Candidate: CVE-2013-6641
PublicDate: 2014-01-16 12:17:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6641
 https://code.google.com/p/chromium/issues/detail?id=326854
 https://chromium.googlesource.com/chromium/blink.git/+/1dfd387bd88cc0ebaef3a2302e72ac1c6101b91b
 http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html
Description:
 Use-after-free vulnerability in the
 FormAssociatedElement::formRemovedFromTree function in
 core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome
 before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and
 Linux, allows remote attackers to cause a denial of service or possibly
 have unspecified other impact by leveraging improper handling of the past
 names map of a FORM element.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1269387
Priority: medium
Discovered-by:
Assigned-to: chad
CVSS: 

Patches_chromium-browser:
upstream_chromium-browser: released (32.0.1700.77)
lucid_chromium-browser: ignored (reached end-of-life)
precise_chromium-browser: released (33.0.1750.152-0ubuntu0.12.04.1~pkg879.1)
quantal_chromium-browser: released (33.0.1750.152-0ubuntu0.12.10.1~pkg895.1)
raring_chromium-browser: ignored (reached end-of-life)
saucy_chromium-browser: released (33.0.1750.152-0ubuntu0.13.10.1~pkg984.1)
devel_chromium-browser: released (33.0.1750.152-0ubuntu1~pkg995.1)