Denial of Service Vulnerability in Google Chrome Affects Extensions
CVE-2016-1700

7.5HIGH

Key Information:

Vendor
Debian
Status
Debian Linux
Enterprise Linux Desktop
Enterprise Linux Server
Enterprise Linux Workstation
Vendor
CVE Published:
5 June 2016

Summary

In Google Chrome versions prior to 51.0.2704.79, a vulnerability exists in the handling of extension views due to improper management of side effects during array creation. This flaw allows remote attackers to exploit the system, potentially leading to denial of service through use-after-free errors, which can disrupt normal functionality or allow for further undisclosed impacts. It is essential for users to update their Chrome versions to safeguard against these risks.

References

http://googlechromereleases.blogspot.com/2016/06/stable-c...
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2016:1201
vendor-advisoryx_refsource_REDHAT
http://www.securitytracker.com/id/1036026
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.