VDB

CVE-2016-7395

CVE-2016-7395 PUBLISHED

SkPath.cpp in Skia, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, does not properly validate the return values of ChopMonoAtY calls, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via crafted graphics data.

EPSS 0.63% · 70.7th percentile

Risk Scores

EPSS Score
0.63%
70.7th percentile

Affected Products

VendorProductVersions
Ubuntu:14.04:LTSchromium-browser29.0.1547.65-0ubuntu2, 33.0.1750.152-0ubuntu1~pkg995.1, 37.0.2062.120-0ubuntu0.14.04.1~pkg1049
Ubuntu:16.04:LTSchromium-browser52.0.2743.116-0ubuntu0.16.04.1.1250, 48.0.2564.116-0ubuntu1.1229, 0
Ubuntu:14.04:LTSoxide-qt1.9.1-0ubuntu0.14.04.2, 0, 1.0.0~bzr475-0ubuntu1
Ubuntu:16.04:LTSoxide-qt1.10.3-0ubuntu0.15.10.2, 1.10.3-0ubuntu0.15.10.1, 1.11.5-0ubuntu1
Ubuntu:16.04:LTSwine-gecko2.212.21-0ubuntu1, 0
Ubuntu:16.04:LTSandroid20160307-0742-0ubuntu3, *, 0

Timeline

  • Sep 11, 2016 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 3, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 2, 2023 EPSS Score
  • May 25, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›