Format String Vulnerability in Google Chrome OS by Google
CVE-2016-5169

8.8HIGH

Key Information:

Vendor
Google
Status
Chrome Os
Vendor
CVE Published:
25 September 2016

Summary

A format string vulnerability in Google Chrome OS prior to version 53.0.2785.103 allows remote attackers to induce a denial of service condition. This may also lead to undisclosed impacts due to the potential severity of the exploitation pathways available. Attackers can utilize this vulnerability through various unknown vectors to compromise system stability and integrity.

References

http://www.securityfocus.com/bid/92914
vdb-entryx_refsource_BID
https://googlechromereleases.blogspot.com/2016/09/stable-...
x_refsource_CONFIRM
https://bugs.chromium.org/p/chromium/issues/detail?id=635879
x_refsource_CONFIRM

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.