The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome prior to 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote malicious users to cause a denial of service or possibly have unknown other impact via crafted JavaScript code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |