CVE-2013-2904

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 29.0.1547.57

Description A use-after-free issue exists in the Document::finishedParsing function in Blink, which can be triggered by an onload event that changes an IFRAME element. This event causes the src attribute to no longer reference an XML document, resulting in unintended garbage collection of the document. This can lead to a denial of service or potentially other unspecified impacts.

Recommendations For versions prior to 29.0.1547.57, update to version 29.0.1547.57 or later to resolve the issue.