Vulnerability Database
296,572
Total vulnerabilities in the database
CVE-2014-3803
The SpeechInput feature in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to enable microphone access and obtain speech-recognition text without indication via an INPUT element with a -x-webkit-speech attribute.
| Software | From | Fixed in |
|---|---|---|
| google / chrome | - | 35.0.1916.113.x |
| google / chrome | 35.0.1916.99 | 35.0.1916.99.x |
| google / chrome | 35.0.1916.57 | 35.0.1916.57.x |
| google / chrome | 35.0.1916.3 | 35.0.1916.3.x |
| google / chrome | 35.0.1916.38 | 35.0.1916.38.x |
| google / chrome | 35.0.1916.105 | 35.0.1916.105.x |
| google / chrome | 35.0.1916.95 | 35.0.1916.95.x |
| google / chrome | 35.0.1916.52 | 35.0.1916.52.x |
| google / chrome | 35.0.1916.82 | 35.0.1916.82.x |
| google / chrome | 35.0.1916.42 | 35.0.1916.42.x |
| google / chrome | 35.0.1916.36 | 35.0.1916.36.x |
| google / chrome | 35.0.1916.111 | 35.0.1916.111.x |
| google / chrome | 35.0.1916.61 | 35.0.1916.61.x |
| google / chrome | 35.0.1916.98 | 35.0.1916.98.x |
| google / chrome | 35.0.1916.47 | 35.0.1916.47.x |
| google / chrome | 35.0.1916.110 | 35.0.1916.110.x |
| google / chrome | 35.0.1916.10 | 35.0.1916.10.x |
| google / chrome | 35.0.1916.20 | 35.0.1916.20.x |
| google / chrome | 35.0.1916.85 | 35.0.1916.85.x |
| google / chrome | 35.0.1916.9 | 35.0.1916.9.x |
| google / chrome | 35.0.1916.92 | 35.0.1916.92.x |
| google / chrome | 35.0.1916.23 | 35.0.1916.23.x |
| google / chrome | 35.0.1916.49 | 35.0.1916.49.x |
| google / chrome | 35.0.1916.54 | 35.0.1916.54.x |
| google / chrome | 35.0.1916.106 | 35.0.1916.106.x |
| google / chrome | 35.0.1916.35 | 35.0.1916.35.x |
| google / chrome | 35.0.1916.33 | 35.0.1916.33.x |
| google / chrome | 35.0.1916.5 | 35.0.1916.5.x |
| google / chrome | 35.0.1916.11 | 35.0.1916.11.x |
| google / chrome | 35.0.1916.86 | 35.0.1916.86.x |
| google / chrome | 35.0.1916.17 | 35.0.1916.17.x |
| google / chrome | 35.0.1916.13 | 35.0.1916.13.x |
| google / chrome | 35.0.1916.72 | 35.0.1916.72.x |
| google / chrome | 35.0.1916.109 | 35.0.1916.109.x |
| google / chrome | 35.0.1916.77 | 35.0.1916.77.x |
| google / chrome | 35.0.1916.88 | 35.0.1916.88.x |
| google / chrome | 35.0.1916.59 | 35.0.1916.59.x |
| google / chrome | 35.0.1916.44 | 35.0.1916.44.x |
| google / chrome | 35.0.1916.108 | 35.0.1916.108.x |
| google / chrome | 35.0.1916.74 | 35.0.1916.74.x |
| google / chrome | 35.0.1916.45 | 35.0.1916.45.x |
| google / chrome | 35.0.1916.18 | 35.0.1916.18.x |
| google / chrome | 35.0.1916.107 | 35.0.1916.107.x |
| google / chrome | 35.0.1916.21 | 35.0.1916.21.x |
| google / chrome | 35.0.1916.6 | 35.0.1916.6.x |
| google / chrome | 35.0.1916.71 | 35.0.1916.71.x |
| google / chrome | 35.0.1916.41 | 35.0.1916.41.x |
| google / chrome | 35.0.1916.8 | 35.0.1916.8.x |
| google / chrome | 35.0.1916.4 | 35.0.1916.4.x |
| google / chrome | 35.0.1916.19 | 35.0.1916.19.x |
| google / chrome | 35.0.1916.0 | 35.0.1916.0.x |
| google / chrome | 35.0.1916.40 | 35.0.1916.40.x |
| google / chrome | 35.0.1916.101 | 35.0.1916.101.x |
| google / chrome | 35.0.1916.32 | 35.0.1916.32.x |
| google / chrome | 35.0.1916.51 | 35.0.1916.51.x |
| google / chrome | 35.0.1916.80 | 35.0.1916.80.x |
| google / chrome | 35.0.1916.39 | 35.0.1916.39.x |
| google / chrome | 35.0.1916.43 | 35.0.1916.43.x |
| google / chrome | 35.0.1916.93 | 35.0.1916.93.x |
| google / chrome | 35.0.1916.34 | 35.0.1916.34.x |
| google / chrome | 35.0.1916.37 | 35.0.1916.37.x |
| google / chrome | 35.0.1916.103 | 35.0.1916.103.x |
| google / chrome | 35.0.1916.90 | 35.0.1916.90.x |
| google / chrome | 35.0.1916.68 | 35.0.1916.68.x |
| google / chrome | 35.0.1916.1 | 35.0.1916.1.x |
| google / chrome | 35.0.1916.112 | 35.0.1916.112.x |
| google / chrome | 35.0.1916.27 | 35.0.1916.27.x |
| google / chrome | 35.0.1916.7 | 35.0.1916.7.x |
| google / chrome | 35.0.1916.84 | 35.0.1916.84.x |
| google / chrome | 35.0.1916.46 | 35.0.1916.46.x |
| google / chrome | 35.0.1916.104 | 35.0.1916.104.x |
| google / chrome | 35.0.1916.22 | 35.0.1916.22.x |
| google / chrome | 35.0.1916.69 | 35.0.1916.69.x |
| google / chrome | 35.0.1916.15 | 35.0.1916.15.x |
| google / chrome | 35.0.1916.31 | 35.0.1916.31.x |
| google / chrome | 35.0.1916.96 | 35.0.1916.96.x |
| google / chrome | 35.0.1916.14 | 35.0.1916.14.x |
| google / chrome | 35.0.1916.56 | 35.0.1916.56.x |
| google / chrome | 35.0.1916.2 | 35.0.1916.2.x |
| google / chrome | 35.0.1916.48 | 35.0.1916.48.x |
- http://blog.guya.net/2014/04/07/to-listen-without-consent-abusing-the-html5-speech/
- http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html
- http://secunia.com/advisories/60372
- http://www.securityfocus.com/bid/67582
- https://code.google.com/p/chromium/issues/detail?id=360448
- https://src.chromium.org/viewvc/blink?revision=171373&view=revision
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime