CVE-2015-1227

2015-03-09T00:59:00
ID CVE-2015-1227
Type cve
Reporter cve@mitre.org
Modified 2016-12-22T02:59:00

Description

The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which the default orientation cannot be used.