Camillo Bruni

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 49.0.2623.108 **Description** The issue is related to the Array.prototype.concat implementation in builtins.cc in Google V8, which does not properly consider element data types. This allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code. The vulnerability can be exploited by a remote attacker to potentially gain confidential information and cause a denial of service on the affected system. **Recommendations** For Google Chrome versions prior to 49.0.2623.108, update to version 49.0.2623.108 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `Array.prototype.concat` function in JavaScript code until a patch is applied. Additionally, avoid using crafted JavaScript code that could exploit this vulnerability.