Unrated severityNVD Advisory· Published May 21, 2014· Updated May 6, 2026
CVE-2014-1746
CVE-2014-1746
Description
The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer.
Affected products
80cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*+ 79 more
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*range: <=35.0.1916.113
- cpe:2.3:a:google:chrome:35.0.1916.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.101:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.103:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.104:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.105:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.106:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.107:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.108:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.109:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.110:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.111:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.112:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.34:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.47:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.51:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.54:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.56:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.57:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.61:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.68:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.69:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.71:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.72:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.74:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.77:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.80:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.82:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.84:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.85:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.86:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.88:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.90:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.92:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.93:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.95:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.96:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.98:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:35.0.1916.99:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-06/msg00023.htmlnvd
- secunia.com/advisories/58920nvd
- secunia.com/advisories/59155nvd
- secunia.com/advisories/60372nvd
- security.gentoo.org/glsa/glsa-201408-16.xmlnvd
- www.debian.org/security/2014/dsa-2939nvd
- www.securitytracker.com/id/1030270nvd
- code.google.com/p/chromium/issues/detailnvd
- src.chromium.org/viewvc/chromenvd
News mentions
0No linked articles in our index yet.