CVE-2011-1795 Information

Description

Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document containing a FORM element.

Reference

http://crbug.com/78948 http://launchpad.net/bugs/778822 http://trac.webkit.org/changeset/83690