CVE-2016-1650 | Vulnerability Database | Aqua Security

The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document.

Affected Software

Name	Vendor	Start Version	End Version
Opensuse	Opensuse	13.1 (including)	13.1 (including)
Red Hat Enterprise Linux 6 Supplementary	RedHat	chromium-browser-0:49.0.2623.108-1.el6	*
Chromium-browser	Ubuntu	devel	*
Chromium-browser	Ubuntu	precise	*
Chromium-browser	Ubuntu	trusty	*
Chromium-browser	Ubuntu	upstream	*
Chromium-browser	Ubuntu	wily	*
Chromium-browser	Ubuntu	xenial	*

References

http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html
http://rhn.redhat.com/errata/RHSA-2016-0525.html
http://www.debian.org/security/2016/dsa-3531
http://www.securitytracker.com/id/1035423
https://bugs.chromium.org/p/chromium/issues/detail?id=401364
https://code.google.com/p/chromium/issues/detail?id=597518
https://codereview.chromium.org/1761303003/
https://security.gentoo.org/glsa/201605-02

NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-1650
CWE	https://cwe.mitre.org/data/definitions/.html