extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2016-03-06T02:00:00
Updated: 2024-08-05T23:02:12.423Z
Reserved: 2016-01-12T00:00:00
Link: CVE-2016-1635
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-03-06T02:59:06.367
Modified: 2023-11-07T02:30:15.040
Link: CVE-2016-1635
Redhat