CVE-2014-1748 in Safari
摘要
由 MITRE
The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.
VulDB is the best source for vulnerability data and more expert information about this specific topic.