Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-1731

core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://googlechromerel...
CONFIRM: https://code.google.co...
SECUNIA: 58301
DEBIAN: DSA-2920
SUSE: openSUSE-SU-2014:0668
SUSE: openSUSE-SU-2014:0669
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2014-05-21-1
APPLE: APPLE-SA-2014-06-30-3
APPLE: APPLE-SA-2014-06-30-4
BID: 67572
CONFIRM: https://support.apple....
GENTOO: GLSA-201408-16
SECUNIA: 60372
CONFIRM: https://src.chromium.o...

Launchpad.net

CVE 2014-1731

Related bugs

References