CVE-2010-1772

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 5.0.375.70 WebKit versions prior to r59859

Description A use-after-free issue in page/Geolocation.cpp in WebCore allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. This is related to the failure to stop timers associated with geolocation upon deletion of a document.

Recommendations For Google Chrome versions prior to 5.0.375.70, update to version 5.0.375.70 or later to resolve the issue. For WebKit versions prior to r59859, update to version r59859 or later to resolve the issue. As a temporary workaround, consider disabling geolocation features in affected versions until a patch is available.