The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome prior to 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote malicious users to cause a denial of service (out-of-bounds read) via crafted X11 data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
chromium chromium 40.0.2214.110 |
||
redhat enterprise linux desktop supplementary 6.0 |
||
redhat enterprise linux server supplementary 6.0 |
||
redhat enterprise linux workstation supplementary 6.0 |
||
redhat enterprise linux server supplementary eus 6.6.z |
||
google chrome |
||
opensuse opensuse 13.1 |
||
opensuse opensuse 13.2 |