Think you have a false positive on this rule?

Sid 1-47018

Message

BROWSER-CHROME Google Chrome V8 defineGetter memory corruption attempt

Summary

This event is generated when an attacker attempts to exploit a memory corruption vulnerability in Google Chrome's V8 engine.

Impact

Attempted User Privilege Gain

CVE-2014-1705:

CVSS base score 7.5

CVSS impact score 6.4

CVSS exploitability score 10.0

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Detailed information

Rule checks for attempts to exploit a memory corruption vulnerability in Google Chrome's V8 engine. CVE-2014-1705: Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Affected systems

  • google chrome 33.0.1750.0
  • google chrome 33.0.1750.1
  • google chrome 33.0.1750.2
  • google chrome 33.0.1750.3
  • google chrome 33.0.1750.4
  • google chrome 33.0.1750.5
  • google chrome 33.0.1750.6
  • google chrome 33.0.1750.7
  • google chrome 33.0.1750.8
  • google chrome 33.0.1750.9
  • google chrome 33.0.1750.10
  • google chrome 33.0.1750.11
  • google chrome 33.0.1750.12
  • google chrome 33.0.1750.13
  • google chrome 33.0.1750.14
  • google chrome 33.0.1750.15
  • google chrome 33.0.1750.16
  • google chrome 33.0.1750.18
  • google chrome 33.0.1750.19
  • google chrome 33.0.1750.20
  • google chrome 33.0.1750.21
  • google chrome 33.0.1750.22
  • google chrome 33.0.1750.23
  • google chrome 33.0.1750.24
  • google chrome 33.0.1750.25
  • google chrome 33.0.1750.26
  • google chrome 33.0.1750.27
  • google chrome 33.0.1750.28
  • google chrome 33.0.1750.29
  • google chrome 33.0.1750.30
  • google chrome 33.0.1750.31
  • google chrome 33.0.1750.34
  • google chrome 33.0.1750.35
  • google chrome 33.0.1750.36
  • google chrome 33.0.1750.37
  • google chrome 33.0.1750.38
  • google chrome 33.0.1750.39
  • google chrome 33.0.1750.40
  • google chrome 33.0.1750.41
  • google chrome 33.0.1750.42
  • google chrome 33.0.1750.43
  • google chrome 33.0.1750.44
  • google chrome 33.0.1750.45
  • google chrome 33.0.1750.46
  • google chrome 33.0.1750.47
  • google chrome 33.0.1750.48
  • google chrome 33.0.1750.49
  • google chrome 33.0.1750.50
  • google chrome 33.0.1750.51
  • google chrome 33.0.1750.52
  • google chrome 33.0.1750.53
  • google chrome 33.0.1750.54
  • google chrome 33.0.1750.55
  • google chrome 33.0.1750.56
  • google chrome 33.0.1750.57
  • google chrome 33.0.1750.58
  • google chrome 33.0.1750.59
  • google chrome 33.0.1750.60
  • google chrome 33.0.1750.61
  • google chrome 33.0.1750.62
  • google chrome 33.0.1750.63
  • google chrome 33.0.1750.64
  • google chrome 33.0.1750.65
  • google chrome 33.0.1750.66
  • google chrome 33.0.1750.67
  • google chrome 33.0.1750.68
  • google chrome 33.0.1750.69
  • google chrome 33.0.1750.70
  • google chrome 33.0.1750.71
  • google chrome 33.0.1750.73
  • google chrome 33.0.1750.74
  • google chrome 33.0.1750.75
  • google chrome 33.0.1750.76
  • google chrome 33.0.1750.77
  • google chrome 33.0.1750.79
  • google chrome 33.0.1750.80
  • google chrome 33.0.1750.81
  • google chrome 33.0.1750.82
  • google chrome 33.0.1750.83
  • google chrome 33.0.1750.85
  • google chrome 33.0.1750.88
  • google chrome 33.0.1750.89
  • google chrome 33.0.1750.90
  • google chrome 33.0.1750.91
  • google chrome 33.0.1750.92
  • google chrome 33.0.1750.93
  • google chrome 33.0.1750.104
  • google chrome 33.0.1750.106
  • google chrome 33.0.1750.107
  • google chrome 33.0.1750.108
  • google chrome 33.0.1750.109
  • google chrome 33.0.1750.110
  • google chrome 33.0.1750.111
  • google chrome 33.0.1750.112
  • google chrome 33.0.1750.113
  • google chrome 33.0.1750.115
  • google chrome 33.0.1750.116
  • google chrome 33.0.1750.117
  • google chrome 33.0.1750.124
  • google chrome 33.0.1750.125
  • google chrome 33.0.1750.126
  • google chrome 33.0.1750.132
  • google chrome 33.0.1750.133
  • google chrome 33.0.1750.135
  • google chrome 33.0.1750.136
  • google chrome 33.0.1750.144
  • google chrome 33.0.1750.146
  • google chrome 33.0.1750.149
  • google chrome 33.0.1750.151
  • google chrome 33.0.1750.152
  • google chrome 33.0.1750.153
  • debian debian_linux 7.0
  • debian debian_linux 8.0
  • opensuse_project opensuse 12.3
  • opensuse_project opensuse 13.1

Ease of attack

CVE-2014-1705:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

Not known

False negatives

Not known

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References