CVE-2016-5201

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 54.0.2840.100 for Linux Google Chrome versions prior to 54.0.2840.99 for Windows Google Chrome versions prior to 54.0.2840.98 for Mac Opera (affected versions not specified)

Description The issue is related to a lack of protection for internal data in the privateClass of the Google Chrome browser's extensions API. This can be exploited by a remote attacker using a specially crafted HTML page, potentially leading to a denial of service or other system impacts. The vulnerability allows access to privileged JavaScript code.

Recommendations For Google Chrome versions prior to 54.0.2840.100 for Linux, update to version 54.0.2840.100 or later. For Google Chrome versions prior to 54.0.2840.99 for Windows, update to version 54.0.2840.99 or later. For Google Chrome versions prior to 54.0.2840.98 for Mac, update to version 54.0.2840.98 or later. For Opera, at the moment, there is no information about a newer version that contains a fix for this vulnerability.