Byoungyoung Lee

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 30.0.1599.66 **Description** The issue is related to the ReverbConvolverStage function in the Web Audio implementation in Blink. It allows remote attackers to cause a denial of service due to an out-of-bounds read via vectors related to the `impulseResponse` array. **Recommendations** For versions prior to 30.0.1599.66, update to version 30.0.1599.66 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to the fixed version Microsoft Windows Server versions prior to the fixed version **Description** A denial of service issue exists due to improper handling of URLs in memory when URL-based Quality of Service (QoS) is enabled. This allows remote attackers to cause a denial of service (reboot) via a crafted URL to a web server. An attacker who successfully exploits this issue could cause the target system to stop responding and automatically restart. **Recommendations** For Microsoft Windows 7 Gold and SP1, update to a version that includes the fix for this issue. For Microsoft Windows Server 2008 R2 and R2 SP1, update to a version that includes the fix for this issue. As a temporary workaround, consider disabling URL-based QoS to minimize the risk of exploitation.