CVE-2016-5183

🗓️ 18 Dec 2016 03:34:00Reported by ChromeType

A heap use after free in PDFium in Google Chrome allowing remote attacker to exploit heap corruption via crafted PDF file

Reporter	Title	Published	Views	Family All 64
FreeBSD	chromium -- multiple vulnerabilities	12 Oct 201600:00	–	freebsd
ArchLinux	[ASA-201610-15] chromium: multiple issues	23 Oct 201600:00	–	archlinux
ArchLinux	[ASA-201702-2] qt5-webengine: multiple issues	2 Feb 201700:00	–	archlinux
CNVD	Google Chrome PDFium memory misreference vulnerability (CNVD-2016-10154)	18 Oct 201600:00	–	cnvd
CVE	CVE-2016-5183	18 Dec 201603:34	–	cve
Debian	[SECURITY] [DSA 3731-1] chromium-browser security update	11 Dec 201620:59	–	debian
Debian	[SECURITY] [DSA 3731-1] chromium-browser security update	11 Dec 201620:59	–	debian
Debian CVE	CVE-2016-5183	18 Dec 201603:34	–	debiancve
Tenable Nessus	Debian DSA-3731-1 : chromium-browser - security update	12 Dec 201600:00	–	nessus
Tenable Nessus	Fedora 23 : chromium (2016-012de4c97e)	21 Nov 201600:00	–	nessus

[
  {
    "product": "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android"
      }
    ]
  }
]

Source	Link
crbug	www.crbug.com/645122
rhn	www.rhn.redhat.com/errata/RHSA-2016-2067.html
codereview	www.codereview.chromium.org/2338893002
security	www.security.gentoo.org/glsa/201610-09
chromereleases	www.chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html
securityfocus	www.securityfocus.com/bid/93528

04 Jan 2018 19:57Current

9.1High risk

Vulners AI Score9.1

EPSS0.00858