The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2016-06-05T23:00:00
Updated: 2024-08-05T23:02:12.906Z
Reserved: 2016-01-12T00:00:00
Link: CVE-2016-1702
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-06-05T23:59:32.290
Modified: 2024-11-21T02:46:55.147
Link: CVE-2016-1702
Redhat