Google Chrome Use after free vulnerability

August 8, 2014

Google Chrome is a freeware web browser developed by Google.

A use after free vulnerability exists in Google Chrome. The vulnerable function DocumentV8Internal::locationAttributeSetter holds a pointer to the contentDocument.location property. If an attempt to access a closed/freed location object is made it results in use-after free condition. A remote attacker can exploit this vulnerability by enticing a user to open a crafted web page with a vulnerable version of Google Chrome. Successful exploitation could lead to denial of service, memory corruption or code execution.

This vulnerability has been assigned a CVE-2014-1713.

Dell SonicWALL protects against this threat with the following signature:

  • 4837:Google Chrome locationAttributeSetter Use After Free