The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome prior to 42.0.2311.90, allows remote malicious users to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 14.10 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 15.04 |
||
google chrome |
||
debian debian linux 8.0 |