Use-after-free vulnerability in Google Chrome's Autofill implementation

Use-after-free vulnerability in Google Chrome's Autofill implementation

CVE-2016-1690 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1701.

Learn more about our Cis Benchmark Audit For Google Chrome.