Описание
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 51.0.2704.79-0ubuntu2~cm1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [51.0.2704.79-0ubuntu0.14.04.1.1121]] |
| precise | ignored | |
| trusty | released | 51.0.2704.79-0ubuntu0.14.04.1.1121 |
| trusty/esm | DNE | trusty was released [51.0.2704.79-0ubuntu0.14.04.1.1121] |
| upstream | released | 51.0.2704.79 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | ignored | end of life |
| xenial | released | 51.0.2704.79-0ubuntu0.16.04.1.1242 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| esm-infra/xenial | not-affected | |
| precise | DNE | |
| trusty | not-affected | |
| trusty/esm | DNE | trusty was not-affected |
| upstream | not-affected | |
| vivid/stable-phone-overlay | not-affected | |
| vivid/ubuntu-core | DNE | |
| wily | not-affected |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690.
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690.
The Autofill implementation in Google Chrome before 51.0.2704.79 misha ...
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690.
Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3