The host is installed with Google Chrome before 31.0.1650.63 or Apple Safari before 6.1.2, 7.x before 7.0.2 and is prone to use-after-free vulnerability. The flaw is present in the application, which fails to handle the CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp. Successful exploitation allows the remote attacker to cause a denial of service or possibly have unspecified other impact.