Ubuntu.comUB:CVE-2016-5202CVE-2016-5202
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.8%
browser/extensions/api/dial/dial_registry.cc in Google Chrome before
54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before
54.0.2840.100 on Linux neglects to copy a device ID before an erase() call,
which causes the erase operation to access data that that erase operation
will destroy.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 14.04 | noarch | chromium-browser | < 58.0.3029.81-0ubuntu0.14.04.1172 | UNKNOWN |
| ubuntu | 16.04 | noarch | chromium-browser | < 55.0.2883.87-0ubuntu0.16.04.1263 | UNKNOWN |
| ubuntu | 16.10 | noarch | chromium-browser | < 55.0.2883.87-0ubuntu0.16.10.1328 | UNKNOWN |
| ubuntu | 17.04 | noarch | chromium-browser | < 55.0.2883.87-0ubuntu1 | UNKNOWN |
| ubuntu | 14.04 | noarch | oxide-qt | < 1.18.5-0ubuntu0.14.04.1 | UNKNOWN |
| ubuntu | 16.04 | noarch | oxide-qt | < 1.18.5-0ubuntu0.16.04.1 | UNKNOWN |
| ubuntu | 16.10 | noarch | oxide-qt | < 1.18.5-0ubuntu0.16.10.1 | UNKNOWN |
| ubuntu | 17.04 | noarch | oxide-qt | < 1.19.6-0ubuntu2 | UNKNOWN |
Related
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.8%