CVE-2014-3169 - 漏洞详情

CVE-2014-3169 (CNNVD-201408-417)

HIGH

中文标题:

Google Chrome Blink 释放后重用漏洞

英文标题:

Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as us...

CVSS分数: 7.5

发布时间: 2014-08-27 01:00:00

漏洞类型: 其他

状态: PUBLISHED

数据质量分数: 0.30

数据版本: v3

漏洞描述

中文描述:

Google Chrome是美国谷歌（Google）公司开发的一款Web浏览器。Blink是美国谷歌（Google）公司和挪威欧朋（Opera Software）公司共同开发的一套浏览器排版引擎（渲染引擎）。 Google Chrome 37.0.2062.93及之前版本中使用的Blink中的DOM实现过程中core/dom/ContainerNode.cpp文件存在释放后重用漏洞。远程攻击者可通过执行脚本利用该漏洞造成拒绝服务。

英文描述:

Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging script execution that occurs before notification of node removal.

CWE类型:

（暂无数据）

受影响产品

厂商	产品	版本	版本范围	平台	CPE
debian	debian_linux	7.0	-	-	`cpe:2.3:o:debian:debian_linux:7.0:::::::*`
opensuse	opensuse	12.3	-	-	`cpe:2.3:o:opensuse:opensuse:12.3:::::::*`
opensuse	opensuse	13.1	-	-	`cpe:2.3:o:opensuse:opensuse:13.1:::::::*`
google	chrome	*	-	-	`cpe:2.3:a:google:chrome::::::::`
google	chrome	37.0.2062.0	-	-	`cpe:2.3:a:google:chrome:37.0.2062.0:::::::*`
google	chrome	37.0.2062.1	-	-	`cpe:2.3:a:google:chrome:37.0.2062.1:::::::*`
google	chrome	37.0.2062.2	-	-	`cpe:2.3:a:google:chrome:37.0.2062.2:::::::*`
google	chrome	37.0.2062.3	-	-	`cpe:2.3:a:google:chrome:37.0.2062.3:::::::*`
google	chrome	37.0.2062.4	-	-	`cpe:2.3:a:google:chrome:37.0.2062.4:::::::*`
google	chrome	37.0.2062.5	-	-	`cpe:2.3:a:google:chrome:37.0.2062.5:::::::*`
google	chrome	37.0.2062.6	-	-	`cpe:2.3:a:google:chrome:37.0.2062.6:::::::*`
google	chrome	37.0.2062.7	-	-	`cpe:2.3:a:google:chrome:37.0.2062.7:::::::*`
google	chrome	37.0.2062.8	-	-	`cpe:2.3:a:google:chrome:37.0.2062.8:::::::*`
google	chrome	37.0.2062.9	-	-	`cpe:2.3:a:google:chrome:37.0.2062.9:::::::*`
google	chrome	37.0.2062.10	-	-	`cpe:2.3:a:google:chrome:37.0.2062.10:::::::*`
google	chrome	37.0.2062.11	-	-	`cpe:2.3:a:google:chrome:37.0.2062.11:::::::*`
google	chrome	37.0.2062.12	-	-	`cpe:2.3:a:google:chrome:37.0.2062.12:::::::*`
google	chrome	37.0.2062.13	-	-	`cpe:2.3:a:google:chrome:37.0.2062.13:::::::*`
google	chrome	37.0.2062.14	-	-	`cpe:2.3:a:google:chrome:37.0.2062.14:::::::*`
google	chrome	37.0.2062.15	-	-	`cpe:2.3:a:google:chrome:37.0.2062.15:::::::*`
google	chrome	37.0.2062.16	-	-	`cpe:2.3:a:google:chrome:37.0.2062.16:::::::*`
google	chrome	37.0.2062.17	-	-	`cpe:2.3:a:google:chrome:37.0.2062.17:::::::*`
google	chrome	37.0.2062.18	-	-	`cpe:2.3:a:google:chrome:37.0.2062.18:::::::*`
google	chrome	37.0.2062.19	-	-	`cpe:2.3:a:google:chrome:37.0.2062.19:::::::*`
google	chrome	37.0.2062.20	-	-	`cpe:2.3:a:google:chrome:37.0.2062.20:::::::*`
google	chrome	37.0.2062.21	-	-	`cpe:2.3:a:google:chrome:37.0.2062.21:::::::*`
google	chrome	37.0.2062.22	-	-	`cpe:2.3:a:google:chrome:37.0.2062.22:::::::*`
google	chrome	37.0.2062.23	-	-	`cpe:2.3:a:google:chrome:37.0.2062.23:::::::*`
google	chrome	37.0.2062.24	-	-	`cpe:2.3:a:google:chrome:37.0.2062.24:::::::*`
google	chrome	37.0.2062.25	-	-	`cpe:2.3:a:google:chrome:37.0.2062.25:::::::*`
google	chrome	37.0.2062.26	-	-	`cpe:2.3:a:google:chrome:37.0.2062.26:::::::*`
google	chrome	37.0.2062.27	-	-	`cpe:2.3:a:google:chrome:37.0.2062.27:::::::*`
google	chrome	37.0.2062.28	-	-	`cpe:2.3:a:google:chrome:37.0.2062.28:::::::*`
google	chrome	37.0.2062.29	-	-	`cpe:2.3:a:google:chrome:37.0.2062.29:::::::*`
google	chrome	37.0.2062.30	-	-	`cpe:2.3:a:google:chrome:37.0.2062.30:::::::*`
google	chrome	37.0.2062.31	-	-	`cpe:2.3:a:google:chrome:37.0.2062.31:::::::*`
google	chrome	37.0.2062.32	-	-	`cpe:2.3:a:google:chrome:37.0.2062.32:::::::*`
google	chrome	37.0.2062.33	-	-	`cpe:2.3:a:google:chrome:37.0.2062.33:::::::*`
google	chrome	37.0.2062.34	-	-	`cpe:2.3:a:google:chrome:37.0.2062.34:::::::*`
google	chrome	37.0.2062.35	-	-	`cpe:2.3:a:google:chrome:37.0.2062.35:::::::*`
google	chrome	37.0.2062.36	-	-	`cpe:2.3:a:google:chrome:37.0.2062.36:::::::*`
google	chrome	37.0.2062.37	-	-	`cpe:2.3:a:google:chrome:37.0.2062.37:::::::*`
google	chrome	37.0.2062.39	-	-	`cpe:2.3:a:google:chrome:37.0.2062.39:::::::*`
google	chrome	37.0.2062.43	-	-	`cpe:2.3:a:google:chrome:37.0.2062.43:::::::*`
google	chrome	37.0.2062.44	-	-	`cpe:2.3:a:google:chrome:37.0.2062.44:::::::*`
google	chrome	37.0.2062.45	-	-	`cpe:2.3:a:google:chrome:37.0.2062.45:::::::*`
google	chrome	37.0.2062.46	-	-	`cpe:2.3:a:google:chrome:37.0.2062.46:::::::*`
google	chrome	37.0.2062.47	-	-	`cpe:2.3:a:google:chrome:37.0.2062.47:::::::*`
google	chrome	37.0.2062.48	-	-	`cpe:2.3:a:google:chrome:37.0.2062.48:::::::*`
google	chrome	37.0.2062.49	-	-	`cpe:2.3:a:google:chrome:37.0.2062.49:::::::*`
google	chrome	37.0.2062.50	-	-	`cpe:2.3:a:google:chrome:37.0.2062.50:::::::*`
google	chrome	37.0.2062.51	-	-	`cpe:2.3:a:google:chrome:37.0.2062.51:::::::*`
google	chrome	37.0.2062.52	-	-	`cpe:2.3:a:google:chrome:37.0.2062.52:::::::*`
google	chrome	37.0.2062.53	-	-	`cpe:2.3:a:google:chrome:37.0.2062.53:::::::*`
google	chrome	37.0.2062.54	-	-	`cpe:2.3:a:google:chrome:37.0.2062.54:::::::*`
google	chrome	37.0.2062.55	-	-	`cpe:2.3:a:google:chrome:37.0.2062.55:::::::*`
google	chrome	37.0.2062.56	-	-	`cpe:2.3:a:google:chrome:37.0.2062.56:::::::*`
google	chrome	37.0.2062.57	-	-	`cpe:2.3:a:google:chrome:37.0.2062.57:::::::*`
google	chrome	37.0.2062.58	-	-	`cpe:2.3:a:google:chrome:37.0.2062.58:::::::*`
google	chrome	37.0.2062.59	-	-	`cpe:2.3:a:google:chrome:37.0.2062.59:::::::*`
google	chrome	37.0.2062.60	-	-	`cpe:2.3:a:google:chrome:37.0.2062.60:::::::*`
google	chrome	37.0.2062.61	-	-	`cpe:2.3:a:google:chrome:37.0.2062.61:::::::*`
google	chrome	37.0.2062.62	-	-	`cpe:2.3:a:google:chrome:37.0.2062.62:::::::*`
google	chrome	37.0.2062.63	-	-	`cpe:2.3:a:google:chrome:37.0.2062.63:::::::*`
google	chrome	37.0.2062.64	-	-	`cpe:2.3:a:google:chrome:37.0.2062.64:::::::*`
google	chrome	37.0.2062.65	-	-	`cpe:2.3:a:google:chrome:37.0.2062.65:::::::*`
google	chrome	37.0.2062.66	-	-	`cpe:2.3:a:google:chrome:37.0.2062.66:::::::*`
google	chrome	37.0.2062.67	-	-	`cpe:2.3:a:google:chrome:37.0.2062.67:::::::*`
google	chrome	37.0.2062.68	-	-	`cpe:2.3:a:google:chrome:37.0.2062.68:::::::*`
google	chrome	37.0.2062.69	-	-	`cpe:2.3:a:google:chrome:37.0.2062.69:::::::*`
google	chrome	37.0.2062.70	-	-	`cpe:2.3:a:google:chrome:37.0.2062.70:::::::*`
google	chrome	37.0.2062.71	-	-	`cpe:2.3:a:google:chrome:37.0.2062.71:::::::*`
google	chrome	37.0.2062.72	-	-	`cpe:2.3:a:google:chrome:37.0.2062.72:::::::*`
google	chrome	37.0.2062.73	-	-	`cpe:2.3:a:google:chrome:37.0.2062.73:::::::*`
google	chrome	37.0.2062.74	-	-	`cpe:2.3:a:google:chrome:37.0.2062.74:::::::*`
google	chrome	37.0.2062.75	-	-	`cpe:2.3:a:google:chrome:37.0.2062.75:::::::*`
google	chrome	37.0.2062.76	-	-	`cpe:2.3:a:google:chrome:37.0.2062.76:::::::*`
google	chrome	37.0.2062.77	-	-	`cpe:2.3:a:google:chrome:37.0.2062.77:::::::*`
google	chrome	37.0.2062.78	-	-	`cpe:2.3:a:google:chrome:37.0.2062.78:::::::*`
google	chrome	37.0.2062.80	-	-	`cpe:2.3:a:google:chrome:37.0.2062.80:::::::*`
google	chrome	37.0.2062.81	-	-	`cpe:2.3:a:google:chrome:37.0.2062.81:::::::*`
google	chrome	37.0.2062.89	-	-	`cpe:2.3:a:google:chrome:37.0.2062.89:::::::*`
google	chrome	37.0.2062.90	-	-	`cpe:2.3:a:google:chrome:37.0.2062.90:::::::*`
google	chrome	37.0.2062.91	-	-	`cpe:2.3:a:google:chrome:37.0.2062.91:::::::*`
google	chrome	37.0.2062.92	-	-	`cpe:2.3:a:google:chrome:37.0.2062.92:::::::*`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）

临时解决方案:

（暂无数据）

参考链接

69405 vdb-entry
cve.org

访问

无标题 x_refsource_CONFIRM
cve.org

访问

60424 third-party-advisory
cve.org

访问

61482 third-party-advisory
cve.org

访问

GLSA-201408-16 vendor-advisory
cve.org

访问

无标题 x_refsource_CONFIRM
cve.org

访问

openSUSE-SU-2014:1151 vendor-advisory
cve.org

访问

google-chrome-cve20143169-code-exec(95469) vdb-entry
cve.org

访问

60268 third-party-advisory
cve.org

访问

1030767 vdb-entry
cve.org

访问

DSA-3039 vendor-advisory
cve.org

访问

无标题 x_refsource_CONFIRM
cve.org

访问

CVSS评分详情

7.5

HIGH

CVSS向量: AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS版本: 2.0

机密性

PARTIAL

完整性

PARTIAL

可用性

PARTIAL

时间信息

发布时间:

2014-08-27 01:00:00

修改时间:

2024-08-06 10:35:56

创建时间:

2025-11-11 15:33:46

更新时间:

2025-11-11 15:51:33

利用信息

暂无可利用代码信息

数据源详情

数据源	记录ID	版本	提取时间
CVE	`cve_CVE-2014-3169`	2025-11-11 15:18:45	2025-11-11 07:33:46
NVD	`nvd_CVE-2014-3169`	2025-11-11 14:54:34	2025-11-11 07:42:32
CNNVD	`cnnvd_CNNVD-201408-417`	2025-11-11 15:09:28	2025-11-11 07:51:33

版本与语言

当前版本: v3

主要语言: EN

支持语言:

EN ZH

安全公告

暂无安全公告信息

变更历史

v3 CNNVD

2025-11-11 15:51:33

vulnerability_type: 未提取 → 其他; cnnvd_id: 未提取 → CNNVD-201408-417; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']

查看详细变更

vulnerability_type: 未提取 -> 其他
cnnvd_id: 未提取 -> CNNVD-201408-417
data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']

v2 NVD

2025-11-11 15:42:32

severity: SeverityLevel.MEDIUM → SeverityLevel.HIGH; cvss_score: 未提取 → 7.5; cvss_vector: NOT_EXTRACTED → AV:N/AC:L/Au:N/C:P/I:P/A:P; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 85; data_sources: ['cve'] → ['cve', 'nvd']

查看详细变更

severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
cvss_score: 未提取 -> 7.5
cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss_version: NOT_EXTRACTED -> 2.0
affected_products_count: 0 -> 85
data_sources: ['cve'] -> ['cve', 'nvd']

CVE-2014-3169 (CNNVD-201408-417)

中文标题:

Google Chrome Blink 释放后重用漏洞

英文标题:

Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as us...

漏洞描述

中文描述:

英文描述:

CWE类型:

标签:

受影响产品

解决方案

中文解决方案:

英文解决方案:

临时解决方案:

参考链接

CVSS评分详情

时间信息

利用信息

数据源详情

版本与语言

安全公告

变更历史