The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2016-07-23T19:00:00
Updated: 2024-08-05T23:02:13.303Z
Reserved: 2016-01-12T00:00:00
Link: CVE-2016-1708
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-07-23T19:59:03.967
Modified: 2023-11-07T02:30:47.767
Link: CVE-2016-1708
Redhat