CVE-2014-1731

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 34.0.1847.131 on Windows and OS X Google Chrome versions prior to 34.0.1847.132 on Linux

Description The issue is related to the DOM implementation in Blink, where the HTMLSelectElement.cpp does not properly check renderer state upon a focus event. This allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements.

Recommendations For Google Chrome versions prior to 34.0.1847.131 on Windows and OS X, update to version 34.0.1847.131 or later. For Google Chrome versions prior to 34.0.1847.132 on Linux, update to version 34.0.1847.132 or later. As a temporary workaround, consider disabling the focus event handling for SELECT elements until a patch is available.