Out-of-bounds read vulnerability in Google Chrome via a crafted response (dpkg)
|ID: oval:org.secpod.oval:def:16033||Date: (C)2013-11-26 (M)2017-09-22|
|Class: VULNERABILITY||Family: unix|
The host is installed with Google Chrome before 31.0.1650.48 and is prone to a out-of-bounds read vulnerability. The flaw is present in net/http/http_stream_parser.cc, which fails to properly handle the HTTP informational (aka 1xx) status codes. Successful exploitation allows remote attackers to cause denial of service.