Use-after-free vulnerability in Google Chrome before 49.0.2623.75 in extensions/renderer/render_frame_observer_natives.cc

Use-after-free vulnerability in Google Chrome before 49.0.2623.75 in extensions/renderer/render_frame_observer_natives.cc

CVE-2016-1635 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.

Learn more about our Cis Benchmark Audit For Google Chrome.