CVE-2016-1698

2016-06-05T23:59:00
ID CVE-2016-1698
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:27:00

Description

The createCustomType function in extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.79 does not validate module types, which might allow attackers to load arbitrary modules or obtain sensitive information by leveraging a poisoned definition.