Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-1748

The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.

Related bugs and status

CVE-2014-1748 (Candidate) is related to these bugs:

Bug #1302155: Chromium UI is very large

Summary				In	Importance	Status
	1302155	Chromium UI is very large		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1556964: Update to bugfix release 2.4.10 in Trusty

		In	Importance	Status
1556964	Update to bugfix release 2.4.10 in Trusty	webkitgtk (Ubuntu)	Undecided	Fix Released
1556964	Update to bugfix release 2.4.10 in Trusty	webkitgtk (Ubuntu Wily)	Undecided	Fix Released
1556964	Update to bugfix release 2.4.10 in Trusty	webkitgtk (Ubuntu Xenial)	Undecided	Fix Released
1556964	Update to bugfix release 2.4.10 in Trusty	webkitgtk (Ubuntu Trusty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://googlechromerel...
CONFIRM: https://code.google.co...
SECTRACK: 1030270
SECUNIA: 58920
SECUNIA: 59155
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2014-12-2-1
SUSE: openSUSE-SU-2016:0915
UBUNTU: USN-2937-1
GENTOO: GLSA-201408-16
SECUNIA: 60372
CONFIRM: https://src.chromium.o...
SUSE: openSUSE-SU-2014:0783
DEBIAN: DSA-2939