Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2013-11-15T20:00:00
Updated: 2024-08-06T17:46:22.338Z
Reserved: 2013-11-05T00:00:00
Link: CVE-2013-6631
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-11-19T04:50:56.297
Modified: 2014-03-06T04:49:36.703
Link: CVE-2013-6631
Redhat
No data.