Vulnerability Description
V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | <= 54.0.2840.87 |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2016-2718.html
- http://www.securityfocus.com/bid/94196
- http://www.securitytracker.com/id/1037273
- https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_
- https://crbug.com/658114
- https://security.gentoo.org/glsa/201611-16
- http://rhn.redhat.com/errata/RHSA-2016-2718.html
- http://www.securityfocus.com/bid/94196
- http://www.securitytracker.com/id/1037273
- https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_
- https://crbug.com/658114
- https://security.gentoo.org/glsa/201611-16
FAQ
What is CVE-2016-5200?
CVE-2016-5200 is a vulnerability with a CVSS score of 8.8 (HIGH). V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attack...
How severe is CVE-2016-5200?
CVE-2016-5200 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-5200?
Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome.