Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper handling of a shadow-root anchor.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Chrome
Published: 2015-02-06T11:00:00
Updated: 2017-09-07T15:57:01
Reserved: 2015-01-21T00:00:00
Link: CVE-2015-1209
JSON object: View
NVD Information
Status : Modified
Published: 2015-02-06T11:59:07.497
Modified: 2023-11-07T02:24:06.480
Link: CVE-2015-1209
JSON object: View
Redhat Information
No data.
CWE