1
Candidate: CVE-2014-1747
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1747
5
https://src.chromium.org/viewvc/blink?revision=169499&view=revision
6
https://code.google.com/p/chromium/issues/detail?id=330663
7
http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html
9
Cross-site scripting (XSS) vulnerability in the
10
DocumentLoader::maybeCreateArchive function in
11
core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before
12
35.0.1916.114, allows remote attackers to inject arbitrary web script or
13
HTML via crafted MHTML content, aka "Universal XSS (UXSS)."
16
chrisccoulson> Issue was fixed prior to Oxide r501, the first version to
17
be included in an Ubuntu release
23
Patches_chromium-browser:
24
upstream_chromium-browser: released (35.0.1916.114)
25
lucid_chromium-browser: ignored (reached end-of-life)
26
precise_chromium-browser: released (36.0.1985.125-0ubuntu1.12.04.0~pkg897)
27
saucy_chromium-browser: ignored (reached end-of-life)
28
trusty_chromium-browser: released (36.0.1985.125-0ubuntu1.14.04.0~pkg1029)
29
devel_chromium-browser: released (35.0.1916.153-0ubuntu1~pkg1029)
32
upstream_oxide-qt: not-affected
36
trusty_oxide-qt: not-affected
37
devel_oxide-qt: not-affected