CVE-2016-1635

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 49.0.2623.75 Opera versions prior to 49.0.2623.75

Description The issue is related to the handling of OnDocumentElementCreated in the extensions/renderer/render frame observer natives.cc file, which does not properly consider object lifetimes and re-entrancy issues. This allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. The vulnerability is also described as a use-after-free issue, which may be exploited by a remote attacker to disrupt service or have other unspecified effects.

Recommendations For Google Chrome versions prior to 49.0.2623.75, update to version 49.0.2623.75 or later to resolve the issue. For Opera versions prior to 49.0.2623.75, update to a version that includes the fix for this issue, as the exact version is not specified. At the moment, there is no information about additional mitigation measures for this vulnerability.