Use-after-free vulnerability in Google Chrome via a crafted web site (rpm)ID: oval:org.secpod.oval:def:17783 | Date: (C)2014-05-08 (M)2022-09-09 |
Class: VULNERABILITY | Family: unix |
The host is installed with Google Chrome before 8.0.552.215 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to properly restrict read access to videos derived from CANVAS elements. Successful exploitation allows attackers to bypass the Same Origin Policy and obtain potentially sensitive video data.