Out-of-Bounds Memory Read in Google Chrome Affecting Multiple Platforms
CVE-2016-5186

5.3MEDIUM

Key Information:

Vendor

Google
Status
Chrome Prior To 54.0.2840.59 For Windows, Mac, And Linux; 54.0.2840.85 For Android
Vendor
CVE Published:
18 December 2016

What is CVE-2016-5186?

A flaw in Google Chrome's DevTools prior to specified versions permitted an out-of-bounds memory read after a tab crash. This vulnerability could be exploited by a remote attacker by deploying specially crafted PDF files, potentially leading to unauthorized information disclosure. Available updates contain patches to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android

References

http://www.securityfocus.com/bid/93528
vdb-entryx_refsource_BID
http://rhn.redhat.com/errata/RHSA-2016-2067.html
vendor-advisoryx_refsource_REDHAT
https://security.gentoo.org/glsa/201610-09
vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.