Out-of-bounds read vulnerability in SelectionOwner::ProcessTarget function in Google Chrome

Out-of-bounds read vulnerability in SelectionOwner::ProcessTarget function in Google Chrome

CVE-2014-7941 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data.

Learn more about our Cis Benchmark Audit For Google Chrome.