browser/worker_host/message_port_dispatcher.cc in Google Chrome prior to 8.0.552.224 and Chrome OS prior to 8.0.552.343 does not properly handle certain postMessage calls, which allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome os |
||
google chrome |