PT-2016-3051 · Google+5 · Google Chrome+5

Publicado

2016-11-09

·

Atualizado

2025-09-29

·

CVE-2016-5200

CVSS v3.1

8.8

Alta

VetorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 54.0.2840.98 for Mac Google Chrome versions prior to 54.0.2840.99 for Windows Google Chrome versions prior to 54.0.2840.100 for Linux Google Chrome versions prior to 55.0.2883.84 for Android
Description The issue is caused by incorrect application of type rules in the V8 component of Google Chrome, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. This can lead to a denial of service. The vulnerability can be exploited by a remote attacker using a specially crafted HTML page, potentially causing heap corruption.
Recommendations For Google Chrome versions prior to 54.0.2840.98 for Mac, update to version 54.0.2840.98 or later. For Google Chrome versions prior to 54.0.2840.99 for Windows, update to version 54.0.2840.99 or later. For Google Chrome versions prior to 54.0.2840.100 for Linux, update to version 54.0.2840.100 or later. For Google Chrome versions prior to 55.0.2883.84 for Android, update to version 55.0.2883.84 or later.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALSA-2025_16880
ALT-PU-2016-2425
BDU:2017-00150
CVE-2016-5200
DSA-3731-1
MGASA-2016-0403
OPENSUSE-SU-2016_2793-1
OPENSUSE-SU-2024:10171-1
OPENSUSE-SU-2024:12948-1
RHSA-2016:2718
RHSA-2016_2718
USN-3133-1

Produtos afetados

Alt Linux
Google Chrome
Opera
Red Hat
Suse
Ubuntu