CVE-2016-7395 in Chromeinfo

Summary

SkPath.cpp in Skia, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, does not properly validate the return values of ChopMonoAtY calls, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via crafted graphics data.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

09/09/2016

Disclosure

09/11/2016

Moderation

VulDB entry created

Entries

1: VDB-91504

CPE

ready

CWE

CWE-19 (Confirmed)

CVSS

8.8

EPSS

0.00629

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7395
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7395
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7395/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!