Search for vulnerabilities
Vulnerability details: VCID-kr87-8k2k-aaas
Vulnerability ID VCID-kr87-8k2k-aaas
Aliases CVE-2014-7908
Summary Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a large atom in (1) MPEG-4 or (2) QuickTime .mov data.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-189 Numeric Errors
CWE-190 Integer Overflow or Wraparound
System Score Found at
generic_textual Medium http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-7908.html
rhas Important https://access.redhat.com/errata/RHSA-2014:1894
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01338 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.01745 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
epss 0.03042 https://api.first.org/data/v1/epss?cve=CVE-2014-7908
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1165657
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7908
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2014-7908
generic_textual Medium https://ubuntu.com/security/notices/USN-2410-1
Reference id Reference type URL
http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-7908.html
http://rhn.redhat.com/errata/RHSA-2014-1894.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7908.json
https://api.first.org/data/v1/epss?cve=CVE-2014-7908
https://chromium.googlesource.com/chromium/src/+/b2006ac87cec58363090e7d5e10d5d9e3bbda9f9
https://code.google.com/p/chromium/issues/detail?id=425980
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7908
http://secunia.com/advisories/60194
http://secunia.com/advisories/62608
https://exchange.xforce.ibmcloud.com/vulnerabilities/98796
https://ubuntu.com/security/notices/USN-2410-1
http://www.securityfocus.com/bid/71168
http://www.securitytracker.com/id/1031241
1165657 https://bugzilla.redhat.com/show_bug.cgi?id=1165657
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
CVE-2014-7908 https://nvd.nist.gov/vuln/detail/CVE-2014-7908
GLSA-201412-13 https://security.gentoo.org/glsa/201412-13
RHSA-2014:1894 https://access.redhat.com/errata/RHSA-2014:1894
USN-2410-1 https://usn.ubuntu.com/2410-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2014-7908
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.78191
EPSS Score 0.01338
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.