CVE-2016-1709

Published on: 07/23/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:04 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Certain versions of Chrome from Google contain the following vulnerability:

Heap-based buffer overflow in the ByteArray::Get method in data/byte_array.cc in Google sfntly before 2016-06-10, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SFNT font.

  • CVE-2016-1709 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 8.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 6.8 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
Merge pull request #56 from leizleiz/bytearray · googlei18n/[email protected] · GitHub github.com
text/html
URL Logo CONFIRM github.com/googlei18n/sfntly/commit/468cad540fa1b0027cad60456f53feabecdce2bc
Google Chrome Multiple Flaws Lets Remote Users Bypass Same-Origin Restrictions, Obtain Potentially Sensitive Information, Spoof URLs, and Execute Arbitrary Code - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1036428
[security-announce] openSUSE-SU-2016:1865-1: important: Security update lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2016:1865
Debian -- Security Information -- DSA-3637-1 chromium-browser www.debian.org
Depreciated Link
text/html
URL Logo DEBIAN DSA-3637
Google Chrome Prior to 52.0.2743.82 Multiple Security Vulnerabilities cve.report (archive)
text/html
URL Logo BID 92053
[security-announce] openSUSE-SU-2016:1869-1: important: Security update lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2016:1869
Add a bounds check to ByteArray::Get(). by leizleiz · Pull Request #56 · googlei18n/sfntly · GitHub github.com
text/html
URL Logo CONFIRM github.com/googlei18n/sfntly/pull/56
Chrome Releases: Stable Channel Update Vendor Advisory
googlechromereleases.blogspot.com
text/html
URL Logo CONFIRM googlechromereleases.blogspot.com/2016/07/stable-channel-update.html
Add a bounds check to ByteArray::Get(). · googlei18n/[email protected] · GitHub github.com
text/html
URL Logo CONFIRM github.com/googlei18n/sfntly/commit/c56b85408bab232efd7e650f0994272a174e3b92
[security-announce] openSUSE-SU-2016:1918-1: important: Security update lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2016:1918
[security-announce] openSUSE-SU-2016:1868-1: important: Security update lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2016:1868
614934 - chromium - An open-source project to help move the web forward. - Monorail Permissions Required
crbug.com
text/html
URL Logo CONFIRM crbug.com/614934
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:1485

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationGoogleChromeAllAllAllAll
ApplicationGoogleSfntly-AllAllAll
ApplicationGoogleSfntly-AllAllAll
  • cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:google:sfntly:-:*:*:*:*:*:*:*:
  • cpe:2.3:a:google:sfntly:-:*:*:*:*:*:*:*: