CVE-2014-1713
Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0195 (2.0%)
Percentile: 83.6%
EPSS: 2026-05-06
Affects
google:chromeapple:mac_os_xlinux:linux_kernelmicrosoft:windowsTechnical description
Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value.
Published: 3/16/2014, 2:06:45 PM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://archives.neohapsis.com/archives/bugtraq/2014-03/0144.html
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
- http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html
- http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html
- http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html
- http://security.gentoo.org/glsa/glsa-201408-16.xml