383
VMScore

CVE-2016-1614

Published: 25/01/2016 Updated: 07/12/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome prior to 48.0.2564.82, mishandles the initialization mode, which allows remote malicious users to obtain sensitive information from process memory via a crafted web site.

Affected Products

Vendor Product Versions
GoogleChrome47.0.2526.106

Vendor Advisories

The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurfacecpp in Blink, as used in Google Chrome before 480256482, mishandles the initialization mode, which allows remote attackers to obtain sensitive information from process memory via a crafted web site ...
Several security issues were fixed in Oxide ...
Several vulnerabilities were discovered in the chromium web browser CVE-2015-6792 An issue was found in the handling of MIDI files CVE-2016-1612 cloudfuzzer discovered a logic error related to receiver compatibility in the v8 javascript library CVE-2016-1613 A use-after-free issue was discovered in the pdfium library CVE-2016-1 ...