Multiple use-after-free vulnerabilities in Blink in Google Chrome via vectors that trigger extraneous change events (deb)ID: oval:org.secpod.oval:def:23825 | Date: (C)2015-03-18 (M)2023-11-16 |
Class: VULNERABILITY | Family: unix |
The host is installed with Google Chrome before 41.0.2272.76 and is prone to multiple use-after-free vulnerabilities. The flaws are present in core/html/HTMLInputElement.cpp in the DOM implementation in Blink, as used in Google Chrome, which fails to properly handle vectors that trigger extraneous change events, as demonstrated by events for invalid input or input to read-only fields, related to the initializeTypeInParsing and updateType functions. Successful exploitation allows remote attackers to cause a denial of service or possibly have unspecified other impact.