View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2014-7940 medium priority: Ubuntu including 3 source packages (chromium-browser, icu, oxide-qt), 21 status rows across 7 suites (lucid, precise, trusty, upstream, utopic, vivid, wily): released 14, ignored 3, DNE 2, not-affected 2.
The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence.