The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome prior to 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote malicious users to cause a denial of service (out-of-bounds read) via a window.atob method call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |