CVE-2014-1714

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 33.0.1750.152 on OS X and Linux Google Chrome versions prior to 33.0.1750.154 on Windows

Description The issue is related to the ScopedClipboardWriter::WritePickledData function not verifying a certain format value, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the clipboard. Additionally, there is a use-after-free error in the HTMLBodyElement::insertedInto function in Blink, which can be exploited by remote attackers to cause a denial of service or other impact on the system using attributes.

Recommendations For Google Chrome versions prior to 33.0.1750.152 on OS X and Linux, update to version 33.0.1750.152 or later. For Google Chrome versions prior to 33.0.1750.154 on Windows, update to version 33.0.1750.154 or later. As a temporary workaround, consider restricting the use of the clipboard until a patch is available.