Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an applyXSLTransform call involving (1) an HTML document or (2) an xsl:processing-instruction element that is still in the process of loading.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Chrome | * | 29.0.1547.56 (including) | |
| Chrome | 29.0.1547.0 (including) | 29.0.1547.0 (including) | |
| Chrome | 29.0.1547.1 (including) | 29.0.1547.1 (including) | |
| Chrome | 29.0.1547.2 (including) | 29.0.1547.2 (including) | |
| Chrome | 29.0.1547.3 (including) | 29.0.1547.3 (including) | |
| Chrome | 29.0.1547.4 (including) | 29.0.1547.4 (including) | |
| Chrome | 29.0.1547.5 (including) | 29.0.1547.5 (including) | |
| Chrome | 29.0.1547.7 (including) | 29.0.1547.7 (including) | |
| Chrome | 29.0.1547.8 (including) | 29.0.1547.8 (including) | |
| Chrome | 29.0.1547.9 (including) | 29.0.1547.9 (including) | |
| Chrome | 29.0.1547.10 (including) | 29.0.1547.10 (including) | |
| Chrome | 29.0.1547.11 (including) | 29.0.1547.11 (including) | |
| Chrome | 29.0.1547.12 (including) | 29.0.1547.12 (including) | |
| Chrome | 29.0.1547.13 (including) | 29.0.1547.13 (including) | |
| Chrome | 29.0.1547.14 (including) | 29.0.1547.14 (including) | |
| Chrome | 29.0.1547.15 (including) | 29.0.1547.15 (including) | |
| Chrome | 29.0.1547.16 (including) | 29.0.1547.16 (including) | |
| Chrome | 29.0.1547.17 (including) | 29.0.1547.17 (including) | |
| Chrome | 29.0.1547.18 (including) | 29.0.1547.18 (including) | |
| Chrome | 29.0.1547.19 (including) | 29.0.1547.19 (including) | |
| Chrome | 29.0.1547.20 (including) | 29.0.1547.20 (including) | |
| Chrome | 29.0.1547.21 (including) | 29.0.1547.21 (including) | |
| Chrome | 29.0.1547.22 (including) | 29.0.1547.22 (including) | |
| Chrome | 29.0.1547.23 (including) | 29.0.1547.23 (including) | |
| Chrome | 29.0.1547.27 (including) | 29.0.1547.27 (including) | |
| Chrome | 29.0.1547.28 (including) | 29.0.1547.28 (including) | |
| Chrome | 29.0.1547.29 (including) | 29.0.1547.29 (including) | |
| Chrome | 29.0.1547.30 (including) | 29.0.1547.30 (including) | |
| Chrome | 29.0.1547.31 (including) | 29.0.1547.31 (including) | |
| Chrome | 29.0.1547.32 (including) | 29.0.1547.32 (including) | |
| Chrome | 29.0.1547.33 (including) | 29.0.1547.33 (including) | |
| Chrome | 29.0.1547.34 (including) | 29.0.1547.34 (including) | |
| Chrome | 29.0.1547.35 (including) | 29.0.1547.35 (including) | |
| Chrome | 29.0.1547.36 (including) | 29.0.1547.36 (including) | |
| Chrome | 29.0.1547.37 (including) | 29.0.1547.37 (including) | |
| Chrome | 29.0.1547.38 (including) | 29.0.1547.38 (including) | |
| Chrome | 29.0.1547.39 (including) | 29.0.1547.39 (including) | |
| Chrome | 29.0.1547.40 (including) | 29.0.1547.40 (including) | |
| Chrome | 29.0.1547.41 (including) | 29.0.1547.41 (including) | |
| Chrome | 29.0.1547.42 (including) | 29.0.1547.42 (including) | |
| Chrome | 29.0.1547.45 (including) | 29.0.1547.45 (including) | |
| Chrome | 29.0.1547.46 (including) | 29.0.1547.46 (including) | |
| Chrome | 29.0.1547.47 (including) | 29.0.1547.47 (including) | |
| Chrome | 29.0.1547.48 (including) | 29.0.1547.48 (including) | |
| Chrome | 29.0.1547.49 (including) | 29.0.1547.49 (including) | |
| Chrome | 29.0.1547.50 (including) | 29.0.1547.50 (including) | |
| Chrome | 29.0.1547.51 (including) | 29.0.1547.51 (including) | |
| Chrome | 29.0.1547.52 (including) | 29.0.1547.52 (including) | |
| Chrome | 29.0.1547.53 (including) | 29.0.1547.53 (including) | |
| Chrome | 29.0.1547.54 (including) | 29.0.1547.54 (including) | |
| Chrome | 29.0.1547.55 (including) | 29.0.1547.55 (including) |