Launchpad CVE tracker

CVE 2013-6635

Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp.

Related bugs and status

CVE-2013-6635 (Candidate) is related to these bugs:

Bug #1249389: linker complains of PIC instruction on object file not compiled as PIC

Summary				In	Importance	Status
	1249389	linker complains of PIC instruction on object file not compiled as PIC		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1250579: Security fixes from 31.0.1650.48

Summary				In	Importance	Status
	1250579	Security fixes from 31.0.1650.48		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1251454: chromium-browser fails to depend on a compatible version of libnss3

Summary				In	Importance	Status
	1251454	chromium-browser fails to depend on a compatible version of libnss3		chromium-browser (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-6635

References