CVE-2013-6649

Published: 28 January 2014

Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image.

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
Upstream
Released (32.0.1700.102)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (33.0.1750.152-0ubuntu1~pkg995.1)