Endpoint Vulnerability

Security Vulnerability CVE-2014-1746 for Google Chrome

Description

The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer.

Affected Products

Google Chrome

References

CVE-2014-1746,