0.1916.98 (including)
Chrome Google 35.0.1916.99 (including) 35.0.1916.99 (including)
Chrome Google 35.0.1916.101 (including) 35.0.1916.101 (including)
Chrome Google 35.0.1916.103 (including) 35.0.1916.103 (including)
Chrome Google 35.0.1916.104 (including) 35.0.1916.104 (including)
Chrome Google 35.0.1916.105 (including) 35.0.1916.105 (including)
Chrome Google 35.0.1916.106 (including) 35.0.1916.106 (including)
Chrome Google 35.0.1916.107 (including) 35.0.1916.107 (including)
Chrome Google 35.0.1916.108 (including) 35.0.1916.108 (including)
Chrome Google 35.0.1916.109 (including) 35.0.1916.109 (including)
Chrome Google 35.0.1916.110 (including) 35.0.1916.110 (including)
Chrome Google 35.0.1916.111 (including) 35.0.1916.111 (including)
Chrome Google 35.0.1916.112 (including) 35.0.1916.112 (including)
Chromium-browser Ubuntu devel *
Chromium-browser Ubuntu lucid *
Chromium-browser Ubuntu precise *
Chromium-browser Ubuntu saucy *
Chromium-browser Ubuntu trusty *
Chromium-browser Ubuntu upstream *
Oxide-qt Ubuntu devel *
Oxide-qt Ubuntu trusty *
Oxide-qt Ubuntu upstream *

References