CVE-2013-6664

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 33.0.1750.146

Description A use-after-free issue in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving FORM elements, such as the use of the speech-recognition feature.

Recommendations For versions prior to 33.0.1750.146, update to version 33.0.1750.146 or later to resolve the issue. As a temporary workaround, consider disabling the speech-recognition feature until a patch is available. Restrict access to FORM elements to minimize the risk of exploitation.