Vulnerability Details : CVE-2016-5167
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Vulnerability category: Denial of service
Products affected by CVE-2016-5167
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-5167
0.58%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 78 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-5167
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
References for CVE-2016-5167
-
https://crbug.com/637320
637320 - Security: Unchecked .end() iterator dereference in VTVideoDecodeAccelerator::ReusePictureBuffer - chromium - MonorailPermissions Required
-
http://www.debian.org/security/2016/dsa-3660
Debian -- Security Information -- DSA-3660-1 chromium-browser
-
https://crbug.com/634557
634557 - Security: Blob file entries aren't checked against security policy - chromium - MonorailPermissions Required
-
https://crbug.com/624214
624214 - Security: Address bar RTL character spoofing on iOS - chromium - MonorailPermissions Required
-
http://www.securityfocus.com/bid/92717
Google Chrome Prior to 53.0.2785.89 Multiple Security Vulnerabilities
-
https://crbug.com/642598
642598 - Tracking bug for internal fixes: Chrome M53, release 0 - chromium - MonorailIssue Tracking
-
https://crbug.com/634394
634394 - Security: UAF in PDFium's TimerProc() - chromium - MonorailPermissions Required
-
https://crbug.com/627418
Inloggen - Google AccountsPermissions Required
-
http://rhn.redhat.com/errata/RHSA-2016-1854.html
RHSA-2016:1854 - Security Advisory - Red Hat Customer Portal
-
http://www.securitytracker.com/id/1036729
Google Chrome Multiple Flaws Lets Remote Users Bypass Security Restrictions, Conduct Cross-Site Scripting Attacks, Spoof URLs, and Execute Arbitrary Code - SecurityTracker
-
https://crbug.com/619379
619379 - CharacterData::setData() should handle first-letter correctly - chromium - MonorailPermissions Required
-
https://crbug.com/627355
627355 - Crash in _platform_memmove$VARIANT$Nehalem - chromium - MonorailPermissions Required
-
https://crbug.com/633585
633585 - Crash in v8::internal::InnerPointerToCodeCache::GcSafeFindCodeForInnerPointer - chromium - MonorailPermissions Required
-
http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html
openSUSE-SU-2016:2349-1: moderate: Security update for operaThird Party Advisory
-
https://security.gentoo.org/glsa/201610-09
Chromium: Multiple vulnerabilities (GLSA 201610-09) — Gentoo security
-
https://crbug.com/625575
625575 - Security: bypassing CORS by XHR + MemoryCache + ServiceWorker - chromium - MonorailPermissions Required
-
https://crbug.com/624213
624213 - Security: Address bar RTL character spoofing on Mac - chromium - MonorailPermissions Required
-
https://crbug.com/617648
617648 - Heap-use-after-free in content::FilteringNetworkManager::Initialize - chromium - MonorailPermissions Required
-
https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html
Chrome Releases: Stable Channel Update for DesktopVendor Advisory
Jump to