extensions/renderer/render_frame_observer_natives.cc in Google Chrome prior to 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote malicious users to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |