Denial of Service Vulnerability in Google Chrome Products by Google
CVE-2016-1702

6.5MEDIUM

What is CVE-2016-1702?

The SkRegion::readFromMemory function in Skia, utilized by Google Chrome, does not adequately check the interval count. This deficiency may allow remote attackers to exploit it by sending specially crafted serialized data, leading to potential denial of service through out-of-bounds read vulnerabilities.

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.