VDB

CVE-2016-7549

CVE-2016-7549 PUBLISHED

Google Chrome before 53.0.2785.113 does not ensure that the recipient of a certain IPC message is a valid RenderFrame or RenderWidget, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) or possibly have unspecified other impact by leveraging access to a renderer process, related to render_frame_host_impl.cc and render_widget_host_impl.cc, as demonstrated by a Password Manager message.

EPSS 0.86% · 75.5th percentile

Risk Scores

EPSS Score
0.86%
75.5th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSchromium-browser50.0.2661.102-0ubuntu0.16.04.1.1237, 51.0.2704.79-0ubuntu0.16.04.1.1242, 52.0.2743.116-0ubuntu0.16.04.1.1250
Ubuntu:14.04:LTSchromium-browser52.0.2743.116-0ubuntu0.14.04.1.1134, 51.0.2704.79-0ubuntu0.14.04.1.1121, 50.0.2661.102-0ubuntu0.14.04.1.1117
Ubuntu:14.04:LTSoxide-qt1.12.7-0ubuntu0.14.04.1, 0, 1.0.0~bzr475-0ubuntu1
Ubuntu:16.04:LTSoxide-qt0, 1.9.5-0ubuntu1, 1.14.7-0ubuntu1

Timeline

  • Sep 25, 2016 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 3, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score
  • Apr 2, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jul 16, 2023 EPSS Score
  • Sep 7, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›