Endpoint Vulnerability

Security Vulnerability CVE-2014-7941 for Google Chrome

Description

The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data.

Affected Products

Google Chrome

References

CVE-2014-7941,